In the unlikely event you care, be aware that I have just installed a new digital certificate for discourse.net:
If your browser popped up a warning about the site’s cert changing, this is the reason. If it didn’t, well that just shows you how far we have to go in getting security to work well online.
The cert is issued by Let’s Encrypt, and replaces one I had to pay for.
Building Privacy into the Infrastructure: Towards a New Identity Management Architecture comes to what I fear some of my friends in the privacy community will find to be an unacceptable conclusion.
I’ll be presenting it at the Privacy Law Scholars Conference in Washington next week. Hopefully, since many attendees are in fact friends, they won’t bring brickbats.
A guy is selling a T TSD 3600 Pair Clipper Chip Version New in Box Unused on E-Bay.
I have a birthday coming up, but the asking price is $250, which is just a bit too expensive. And I imagine the price will go up. Plus it sounds like they’d be hard to use, too.
Spotted via Scheier.
(Why do I care? The Metaphor is the Key: Cryptography, the Clipper Chip and the Constitution, 143 U. Penn. L. Rev. 709 (1995) and It Came From Planet Clipper, 1996 U. Chi. L. Forum 15.)
A brief history of the surveillance debate:
2012: "Mass surveillance is fine — if it wasn’t, you’d see major corporations trying to court new business by building in crypto tools that kept out the surveillance agencies. The fact that they’re not doing this tells you that surveillance opponents are an out-of-touch, paranoid minority."
2016: "Mass surveillance is necessary — when companies use crypto tools as ‘marketing ploys,’ they’re getting in the way of something we all agree is proportionate and legitimate!"
The government’s attempt to get Apple to build a bespoke operating system so they can brute force access to an iPhone without it erasing its data has led the media to some of us who were in the first round of the crypto wars. Today was my turn. A few seconds on CBS in the Morning, ink in a nice explainer by Steve Lohr in the New York Times. I also spoke to the LA Times and the Wall St. Journal, but I haven’t seen what if anything they made of it.
I presume they found me because I wrote the first US legal article on law and encryption: The Metaphor is the Key: Cryptography, the Clipper Chip and the Constitution. There’s also a shorter sequel that some find easier to read, It Came From Planet Clipper.
The Apple case potentially raises at least these major legal issues:
- To what extent the government can use the All Writs Act to compel people unrelated to a case to provide unwilling technical support–here, Apple says, 12-40 man-weeks of expert engineering–to the government’s efforts to disable a security system in order to effectuate a search warrant or similar court order;
- Whether ordering a firm to write code (here, a bespoke phone OS), is a form of compelled speech violating the First Amendment
- Whether ordering a firm to digitally sign that code (or anything else) is an impermissible form of compelled speech
- Whether if a court can issue this order requiring assistance to disable a security system without violating the Constitutions, it follows that Congress could also legislate to forbid people from building strong security systems that the government cannot break into unassisted — and, most critically, whether that would mean the government could forbid the deployment of strong cryptographic tools without back doors. (This last issue was the main subject of the two articles I linked to above. It’s not a simple question.)
Although the Apple issue likely will be decided on non-constitutional grounds, the parties are making a record on the constitutional issues with an eye to a set of appeals that could go as far as the Supreme Court. The issues are important and interesting, so the media is right to treat this as a big deal.