Dan Kaminsky, one of the Internet's essential squad of "volunteer fire fighters" who oversaw the largest-ever synchronized vulnerability patching in Internet history, has written a stirring editorial for Wired explaining what the FBI puts at risk when it demands weaker encryption: it's not our privacy, it's the security of finance, health care, roads, and every other piece of tech-enabled infrastructure in the land.
Instead of fighting to make crypto stop working, the FBI should be fighting to make it as good as possible. They should be establishing a "Cyber UL" that helps Americans figure out whether the products, devices and services they use are secure. They should be fighting fires, in other words, instead of setting them.
Our technology companies, literally the most valuable in the world, have made dramatic strides toward building devices that cannot be hacked. If your iPhone is stolen, it is unlikely that the thief will be apprehended. But he will access no emails, view no photos, take no money, steal no secrets—not from you, not from your employer. There will be no breach to report, no loss to incur, no job to lose. You were protected from risk, and nothing was asked of you but a passcode or thumbprint.
Strong cybersecurity delivers the digital world that does not burn.
Instead of helping put out fires, though, the FBI is “concerned.” A world where not everything can be hacked is a world where it can’t necessarily hack everything. And so, in a case where the FBI has enjoyed almost complete cooperation with Apple, it is demanding more: The engineering authority to require a “backdoor,” making the extraction of data from any device trivial, and setting the dangerous precedent that the government can turn any or all of the technology in our lives against us.
The Feds Have Let the Cyber World Burn. Let’s Put the Fire Out {Dan Kaminsky/Wired]
(Image: House Fire, Ada Be, CC-BY)