Ricochet is the best place on the internet to discuss the issues of the day, either through commenting on posts or writing your own for our active and dynamic community in a fully moderated environment. In addition, the Ricochet Audio Network offers over 50 original podcasts with new episodes released every day.
Cyber-security or Counterterrorism: The Dilemma Jeb Doesn’t Grasp
In last night’s debate, Neil Cavuto asked Jeb Bush about intelligence against ISIS:
CAVUTO: The FBI says Islamic radicals are using social media to communicate and that it needs better access to communication. Now the CEO of Apple, Governor, Tim Cook said unless served with a warrant private communication is private, period. Do you agree, or would you try to convince him otherwise?
After a while, Bush answered:
BUSH: The problem today is there’s no confidence in Washington, D.C. There needs to be more than one meeting, there needs to complete dialogue with the large technology companies. They understand that there’s a national security risk. We ought to give them a little bit of a liability release so that they share data amongst themselves and share data with the federal government, they’re not fearful of a lawsuit.
We need to make sure that we keep the country safe. This is the first priority. The cybersecurity challenges that we face, this administration failed us completely, completely. Not just the hacking of OPM, but that is — that is just shameful. 23 million files in the hands of the Chinese? So it’s not just the government — the private sector companies, it’s also our own government that needs to raise the level of our game.
We should put the NSA in charge of the civilian side of this as well. That expertise needs to spread all across the government and there needs to be much more cooperation with our private sector.CAVUTO: But if Tim Cook is telling you “No, Mr. President.”
BUSH: You’ve got to keep asking. You’ve got to keep asking because this is a hugely important issue. If you can encrypt messages, ISIS can, over these platforms, and we have no ability to have a cooperative relationship —
CAVUTO: Do you ask or do you order?
BUSH: Well, if the law would change, yeah. But I think there has to be recognition that if we — if we are too punitive, then you’ll go to other — other technology companies outside the United States. And what we want to do is to control this.
Missing from this answer — or one you might expect from Gov. Chrisite or Sen. Rubio — is any appreciation of the inherent conflict between technology companies providing the government with easy access to their systems and making that infrastructure more vulnerable to hacking. After all, any door big enough to let in the good guys is also big enough to let in the bad ones.
Terrorism and hacking are both serious threats. As Bush noted, the Office of Personnel Management was hacked, very likely by the Chinese government, and more than 21 million records were compromised (including my own). And while it’s — so far — turned out to be more funny than serious, North Korea’s successful hack of Sony should be downright unnerving. God only knows what will happen when things get nasty again and as the Chinese get richer.
The good news is that the choice needn’t be between fighting terrorism and protecting our data. There aren’t a lot of alternatives to encryption from a data security standpoint, but there are lots of ways to fight terrorism: back-door entrance to networks is one method, but so is human intelligence, hacking their systems, monitoring their social media, surveilling those like Nidal Hasan and Tamerlan Tsarnaev who set off red flags, and destroying and humiliating groups like ISIS and al Qaeda.
Those aren’t easy alternatives, and there would likely be costs to cordoning off a potentially powerful source of intelligence. But the costs run both ways.
Published in Domestic Policy, Foreign Policy
A different way. If the feds show up with the proper legal documents, the company itself will make the information available to the feds without revealing its secrets, including any proprietary methods for encoding information which might leave that company vulnerable to hacking.
At that point both national security and company proprietary information are protected.
Yah the whole encryption debate is infuriating. I should check to see what Marco thinks on this because Bushes idea that we need less encryption is stupid and far more dangerous than what ISIS can do. Encryption is what gives everyone the confidence to engage in online retail and activity. Take that away its like the Treasury deciding to print new money on an HP printer to save some bucks.
Depending on the form of encryption, the company may not have that power.
OPM gave Chinese contractors root access. Some intelligence agency gave contractor-employee Snowden enough access that he was very valuable to the Russians. The collective intelligence agencies, meanwhile, failed to notice the San Bernardino shooters plotting jihad on Facebook.
And we’re supposed to believe that it’s encryption that’s the problem? How about achieving competence with the powers government already has before asking for more intrusive ones?
Much the same could be said about the Tsarnaevs and Hasan.
Yeah, I didn’t even know what to do with that quote.
Once the right documents are provided by the feds, the company will be forced to comply. If it is able to avoid giving its encryption to the government, so much the better. If it is not, one might suggest a new encryption might be desirable because it is a sure thing that the federal government won’t be able to protect the old encryption.
Much better said than anything I could have done.
I was actually thinking of asking you if you knew of anything inexpensive someone conscious-but-not-quite-paranoid might use. Now, I don’t have to. :)
As somewhat of an expert, I remain incredulous that the government even understands the threat we are facing. The idea that they should be put in charge of fighting that threat on behalf of American citizens and companies is just silly.
If they want to do something great to fight cyber-terrorism, then eliminate the taxation and regulation that causes manufacturing companies to do business in China. That is not the only component to this threat, but it is a large one.
You know, Democrats consistently demonstrate that they can’t speak intelligently about firearms, a late 19th century technology. Without making excuses, I suppose we shouldn’t be too surprised that Republicans can’t do better regarding a late 20th century tech.
Regardless, deplorable.
It’s both understandable that average people don’t understand how end-to-end encryption works and unconscionable that politicians enact legislation without rudimentary understanding. They also can’t trust the head of the FBI to say in effect, “no, companies just aren’t trying hard enough. They can give only government a back door.”
One thing I can’t get behind is undermining encryption with a backdoor. How naive must you be to believe that that backdoor won’t be abused time and again? If that ever comes to fruition, which there are plenty of GOP candidates willing to make it happen, we might as well remove “online privacy” from our vocabularies. It will be disastrous. I do not trust the feds to get this right.