Back Door Worse Than No Door
By Philippe Gastonne - May 25, 2015

A collection of tech industry giants like Facebook, Google, Apple and Microsoft, as well as civil liberties organizations and Internet security experts, sent a letter to President Obama on Tuesday warning of the unintended consequences of any policy meant to weaken the encryption technologies that protect Internet communications.

The White House has been weighing whether to mandate that companies use only forms of encryption that provide law enforcement with the means for unscrambled access — a so-called back door.

Critics in the technology industry are concerned that a back door for law enforcement in the United States would be a back door for everyone, including other governments and hackers. One Yahoo executive likened the proposal to "drilling a hole in the windshield." – New York Times, May 19, 2015

Tech industry giants say they are alarmed the federal government would demand back-door access to the encryption built into their products. Are they crying crocodile tears? Maybe, but the point is still a good one.

Imagine if, instead of memory chips, we were talking about your home's back door. It most likely contains a lock. Your family members have keys. They can come and go freely while others cannot. This is how locks should work.

The FBI says it can't do its job unless it has unimpeded access to your house, so it asks you to give it a spare key. The FBI further promises it will only use the key to enter your home in emergencies. Would you give it to them?

Of course not. You would say "No" and add a few expletives. The FBI has no business entering your home in the first place, and you certainly have no obligation to make the intrusions easier for them.

Were the FBI to suggest such a policy on a national scale, even the lulled-to-complacency masses would probably gripe enough to kill the idea. It is such an obvious overreach. Yet FBI Director James Comey is asking for the electronic equivalent – and few are paying attention.

Suppose – only for the sake of argument – that we could be 100% sure the FBI would not abuse this power. You are sure they won't use their key enter your home unless it is clearly necessary. Does that make it a good idea?

No, it doesn't, because they might lose the key. Once that extra key exists and leaves your control, someone with evil intent might acquire it.

But we can trust the government to protect the key, right?

Again, the answer is no. This very same government gave Edward Snowden access to untold terabytes of super top-secret data, and let him fly to Hong Kong with it. They obviously cannot protect even their own secrets, so there is no reason to trust them with yours.

This is the technology industry's point. You cannot intentionally build a weakness into a system. Someone will always attack the weak spot. Eventually they "find the key" and walk right in.

Some experts think the NSA has already broken most commercial encryption methods and the entire argument is moot. That may be so, but surrendering what little security we have is not the answer. They may get in anyway – but we need not make it easy.