The Fog of Cryptowar (1/4)(ShadowLife/Anarplex Mirror) Shane Radliff January 8, 2018 3094 Editor’s Note: After watching an interview with Smuggler, the author of the book, Second Realm: Book on Strategy, I heard of a clearnet website ran by him and other Second Realmers (?) called, Shadow Life. Immediately, the title of one of the extensive blog posts caught my attention: The Fog of CryptoWar. As someone who is deeply interested in the freedom prospects of crypto-anarchism, as well as in building the Second Realm, I sat down and read the ENTIRE thing in one sitting–it comes out to 29 pages in Microsoft Word and about 12,000 words, and oh my, was it absolutely terrific. Due to its sheer importance, I have decided to mirror the entire article here on Liberty Under Attack. Since it is a long one, I will divide it up into different pages–at the bottom of each you’ll see something along the lines of, “Previous Page | Next Page” to navigate between them. For freedom pioneers from any ideological flavor, I highly recommend taking some time to dig into this blog post. I believe it will bring a lot of clarity to the encryption debate happening in the statist-servile society, and how it influences us as vonuans/agorists/anarchists. Please enjoy. -Shane The Fog of Cryptowar – Why it’s not about crypto regulation. Over the last two years, politicians in the USA, UK and elsewhere have been threatening the regulation of strong cryptography. But the experts and journalists who have expressed concern over this have done so in ways that we consider misleading. In this document we will recap the motives and strategies of the people who wish to regulate cryptography, the responses by its defenders and the battle over public opinion. We will conclude that the picture painted in media is misleading (as are those of experts and activists) and would lead us to resist a straw man while missing the issues of substance. Governments move towards the regulation of the use of cryptography. Since the San Bernadino terror attacks in December 2015 and the debates about decrypting the attacker’s iPhone that followed it, numerous statements by politicians and law enforcement officials have reignited the fears about another “Crypto War” in which governments would use regulation to undermine the implementation and use of cryptography. President Obama (USA) was quoted saying: “I will urge high-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice.”, similarly Prime Minister Cameron (UK) said that law enforcement must “…ensure that terrorists do not have a safe space in which to communicate… We must … ensure that, in every case, we are able, in extremis and on the signature of a warrant, to get to the bottom of what is going on.” Last but not least the UK Home Secretary Umber Rudd stated that “End-2-End encryption is completely unacceptable.” It is thus not surprising, that journalists and experts on encryption were reminded of the first “Crypto War,” which was waged in the US in the 1990s when the government tried to suppress the development and export of strong cryptography products, and establish a key escrow mechanism for communication (the “Clipper Chip”). Following the playbook of the 90s, journalists, experts and activists were quick to respond with the same arguments against crypto regulation then were used before, culminating in Bruce Schneier being widely quoted with saying that a “Ban on strong encryption threatens to destroy the Internet.” Such responses, however, especially when fueled by shallow media reporting and social media, may not be the right response when it comes to shaping public opinion, and may entirely miss the bigger picture. Politics as Negotiation. Before entering the debate it is crucial to understand how politics, media and public opinion interact, and how communication strategies are employed by politicians to win their argument. A common misunderstanding, especially when technologists interact with those making public policy, is that legislation should be built on objective facts that can be conclusively agreed upon. This “engineering view” misses the reality of politics. Most public policy only has to stand trial in the court of public opinion and support by interest groups, not be defended in the realm of science – nor is legislation confined to the technicalities of its field, but is evaluated in a much broader context. When talking about politics, and specifically government action, it’s important to remember that governments and their administration are not monolithic entities. They consist of groups with varied interests. The positions of the ministry of the treasury and the ministry of the interior may not align, and the demands of law enforcement agencies are often opposed to the evaluations of intelligence agencies. Only when these interests align can effective action can be taken. Politics has to deal with trade-offs and must convince the public, interest groups and media that their legislation is better suited to achieve the stated goals than competing suggestions. Dealing with trade-offs means that decisions are never perfect in the sense that any interest will be fully satisfied. Instead, one tries to discover a solution that harms the various competing opinions the least. In this sense politics is utilitarian. The trade-offs depend on value judgments that are informed by the ethical and economic perceptions of the day. This makes politics inherently fluid, not dogmatic. The decisive factors on which legislation can be enacted are the endorsement by relevant interest groups and the concession of public opinion. Politics thus has to signal its support to those interest groups while at the same time shape public opinion through debate. This means that political actors must be strategic communicators, not primarily communicators of facts. This results in a perspective that politics is really something like a tug of war with many ropes at once – with the public standing in the middle. The opposing parties now compete over the support of the public and those interest groups that are necessary for any legislative action. Good arguments sway people to support one’s side, while bad arguments leads to loss of allies from the public. Part of this competition is to pull the correct rope. Most politicians know how to play this game. They might not be experts in any field themselves, but they must have the ability to select experts that can inform their position, and be able to network support while not leaving the big picture out of their view. From that position they enter into the debate. Since politics is about strategic communication, proponents of one side often take an extreme position so that the resulting compromise is as far in their field as possible, or they present straw men to keep their opponent from interacting with the core issues of the debate. We believe that both tactics may be a fundamental part of the debate about crypto regulation, otherwise the debate would have been over two decades ago. Furthermore the debate has been almost confined to the topic of cryptography while the problem stated by politics and interest groups like law enforcement spawns a much wider field. It is this strategic communication that tempts some pro-crypto activists to repeate oversimplified arguments. We will address some of those arguments and the technical aspects of regulation in this field. Bad arguments. The reason for this (shallow) treatment of politic realities is that in the days of social media shallow arguments aren’t recognized by many participants in debates. The journalists, engineers, programmers and cryptographers in the debate tend to take positions that in the context of a realistic view on politics fail to be relevant. Three lines of argument are especially noteworthy: “It is impossible to regulate cryptography.” or “Banning cryptography is like banning math.” This argument misses the point in confusing the knowledge about cryptography with the wide-spread use of cryptography – or more specifically the use of cryptography to protect confidentiality. While it would be beyond the reach of governments to remove the knowledge about cryptography from the public sphere, it is certainly not impossible to threaten those that employ “illegal” cryptography with sanction. This is exactly what happens with most regulation: Speed limits do not prevent the thought about driving fast, instead they address actually driving fast. It is behavior that is regulated, not thought. So, similar arguments about the futility of regulation or the impossibility of enforcement aim a bit too high. Regulation does not require perfect adherence. Often it is enough if some people adhere to the specific law, and others can be punished in case of being caught. Again, speed limits are not perfectly enforceable, but they limit the number of drivers that drive recklessly, and it allows taking action against some drivers and thus nudging other drivers into compliance. “Without cryptography, modern e-commerce is impossible, and the Internet would break.” Again, this argument misses the point. It confuses the whole field of cryptography with the specific uses for authentication and integrity protection. It is certain that the lack of authentication and integrity protection would destroy e-commerce, and make it impossible to operate the Internet as we know it securely. However, the position of crypto-regulators is to undermine the use of cryptography for the purpose of confidentiality. Granted, in today’s technology we rely on confidentiality for authentication and integrity, we transmit passwords and credit card information, which would become very risky without the use of traffic encryption. However, nothing but convenience actually forces us to use passwords or credit-cards, since other means of authentication and integrity protection exist that do not rely on confidentiality. Deploying these methods is possible, though it would incur substantial investments and many opportunities of error. “Any form of regulation makes cryptography insecure.” This claim is a good example for not appreciating that any regulation exists in a much wider context. Of course regulation will make cryptography less secure than it could be. But since security is a gradient, public opinion and politics might be willing to accept less security to accomplish some other goal. Only few proposals for cryptographic regulation are so fundamentally flawed – or so specifically worded – that they would undermine all security benefits of cryptography. For now it is sufficient to recognize that these arguments have something in common – they all make absolute claims. Too much of the pro-cryptography activism centers around painting a black-and-white picture that is simply inapplicable to public policy debates unless one deals with the content of social ethics directly. Crypto regulation is not part of social ethics yet, and maybe there lies a hint that it should be. But in that case, the debate must be fundamentally re-framed. What these absolute claims also hint at is a mode of thinking that is common in the information technology sector. Computer scientists, and a lot of the pro-crypto activists are – or are informed by – computer scientists, seem to have a tendency to express binary thinking that demands perfection or surrender when it comes to problem solution. In combination with a lack of understanding how politics actually operates, this too often results in arguments that can be undercut because of their absolutist claims, failure of stating the problem, or that are simply paternalistic. One thus often finds variations of above arguments combined with comments like “We should take measures to improve tech-literacy amongst the authorities” (Awn Umar) or “My impression was that primarily she doesn’t know what she is talking about” (Paul Bernal, speaking about Teresa May, UK PM). The risk of this form of engagement is that the pro-crypto position could be easily marginalized, or kept occupied with a narrow aspect of the debate that is not the main thrust of novel regulation. While we are very sympathetic to the position of defending the right to cryptography without reservation, it is our intend to warn fellow pro-crypto activists from appearing snug or disconnected from the public at large. This debate is not about convincing high-IQ people like yourself that are specialized in some field of computer science, mathematics or engineering. It is about dealing with a wide variety of people with very different backgrounds and an awareness for the necessity of trade-offs. Bad arguments, over-simplifications, apocalyptic visions and technocratic demeanor might get citations in press, but they fall in deaf ears in politics, law enforcement and regulatory bodies. Instead, it is necessary to engage with the opposing party, understand their position, their options, and their possible agenda. NEXT PAGE Leave a Reply Cancel ReplyYour email address will not be published.CommentName Email Website Notify me of follow-up comments by email. Notify me of new posts by email.