This is Why We Encrypt Our Communications and Data

Encryption helps protects our communications and data from prying eyes. It will protect the data when it’s sitting on our own computers and when it’s in a data center. It will protect it when it’s being transmitted around the Internet to friends, family, and anyone else who you want to see your message. It protects our privacy and anonymity. And sometimes, it  also will protect our lives.

This protection is important for everyone and should be a human right. It’s pretty easy to see how encryption protects journalists, human rights defenders, and political activists in authoritarian countries. Yet encryption protects the rest of us as well. It will protect our data from hackers and criminals.

Encryption works best if it’s automatic. The two forms of encryption you use most often — https://  in our address bars, and the connection between your cellphone and the cell tower for your cellphone calls — work so well because you don’t even know they’re there.

Encryption should be enabled for everything by default, not a feature you turn on only if you’re doing something you consider worth protecting.

This is important. If we only use encryption when we’re working with important data, then encryption signals that data’s importance. If only dissidents use encryption in a country, that country’s authorities have an easy way of identifying them. But if everyone uses it all of the time, encryption ceases to be a signal. No one can distinguish simple chatting from deeply private conversation. The government can’t tell the dissidents from the rest of the population. Every time you use encryption, you’re protecting someone who needs to use it to stay alive.

It’s important to remember that encryption doesn’t magically convey security. There are many ways to get encryption wrong, and we regularly see them in the headlines. Encryption doesn’t protect your computer or phone from being hacked, and it can’t protect metadata, such as e-mail addresses that need to be unencrypted so your mail can be delivered.

But encryption is the most important privacy-preserving technology we have to date. One that is uniquely suited to protect against bulk surveillance — the kind done by governments looking to control their populations and criminals looking for vulnerable victims. By forcing both to force them target their attacks against individuals, we protect society.

We are seeing strong government pushback against encryption everyday in the news. Many countries, from  China and Russia to more democratic governments like the United States and the United Kingdom, are either talking about or slowly implementing policies that limiting strong encryption algorithms. This is highly dangerous, because it’s technically impossible, and these attempts will cause incredible damage to the security of the Internet.

There are two morals to all of this. One, we should strongly push companies to offer encryption to everyone without exception, by default. And two, we should never give in to the demands from governments to weaken encryption. Any weakening, even in the name of legitimate law enforcement, puts all of us at risk. Even though criminals benefit from strong encryption, we’re overall much more secure when we all have strong encryption.

Advertisements


Categories: Programming, Security

Tags: , , ,

2 replies

  1. Awesome post,

    I just wanted to point out almost all cell/mobile conversations are protected by a 64 bit encryption method if you are 3G and above, although some 2G signals are protected most are not, but this is not done for anything more then to preserve the conversation quality..

    With regards to the httpS:// standards you will not normally be advised of this and can assume most SSL certificates are roughly these days set at a minimum of 256bit..

    It can get a little complicated when they start throwing differing algorithms at you like AES, RSA, DSA?, ECC or root numbers like 2048/256 but you need not worry much even the weakest of 256bit keys are very hard to crack at home with lone computers or even an array of rack machines in time, on-the-fly..

    One thing is for sure though, the more governments try to hinder encryption designs and strengths the slower the encryption will progress as well because a hell of allot of encryption methods are designed within the private sector, we should all use it and not because everyone is paranoid for using it but think of it this way.. You loose your unencrypted smartphone and not being a smartpants and encrypting it in the first place allows the finder or thief to have a browse at them naked images you took of your lovely partner and share them with said mates too..

    But honestly encryption on any level itself is not a guarantee in itself, it’s the password characters you yourself choose in some cases, so do some reading about password security, it pays off in the end.. Trust me..

    *Awesome post mate, keep them coming 😀

    Like

Trackbacks

  1. This is Why We Encrypt Our Communications and Data – sec.uno
%d bloggers like this: