Encryption. What is it, and why is it a big deal?

“There was no way his imagination could feel the impact of the whole Earth having gone, it was too big. He prodded his feelings by thinking that his parent and his sister had gone. No reaction. He thought of all the people he had been close to. No reaction…
He tried again: America, he thought, has gone. He couldn’t grasp it, He decided to start smaller again. New York has gone. No reaction. He’d never seriously believed it existed anyway. The dollar, he thought, has sunk for ever. Slight tremor there. Every “Bogart” movie has been wiped, he said to himself, and that gave him a nasty knock. McDonald’s, he thought. There is no longer any such thing as a McDonald’s hamburger.

He passed out.

Douglas Adams

In a world where everything can get a little bit crazy sometimes, it’s easy to lose track of what’s important, or at the very least, the things that we should pay attention to on an international scale. 

Other times, it may feel impossible to grasp certain things that can have such widespread implications. At a certain point, we just…shut down. 

For the things that have organizations and charitable research foundations constantly promoting their take on this topic or the other, it feels just slightly easier to get a hang on. While our topic today may in fact have support and publicity – it lacks a widespread comprehension, outside of the nerd community. 

Let’s clear that up:

Encryption. It’s a big deal.

Magic Locks

To begin, make believe with me, and pretend Mr. Rogers is here to tell us a story:
One day, when houses were new, all the carpenters decided what was in the houses was important enough that they needed locks. So they built locks into all their houses. Those locks were broken into, so they learned to make better ones, and the government told the people,

“Yeah! These new locks are great! We’ll call them ‘magic locks’, and everyone will be safe.”

The carpenters, and all the people, were happy and felt safe. Even the government said the magic locks were safe! Well, one day, a man from the government left the government and said, “There are no ‘magic locks!’”

“They’re fake, and the government broke them all when the carpenters were making them, so we would feel safe, but any bad carpenters can get in, just so they can get into your house more easily when they have a warrant – but they make EVERYONE less safe, even from bad people!”

That’s encryption, folks. And you should be very upset at what the government did, many, many times – and now that we know about it – are trying to make it legal and enforceable to have totally fake ‘magic locks’. 

“If you’ve nothing to hide, there’s no reason to worry!”

We’ve all heard that one. 

But it’s not just bad for the bad guys – you can’t just break things for them by breaking the factory everyone gets locks from. Now that you can grasp what encryption does, let’s expand on that analogy a bit.

In the realm of physical safety (we’re back to the locks thing again y’all, hang in there) a thief that is particularly good at knocking out a certain type of lock can reuse his skills to break into at best what… a few dozen homes a night? Maybe if Red Bull really did give you wings, sure.

In the real world of encryption and digital security as a whole, a cracker (the more accurate infosec term for what we refer to as ‘hackers’) can write one small app or program, tap ‘Go’ – and he’s got the power, data, and secrets hidden behind Every. Single. Lock. At once.

They can use that power to blackmail you, steal your identity, or organize all of that information, from all those people,  on a global scale to effect the changes they desire. 

Company won’t pay a ransom for their files? Release the intellectual property to the public, use the database of their clients to steal identities and take out credit cards. Government official won’t vote the way they want?

Release the email exchanges between them and their madam. That’s just the small potatoes – but let me fill in the blanks a bit. If you follow the news much, you’ll begin to realize that the aforementioned scenarios look pretty similar to some very real life events – and that’s because it happens every day.

But why am I talking about relatively small-time hackers in an article about government overreach? Because the government, in some degree of ignorance, wants to make this easier.

Tech companies can barely keep up with security patches as it is, and our systems are likely connected to a few ‘weak links’ of people who don’t update their company’s servers – or their iPhones,”Because they get slow,” throwing a lot of tech companies best efforts to the dogs.

When a government says things like,’Responsible encryption’, what they mean is – intentionally flawed security on everyone’s devices. But hey – like I said – that’s small potatoes. What’s the government doing with all this weakened security? Why do they want it?

“Responsible encryption is achievable. Responsible encryption can involve effective, secure encryption that allows access only with judicial authorization. Such encryption already exists,” 

– Rod Rosenstein

I am not the first person to tell Rod Rosenstein that’s not possible. But I should say it again. No, that’s not possible and that’s not responsible encryption. In fact, it pretty much defeats the point of encryption.

Encryption: The Safeword Against Big Government

Put simply:
Encryption and securely-designed software, end-to-end, is the only thing holding back the threat of true totalitarian government. If every electronic device is a spy on your private conversations, written or spoken, how would you organize and fight back? You wouldn’t. You couldn’t. You’re already dead.

“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say,”

 – Edward Snowden

And if you think you’re safe now, in a given country where you like the leadership just fine so far – think again. Everything is recorded, indexed, and flagged for future use. If the next administration wants to round up those who are likely to dissent, immediately after election day – the execution of such an endeavour would be sound and swift – and the revolution would not be televised. If you need more convincing, do some looking into Intel ME, Xkeyscore, Prism, and Palantir. All fun stuff. 

The TL;DR? 

Anything you’ve ever done, said, went, or purchased – is a keystroke away. Yes, even that picture. Yes, that one. The one with bad lighting, that you deleted? Yep. *cough* That’s gross, btw. But how can encryption help?

“You can call it whatever you want, but make sure you have strong encryption,” 

– Will Hurd, R-Texas

To give a good, albeit backwards example – Cryptoviruses, the viruses that encrypt your files and holds them ransom until you pay the n’er-do-wells money – is considered an FBI issue. Even they can’t get in, unless they can find the people who did it and threaten them to the point of giving up the keys. Make sense now? So, what can you do?

  • Update your stuff
  • Learn what decentralization and digital privacy is, and use it as much as possible – you can start with switching to the Brave Browser
  • If you hear words like ‘responsible encryption’ or ‘I have nothing to hide,’ send them this article.
  • Check out these alternatives to popular software and services.

You can also follow me and my decentralization series over on YouTube and reddit. And don’t make me feel like Marvin.

“I’d give you advice, but you wouldn’t listen. No one ever does.” 

–Marvin, Hitchhiker’s Guide to the Galaxy

Need more?

Robbie offers a tremendous resource of free software and helpful stuff to make your time online safer, easier, and more convenient. If you want to see what he has compiled, head over to his list.