Encryption debate reminiscent of climate change arguments: Senetas

Encryption debate reminiscent of climate change arguments: Senetas:

Chair of Australian security vendor Senetas Francis Galbally has told the Parliamentary Joint Committee on Intelligence and Security (PJCIS) that the current debate surrounding the proposed encryption-busting Assistance and Access Bill is similar to the one surrounding climate change in Australia.

Despite being told over and over again by experts that accessing encrypted communications will introduce weaknesses into the system, committee members continued to press that a solution is possible.

“It’s a bit like the people denying climate change — all the scientists say there’s climate change, but you politicians don’t admit it,” Galbally said towards the end of the hearing on Friday morning. “It’s the same thing here.

“You cannot do it without creating a systemic weakness. There’s no definition of it, but we’ve had everyone around the world telling you the same thing.”

Galbally detailed how the company had conducted an assessment of the Bill at its own expense, and identified three “catastrophic outcomes” as certain or likely to occur if the Bill is passed.

“The Bill, should it become law, will profoundly undermine the reputations of Australian software developers and hardware manufacturers in international markets; there is simply no doubt that this will result in a significant reduction in local R&D and manufacturing as a consequence of declining employment and export revenue,” Galbally said.

“Foreign governments and competitors will use the mere existence of this legislation to claim that Australian cybersecurity products are required to use or collaborate in creating encryption backdoors.”

[Galbally] added that customers and global competitors are not interested in the nuances and exemptions that could possibly be added to the Bill, as the company will be undercut and lose business.

“In the cut and thrust of the sales world, the existence of such legislation is enough for us to lose a sale,” Galbally added.

“I can say confidently that Senetas will be directly affected, and with exports representing over 95 percent of our sales, there will be a substantial impact on our business, were we to remain in Australia.”

… Should the Bill proceed, Senetas said it could find itself, and up to 200 jobs, moving offshore to avoid perception issues.

… ”The Russians, for example, they haven’t even done it because they know to do it upsets other things far greater than what they are trying to do.

“You have a problem with insurgents in Syria, you don’t drop an atom bomb on those insurgents and see what happens, the consequences that happen to everybody else around. This is the equivalent of dropping an atom bomb to find some nefarious character.

“You will destroy, eventually, Australian’s own data protection — that’s what it is.”

(Via Latest Topic for ZDNet in security)

The battle in Australia over encryption and data protection makes my eyes roll every time I read about it. But the Deputy U.S. Attorney General has similar ideas to the Aussies:

“There is nothing virtuous about refusing to help develop responsible encryption, or in shaming people who understand the dangers of creating any spaces—whether real-world or virtual—where people are free to victimize others without fear of getting caught or punished,” Rosenstein said.

He is wrong. There are myriad virtues for privacy, for freedom and liberty, for capitalism, for trust in the economy, and a bunch of other things. Rosenstein wants to manage to the exception — basically treating edge cases (criminality) as the norm — instead of manage by exception.

“Responsible encryption,” as the Deputy U.S, A.G. defines it, is weak encryption … at best.

Back to Australia, here’s a nice bit of hand waving and false equivalency (&| false analogy) from the Committee chair:

Towards the end of the hearing, PJCIS chair Andrew Hastie justified the encryption-busting legislation due to the amount of methamphetamine use in his electorate.

“We use more ice in regional WA than in Sydney or Melbourne, so my point is from an economic perspective, we have a serious problem in this country with ice, and of course, my electorate has a large meth problem,” he said.

“I’ll just put on the record, different perspectives on this question.”

It’s not different perspectives. They are not related … except by exception.

Baby, meet bathwater.

Also on:

Annual Review

As I was about to engage in my personal annual review activities I read this post from Brad Feld. Two things resonated with me.

The first, using one’s birthday instead of the calendar year to do your review, makes sense. Why use an arbitrarily set milestone? Doing it on the anniversary of your birth personalizes it and avoids the crush of people all trying to do the same thing as you at the same time.

Second, I like his versioning. We are not who we were but who we were makes up part of us. So, I am v45.11 of me at the moment. Some iterations are better than others. The idea of fixing something for v45.12 seems less daunting somehow.

What are you doing for your annual review, if anything? If you’re not, let us know on social media.

Also on:

Why Passion is Overrated (instead, here’s what you should do)

Why Passion is Overrated (instead, here’s what you should do):

I often hear people say if they only had a real passion, they would be able to follow it, break free from their mundane job and create their dream life.

But what to do when you don’t have a passion? Are you just supposed to wait until it one day magically drops from the sky to rescue you?

I feel there’s this mistaken belief, that some people ‘have a passion’ for something, which enables them to live a fabulous, meaningful life, whereas others don’t and thus are stuck in the hamster wheel.

… What do I love doing I asked myself? I felt completely blank and confused. It didn’t help that well-meaning family member and friends just told me to follow a different passion. What if I didn’t have one?

This is where a lot of people get stuck.

I was certainly stuck until I realised that doing something is better than doing nothing. You learn a lot from doing something. Anything is better than nothing.

(Via Pick the Brain | Motivation and Self Improvement)

Japan impresses me. There are restaurants and shops and ryokan that have been operating for years or decades or longer where they focus on what they do, they take pride in what they do, and they refine how they do what they do in evolutionary rather than revolutionary ways. Watch Jiro Dreams of Sushi for an extreme version of this mindset. This is changing, of course.

Back on the late, lamented PVC Security podcast we talked often about “finding your passion”. It sounds nice, but I think we did our listeners a bit of a disservice. We did talk about how to find your passion a little, but we failed to properly acknowledge other paths and the realities of life.

Also on: