After the recent terrorist attack in London it was reported that the criminal has communicated with someone shortly before using the encrypting program WhatsApp on his mobile phone.  The encryption made it impossible for the investigators to inspect the communication. Soon afterwards the British Home Secretary with the unoriginal notion that encryption on the internet should be made illegal.

Yes we all would like the police investigator to know all about what the criminal is doing. However can that be achieved without substantially destroying the worl we live in?

Is it a new idea?

It is not: In the 1990‘s Phil Zimmerman in the U.S. – on his own, without any professional backing – created the magnificent encryption software PGP enabling any PC to encrypt any content in a very strong way – and made the software available to the whole world. A discussion sprang up what is more important: the increase in freedom and privacy of decent people (some of them under oppressive regimes) or the risk of abuse by organised crime. The U.S. government tried to prosecute Phil under some guise for several years but failed. It effectively admitted that encryption and secrecy is a legitimate function and the governments can do nothing about it.

In the meantime several similar cases have transpired where investigators and spies of different sorts longed for the encryption functions used by their suspects to be somehow   penetratable but with no success.

How secure is contemporary encryption?

Today‘s encryption technologies available on most computers or phones are way more powerful that those that decided the outcomes of World War II. Any student of “Information Theory” learns that any cipher can be broken – it is only a question how much it will cost in terms of effort and expense. For good ciphers the cost should be astronomical.

It is not possible to make a cipher permeable for law enforcement and impermeable for others. Any back door prepared for the police investigator would drastically cripple the strength of the cipher as a whole.

An effective encryption is widely available and there are many creative ways of making one’s messages secret on the internet. There are even ways of hiding encrypted content somewhere where no one will be looking for it – like inside an image. And there is a multitude of such possibilities. If some ways are outlawed creative people will find new ones.

The architecture of the Internet is helpful in these efforts by providing users with multiple various methods of free communications and giving governments few ways of controlling that communication.

How widespread and important is encryption nowadays?

A politician has made an infamous remark on TV: “Have you ever used encryption? I have not”  He was certainly unaware that he was using encryption every time he turned on his mobile phone or browsed an article on Wikipedia.

(Hint: If the address field in your web browser begins with https:// where the “s” is of importance then your browsing is encrypted)

Some time ago the Putin’s regime was trying to censor the Russian Wikipedia by blocking access to some articles it considered wrong. However because Wikipedia encrypts the web communication with its readers the “censor” could not determine which article is being transmitted and whether it should be blocked.  And blocking the whole Wikipedia is something that not even Putin had the courage to do.

And the banks are very specific: They depend totally on encryption and in the best interest of their clients they tend to be very strict and picky about technology.

Can encryption be outlawed to prevent abuse by criminals and terrorists?

Should the lawmakers of some state try to forbid the usage of encryption technologies on the internet they would be starting on a path of much destruction: First of all they would have to deal with the workings of banks which are vitally dependent on cryptography and very unwilling to compromise. Next they would find themselves in opposition against the whole digital industry which would have to change the whole staus quo to comply with such a legislation.
And the terrorists? They would probably hitchhike on the work of rebelling creative individuals and soon would find new ways of hiding their communications.

So the answer is: The governments could try to regulate the encryption but will never reach their goals. Just as they could not legislate water to flow uphill.

Written as a Sunday Thought for IKDP.cz  http://new.ikdp.cz/?p=6862

Have you ever entrusted your money to a bank based on its comfortable way of handling the account from the web? And while making the decision you did not quite manage to understand their fees and interest rates? I did and it is quite normal.

The banks’ business rules are complicated and entangled so a regular person who has other things to do has no chance to fully comprehend them – hidden in plain sight in small font.

On the other hand the banks have a well visible “user interface” – not just the computerized environment but also the elegant offices, tempting commercials, shiny brochures and beuatiful credit cards – maybe even with your dog imprinted. All is done so that (and banks cannot act differently because the market commands them) to attract the customer toward conditions that are somewhat less favorable than they could be.

Against this medialized reality various internet comparison engines engage in combat that do for you the labor of comparing various offerings and lay them out before you objectively and without any glamorous facade (as long as the engine is not paid by one of the banks which might be an entirely different story). These comparisons work well of instance for offers of travel insurance. You just input the parameters of your journey and get a simple answer with the most advantageous insurance policy for you. For banking services the comparing is somewhat more complicated and difficult.

To the rescue comes a new EU directive on payment services (PSD2) due to become effective next year. It will rule for all banks to offer their clients an electronic communication through a standard interface. In plain language all the banks use the same „forms“ with the same fields on the internet. A piece of software on the side of the client will then transform these plain fields into something  more appealing to the user.

This has massive consequences in that the client will be able from their favorite software app to work with several accounts in different banks. They can then easily compare where their money gets the best treatment in terms of fees and interest rates – and naturally give preference to that bank.

They will also be able to select among different software apps the one which gives them the best experience – and perhaps pay for it a little more. With no ties to which bank their money is stored in. So the client will be choosing their app according to its bahavior and choosing their bank according to its business conditions, not vice versa.

We often frown at the EU for regulating some things in excess – and that may sometimes be true. However this regulation makes sense to me.

Written as a Sunday Thought for IKDP.cz

Bible sometimes yields interesting pieces of timeless wisdom.

The list is:

• Murder Genesis 4:1-16
• Opression against the poor and helpless Exodus 22:20–23. („widows and orphans“ in Biblical language)
• Defrauding laborers of their wages Deut 24:14–15
• Sodomy Genesis 19:5 – opression or lack of hospitality toward foreigners or immigrants (This interpretation offered to me by friend VK gives me a better sense than the traditional catholic definition of sodomy as a sexual perversion)
  

I find it fascinating that 3 of these sins have to do with social (in)justice
Translated into contemporary general wording: The most abominable human behavior is such when the strong opress or steal from the weak.
While the first contemporary examples of such behavior that come to my mind are from my country the Czech Republic we might also identify some similarity with the U.S. budgetary crisis where many of the needy are denied what they need because the powerful ones place their own partial interests above the common good.