Get Ready For The Political Fight Against Encryption
from the it's-coming dept
Among our many commenters here, we have one “regular” critic who presents himself as being actively involved in “policy circles” in Washington DC, and who was clearly active in the SOPA/PIPA efforts in trying to write those bills and get them passed. This individual provided enough information (along with plenty of insults in our direction) in the comments to make it clear that they were heavily involved — if at a low level — in those efforts. As the debate over this bills wore on and people kept pointing out how encryption would make them all moot in the long run, the commenter declared a few times his (or her?) next target: outlawing encryption. This is, of course, laughable. But if someone who is actually connected to that world thinks that it’s a viable idea, then you know that it’s only a matter of time until someone actually makes a hamfisted attempt at doing something like trying to outlaw VPNs. That this would go against the very same governments’ efforts on “internet freedom” is generally ignored. Cognitive dissonance is strong with this crowd.
That said, with countries like the UK proposing legislation to snoop on all communications — including encrypted ones — the folks over at TorrentFreak are right to be wondering how long it will be until someone tries to ban VPNs. Some more authoritarian countries have tried to effectively do so already (without much luck), but as our anonymous commenter suggested above, this idea is at least being considered by plenty of so-called democracies as well.
Thankfully, there would be plenty of powerful forces to fight back against any such attempt. Beyond regular internet users speaking out (ala the SOPA/ACTA protests), you’d also have plenty of companies who rely on encryption and VPNs for their efforts to keep people and data safe. Considering Congress is already suggesting that it should get involved in forcing companies to better protect data, it would be ironic (though, not surprising) to then find them also trying to outlaw encryption/VPNs, not realizing that the two things are diametrically opposed to one another.
In the end, I don’t see how a war against encryption or VPNs could actually succeed, but it won’t mean that efforts in that direction won’t be a painful annoyance when they come around. Either way, people should at least be paying attention to these discussions, and trying to educate politicians that encryption and VPNs are necessary parts of a secure internet.
Filed Under: acta, encryption, pipa, sopa, uk, vpn, washington
Comments on “Get Ready For The Political Fight Against Encryption”
This years goal, make encryption online illegal.
So a committee of high ranking Label and studio executives, and senators get together and propose the following law …
“No one may use encryption online.”
Then the complaints begin rolling in.
– The DOD can not function with out encryption.
– The banking industry can not function with out encryption.
– Trading houses can not function with out encryption.
– Businesses have corporate secrets to that can not be sent via un-encrypted communications.
– Medical insurance companies begin complaining due to HIPAA.
– The theater industry complains because all the new films go out encrypted to the to Christie Digital Systems projectors.
– The credit card companies begin comlaining about identity theft.
In the end the same thing that happened in Pakistan will happen here in the US and any law like this will fail.
Re:
Ooh nice – Heph you get to be “FIRST!” by a looooong distance 🙂 We bumped this post back a bit this morning without noticing you’d already commented via crystal ball.
(this note mostly left to alleviate anyone’s confusion at the timestamp on this comment)
Re:
Bet the trolls start saying that Heph now works for TD.
On a serious note, we’ve actually been through all this before during the 90s and the fight over export controls on encryption. The government couldn’t prevent the use of encryption then, and has much less of a chance now – nearly everything you do online now depends on it.
“…the UK proposing legislation to snoop on all communications — including encrypted ones”. I knew they wanted to have access to communications data, but where on Earth did you hear they were trying to see encrypted data? Please give me a source or clarification on how they plan on reading encrypted information.
Oh it's not just the UK..
Unfortunately it’s not just the UK proposing to snoop on all internet communication, including encryption. The NSA is building a rather large data centre over there in the US to basically do exactly the same thing.
Of course both countries know that, at present, they cannot decrypt most of the encrypted data they gather. However they want to store it so that it can be decrypted in future, when computing power makes it viable.
In the UK though it is already illegal to refuse to turn over encryption keys/passwords when requested to do so by a member of the police or security forces. Refusal can result in up to five years imprisonment.
Re:
NSA’s New Data Center And Supercomputer Aim To Crack World’s Strongest Encryption
http://www.forbes.com/sites/andygreenberg/2012/03/16/nsas-new-data-center-and-ultra-fast-supercomputer-aim-to-crack-worlds-strongest-crypto/
There you go.
Campaign finance
In the end, I don’t see how a war against encryption or VPNs could actually succeed, but it won’t mean that efforts in that direction won’t be a painful annoyance when they come around. Either way, people should at least be paying attention to these discussions, and trying to educate politicians that encryption and VPNs are necessary parts of a secure internet.
This is the problem… They don’t care. Most of the current batch of politicians don’t care about anything but their partisan politics with SOPA being anathema to the conversation. Even with CISPA passing, all of the supporters of that legislation effectively showed that they would pass anything so long as they had the votes for it. We, the people don’t have the money to fight for our rights at every turn. Sure, the law would fail on execution. But how do we get politicians to understand the dire consequences without a $5000 check saying “You must vote as we tell you to or we’ll use the money against you!”
This is why the attacks on our public financing system through decisions such as Citizens United need to be amended.
We’ll continue to have the federal government, whether it’s the executive branch with new definitions of privacy or relaxing restrictions on information, the legislative branch with their cluelessness, or the judicial branch with their poor rulings, so long as people don’t understand how to take corporations out of government .
Hell, I would argue that all of the companies in the TPP are the ones donating to Obama’s campaign, hence the secrecy involved. Think about this for one moment… If these companies get what they want, the president is subservient to these companies and not to the people.
That’s much more scary than anything in the laws.
Re:
That is in the US. We are talking about the UK. I seriously doubt that the US is willing to let the UK government use its that facility, and I also doubt that the UK has anything comparable to that new datacenter.
Re:
yeah… already happened.
Videos-relevant
The Julian Assange Show: Cypherpunks, Part 1 (E8, p.1)
http://www.youtube.com/watch?v=eil_1j72LOA
The Julian Assange Show: Cypherpunks, Part 2 (E8, p.2)
http://www.youtube.com/watch?v=6DQghUChYtk
Cyber threats, hacker attacks and laws officially aiming to tackle internet piracy, but in fact infringing people’s rights to online privacy. It’s an increasingly topical subject – and the world’s most famous whistleblower is aiming to get to the heart of it. In the latest edition of his interview program here on RT, Julian Assange gets together with activists from the Cypherpunk movement – Andy M?ller-Maguhn, Jeremie Zimmermann, and Jacob Appelbaum.
Campaign finance
“But how do we get politicians to understand the dire consequences without a $5000 check saying “You must vote as we tell you to or we’ll use the money against you!””
That should be $50,000. $5,000 is small potatoes.
DRM?
DRM is one form of encryption I wouldn’t mind seeing outlawed.
Backdoors.
What they really need to do is require back doors in all communications. Nobody will ever figure out what they are. Really. I mean it’s never happened before has it?
The above is sarcasm, just in case you can’t tell.
and exactly how is anyone supposed to educate politicians? you can only educate those that have the room and the desire. nuff said??
Even the dumbest of the dumb would not be dumb enough to look to ban encryption or VPNs (or am I naive?). To do so would criminalise every business who use such techniques to allow remote working and protect their customers’ data.
Re:
The best part about this is that it cant scale. While it might be enough to beat even 2048 RSA in realtime (defeating CA based encryption), but encryption and decryption scale at different rates. the effort taken to encrypt something at 4096 bytes vs 2048 bytes is a little more than double, where the effort needed to decrypt it forcefully vs 2048 is ^2 (squared).
So while the rest of the computer industry move along with moores law doubling every 18 months, the NSA will have to exponentially increase their computing power every 18 months, which wont be possible without an incredible amount of money and time, and will eventually plain fizzle out.
Re:
all the UK are doing in effect, is putting on paper something they have been doing for years. MI5 existed long before it received legal recognition in the statute books. don’t forget project echelon, which has been in existence well before the internet became commonplace. all communications both military and civilian are already subject to scrutiny. the only difference now is the rules for requesting interception are being slackened so that it is more difficult to follow the chain of command when lodging a complaint against unlawful interception….I couls go on but space is precious.
You can have both
Let’s face it, Congress is SO intelligent, especially their technology committee members, they think you can have both.
You can totally protect user’s data and not have encryption. Yup, totally possible, if you rely on sneaker-net with exploding briefcases.
trying to outlaw VPNs
Moot point. PCI compliance.
Re:
It’s late here, I’m still at work and I’m afraid I really can’t be arsed to find the link, but there was something on one of the bbc articles about it where a spokesperson was saying that they’d find away to work around https and encryption.
Could have been bluff and horseshit mind…
Re:
http://arstechnica.com/tech-policy/2007/10/uk-can-now-demand-data-decryption-on-penalty-of-jail-time/
DRM?
obviously DRM would be exempted b/c the people making the anti-encryption law are the same ones who own all DRM content. The rules don’t apply to them, they only apply to everyone else.
Re:
Leigh, It said 20 some minutes to post via crystal ball … myBad 🙂
DRM?
Interesting idea, I wonder if this would include things like DVD encryption. While I doubt the entertainment industry would let it, I’d like to see the arguments the entertainment industry would come up with in order to protect its own use of encryption.
You can have both
I’m hesitant to call it impossible. On a different internet, using different technologies with different protocols etc. it might be possible. However to implement this would involve tearing down the internet and redeveloping it from scratch, and even that’s not a guarantee that encryption, in some form, won’t turn out to be necessary.
Re:
Bet the trolls start saying that Heph now works for TD.
Oh noes … The RIAA is going to start a permanent file on me!
Thinking about it … with one big label failing every 18 months or so, and 3 labels left, it would actually be a semi-permanent file.
Steganography
Even if they somehow manage to outlaw encryption, they cannot totally stop the flow of secret communication, because of the existence of steganography.
Outlawing encryption would, however, slow down things a bit, because the data rate (bits of information/bits sent) for steganography is rather low.
One also has sneakernet and ad-hoc mesh.
Re:
“At this morning’s Home Office briefing, Director of the Office for Security and Counter-Terrorism Charles Farr was asked about how the black box technology would handle HTTPS encryption. His only response was: “It will.””
Source: https://www.privacyinternational.org/press-releases/draft-communications-bill-reveals-home-offices-mass-surveillance-plans-going-ahead
Re:
Do you think that the US only spies on the US ? really ?
Do you know where your encrypted email goes en-route ? IF it gets to the destination at all.
US spies on Britons from UK soil
An investigative report has accused the U.S. government of using a controversial spy station in Yorkshire, Britain to ?subvert and destroy democracy?.
http://blog.alexanderhiggins.com/2012/02/27/spies-britons-uk-soil-86461/
But America wouldn’t do it when your encrypted traffic already bounces through their interceptors ?
They also would never give access to the UK officials.
Video: relevant
Jacob Appelbaum, Dmitry Kleiner: Resisting the Surveillance State and its network effects
http://www.youtube.com/watch?v=Y3h46EbqhPo
No one would sell encryption cracking technology to other governments.(or the UK)
Countries don’t already intercept ALL internet activity crossing their borders.
Yeah… that’s why Tunisia bought that tech and Syria also has it, it doesn’t exist.
Former Tunisian Regime Goes Beyond Spying On Internet Traffic… To Rewriting Emails & More
http://www.techdirt.com/articles/20111213/11181117066/former-tunisian-regime-goes-beyond-spying-internet-traffic-to-rewriting-emails-more.shtml
Finally some MOARRRR videos , Highly related.
How governments have tried to block Tor
http://www.youtube.com/watch?v=GwMr8Xl7JMQ
The smoking gun of UK encryption cracking may not be there… but IF they can, they WILL, that is certain.
“BACKDOOR’s” in propriety software encryption !
Who needs to do impossible math and crack it anyway !
Guys, I’m surprised you don’t see how obvious this is.
One doesn’t need to ban VPNs. One just needs to outlaw VPNs which don’t log, and which do not surrender log data to government/Copyright Industry on simple demand. It becomes easy enough for the Copyright Industry to see which VPN service is being used for P2P sharing, and which does not comply with request for user information (including the Paypal or Credit Card info).
For VPNs outside of the local jurisdiction, SOPA techniques — especially a do-not-serve order against Paypal & credit card companies — will cut down all but the most hard core users.
This topic hardly deserves much effort on analysis. Any such laws won’t be passed. Take away encryption = take away economy = no more taxes = no more govt.
Re:
I am impressed. You sure go to a lot of trouble to get “FIRST”.
Not sure, IF Time Traveler, or Mikes Puppeteer
Re:
Leigh, It said 20 some minutes to post via crystal ball … myBad 🙂
Heh. Not your bad at all… You did exactly what you were supposed to… We just moved stuff around.
Re:
I knew they wanted to have access to communications data, but where on Earth did you hear they were trying to see encrypted data? Please give me a source or clarification on how they plan on reading encrypted information.
In the link I highlighted above:
Re:
Yeah….The math will win.
They will still try, and record fucking everything in the process.
protocols:
If they filter all encrypted traffic out ( the ones without their backdoors in ) ?
They won’t need, to be able to crack it.
But encryption via non encrypted protocols is a completely different story, then they need to scan and decide what is just gobbledegook and what is actual encryption.
eg…vtoiujhmvdth789534ciuj4985mxjxla534780c5nm
encrypted or just nonsense ?
Technically speaking, there's currently a way to implament this now
Unfortunately I’m the barer of bad news here, so I’ll start off with saying explicitly that I DO NOT CONDONE ANY PART OF WHAT I’M ABOUT TO EXPLAIN. I’ve been trying for the past few months to get the main stream media to pick up the story, alas with no luck.
A technique that is nicely called “HTTPS Snooping” (or more accurately called Man-In-The-Middle-Attack http://en.wikipedia.org/wiki/Man-in-the-middle_attack), is available from companies like Cisco, and Websense. These solutions are currently deployed at companies that are snooping on their employees.
Most companies fear malware, and corporate espionage, and thus justify snooping on private communications of their employees. More respectable companies limit what they can see to things like GMail, and unknown addresses. Less respectable companies (like I’ve ran across) snoop all traffic, including banking, and health care. Would you really want your fellow employees to know your bank account balance, or what medications you’re currently taking? How about your boss?
All of this happens by terminating the HTTPS connection at at a border, or firewall system. The traffic is then decrypted, scanned, re-encrypted and transferred to the end user. All of this works because the end user’s system is told to accept the local certificate from the firewall system. The User doesn’t recognize that anything is going on, because to their browser, the certificate is valid, and it’s encrypted. So to them, everything is working perfectly, and they have no clue that their traffic is being snooped on. When they transmit back (say their login/password information) all of their communications simply reverse the process. The information is encrypted with the local firewall certificate, transmitted to that firewall, decrypted, scanned, and re-encrypted for the end system using the official certificate from that site.
Right now, these systems are deployed on large, paranoid corporate networks. However, it scales very simply. All an ISP would have to do is deploy a larger system (or array of systems) to do the same thing. They could convince their end users to use this system, by telling them to “Install This Network Acceleration Software,” that would install their local certificate, and proxy all the traffic through their systems.
With government assistance, they could force say Network Solutions to issue a certificate that is officially signed for all networks. Then the local ISP wouldn’t have to require people to install their own local certificate. They could simply pass the certificate down just like normal, and everyone’s system would accept it because it was officially signed.
I’ll leave the full ramifications of this process, and the problems with certificate based encryption up to others to discuss. I’ll simply say this breaks the Internet, and how it was designed.
If you want a more technical in-depth discussion, this was a recent topic on /. (http://ask.slashdot.org/story/12/06/16/223208/ask-slashdot-whats-your-take-on-https-snooping) including me describing my own run in with these systems.
Re:
Smells like someone in powers back door.
That stinks !
enjoy the pun.
I totally approve! Ban encryption, ban secure connections! The rate of people’s data getting lost and leaked isn’t high enough yet. Let’s make hackers’ job easier, so we can justify some new cybersecurity legislation, into which we can always sneak whatever stupid crap we want!
Hsqr Zcaysqc Gr'q Dpgbyw
K drbokn vsuo drsc yxo coowc kzzvsmklvo robo.
Re:
So what? Then the government will just grant “special exceptions” for the organizations with the enough connections/money/power/critical importance.
That way the critical infrastructure will still work, the well heeled won’t be affected, and the little guys will be fair game, just like always.
Strong encryption promotes free speech. Anything the government does to weaken that encryption will have a chilling effect on speech. We are guaranteed the right to be secure in our papers and property, when will this be extended to the digital age? I don’t use paper anymore, I use bits. The government has no right to EVER impose restrictions on my private communications. To those who say there isn’t a reasonable expectation of privacy, as is heard in so many of these cases, I say that’s why I use encryption, to ensure privacy.
Whoever that commentaro was is a pure and simple fool if he thinks that’ll solve anything whatsoever. Then again, he did also try and push SOPA/PIPA through, so you know, stupid is as stupid does.
Seriously, good luck trying to get encryption outlawed. It’s be like gathering together a bunch of cavemen to take down a herd of T-Rexes.
Next they will outlaw whispering.
—–BEGIN PGP MESSAGE—–
qANQR1DDDQQJAwKEkXjtezfRiKjSbwGcIjSbEk255Uj0LV1Rl9tvOU+AlEBUP1qI
gNfP8YawTbj2SxrwmDSittYrwTAV4Ia/M1dlk0houUm3RAULLTbjHckT9orK0y8z
FNEnZlR+4Xrs7ERu7V0rw/a52f0WQu2QRZhLFj8LrktsmzFFdQ==
=H2fE
—–END PGP MESSAGE—–
techdirt.com
If they ban encryption, it’ll be easier to rip your dvds.
Technically speaking, there's currently a way to implament this now
> With government assistance, they could force say Network Solutions to issue a certificate that is officially signed for all networks.
If any CA is found to be doing that (and it is very easy to find with add-ons like Certificate Patrol), they will be removed from the lists of trusted certificates of all the major browsers.
Technically speaking, there's currently a way to implament this now
Basically what you’re saying is that the certificate authority model is broken.
I agree, can we have something better? (a distributed system of certificates or something, idk)
This wouldn’t affect corporate networks (just ban encryption & only start encrypting when it leaves the company network). Using corporate computers is inherently unsafe whatever you do, they could have installed keyloggers on their machines.
DRM?
Whcih naturally means we’re free to completely disregard said laws, as is our civic duty.
We’re going to protect your data by forcing you to do everything in plain text. Then we’ll collect all the data into a centralized database with a single point of failure (and all passwords stored and transmitted in plain text).
This will keep all your data safe. We promise! We also promise not to abuse your data. Cross our hearts and hope to die.
We’re from the government, and we’re here to help.
DRM?
Do they need an argument? The argument will be: We are 10 % of the US economy. We say banning encryption is bad. Now go do your duty!
This a great example of a lack understanding real work technology use
What we should all be frightened of is the utter lack any understanding for modern technology and it’s current use by anyone that would argue for “outlawing encryption”.
Really?… what about those regulations governing the use of encryption for exchanging financial information? … what now?
Seems to me like there’d need to be heavy investment in many industries to deal with not being able to encrypt but having a requirement for “security”… I personally can’t fathom solutions without without encryption for some of those financial data requirements…
As much as I have a distaste for the way some large companies heft their weight politically, this might be a “good” time to see that happen…
… we’ll probably see someone trying to sneak in some kind of “any form of encryption must allow for bypass by ‘The Government'” law..
Technically speaking, there's currently a way to implament this now
Worth noting in this regard is the currently-open question of who, exactly, signed Flame with Microsoft’s software certificate. Either (a) it was Microsoft, at the behest of the feds, or (b) it was someone else, who has figured out how to pull that off without the cooperation of the certificate holder. If that “someone else” is a major government, then we’re pretty screwed.
Re:
There are all sorts of issues with laws against encryption and special exemptions.
There is no way to tell what is and what is not authorized encryption without redesigning how the internet works. If something is encrypted, it is basically just unintelligible noise and no amount of packet level inspection will change that.
There are several hundred standards and best practices from pretty much every industry on how thing should be encrypted. A sure fire way to piss of every industry on earth is to force them to spend billions to apply for an exemption, check that they are compliant, and/or redo their current encryption systems.
Between industry and impossibility lay the dreams of big content.
DiHydrogenMonoxide
This could be epic. After we get rid of encryption and VPNs, maybe congress should finally get around to banning DiHydrogenMonoxide.
We should ban phosphorus while we’re at it too. That stuff can be just as dangerous.
This a great example of a lack understanding real work technology use
..what about those regulations governing the use of encryption for exchanging financial information?.
And don’t forget about medical information. I believe (not sure about this) that HIPPA requires some form of security (encryption) when sending medical records via the internet.
Fuck em it’s already to late use Gnu/PGP.
And after getting rid of the locks on our computers they can move on to eliminating locks on automobiles, homes, diaries, and bank accounts. Welcome to the Soviet Union of America!
God I hope you're right.
I’ve been saying since early in the PIPA debate that banning encryption will be the next step. I hate to say it, but I think it’s a lot more likely than people think. First of all, it would only apply to private citizens, and the use of encryption would be detected at the ISP account level. Attempt to use encryption=get knocked off the net. Corporations and the government would still use it, but a license to do so would be spendy to deter individuals claiming to be a small business.
I am totally against it. I think it would be huge step backward for both civil liberties and personal security to ban encryption. But I wouldn’t put it past our politicians to do just that.
Re: God I hope you're right.
Cobra, you’re about right in your assessment. I’d forecast it to work like CCW permits in some states. You need a permit and you need to explain why you need such a permit. The gun nuts grumble about it, but there’s no Second Amendment issue. The freeloaders will also piss and moan, but there are no First Amendment issues either.
Sooo… would rather hand over their data to terrorists while still fighting for “cybersecurity”?
Has everyone forgotten about Phil Zimmerman and PGP, and the governments attempt ban it and put him in jail in the early 90’s?
It didn’t work then and it won’t work now. Encryption’s no big deal any more. I can knock off an AES implementation in a handfull of hours.
Hsqr Zcaysqc Gr'q Dpgbyw
Klatu verata nicto?
The original ACTA was going to ban or restrict encryption and other privacy tools.
I am far more worried about a Santorum Administration outlawing encryption than anyone else. Santorum advocates an internet porn filter, like that proposed in Australia, and including making circumvention of the filter illegal, which would effectively outlaw VPNs.
And Santorum may well run in 2016.
God I hope you're right.
Then you just ignore the law and do it without a licnece
Re: God I hope you're right.
First of all, it would only apply to private citizens, and the use of encryption would be detected at the ISP account level. Attempt to use encryption=get knocked off the net.
Then what?
?Clipper? Chip Redux, Anybody?
In the early days of the Internet, the Clinton administration tried to, not exactly outlaw encryption, but bring it under control by trying to mandate the use of the Clipper chip. This used an algorithm with a ?key-escrow? feature (effectively a built-in backdoor)?a master key that the Feds could use to decrypt anything encrypted with this chip.
Back then, law enforcement was worried about the increasing popularity of powerful open-source encryption tools like PGP. Given that encryption is even cheaper, more powerful and more easily available nowadays than back then, what?s the bet we?ll see somebody trying to resurrect this idea as some sort of ?compromise??
Oh it's not just the UK..
> In the UK though it is already illegal to
> refuse to turn over encryption keys/passwords
> when requested to do so by a member of the
> police or security forces. Refusal can result
> in up to five years imprisonment.
So when they’ve arrested you on murder, rape, terrorism, whatever, and you know the evidence needed to convict you is on your laptop and they’re threatening you with five years in prison for not giving over the key… you’re still better off taking the nickel, than giving them the evidence and going down for 20-30 years.
DRM?
More like:
We are 10% of the US economy. We say banning *our* use of encryption is bad. Now go do your duty and just make it illegal for everyone else to use it!
Re:
far too many people are ignorant and/or stupid enough that they don’t realise that’s even an issue.
I’m pretty sure this has been attempted before. You cannot outlaw maths. Doesn’t work.
Re:
Thank you. I’ve read through the draft of the Communications Data Bill, and (like everyone else I suppose) cannot find an details pertaining to HTTPS being stripped or anything else like that. It seems we are being kept entirely in the dark.
Oh it's not just the UK..
Exactly. That has been one of the many criticisms of the RIP Act (specifically part 3): if someone is accused of a serious crime, they can get a shorter sentence by not disclosing a passphrase. Just for clarification, the maximum sentence for failing to provide a key is only 2 years.
Oh it's not just the UK..
In certain situations, I think the penalty goes to five years.
Cryptabyte.com
David Veksler’s new project, Cryptabyte.com, looks promising–discussed in Jeff Tucker’s article Cryptography for the Rest of Us http://lfb.org/today/cryptography-for-the-rest-of-us/
Banning Encryption....
Good luck with that…
Since a number of states in the US and some other countries around the globe are already under fascist control, the effort does not surprise me… But, there is a line. IF it’s crossed, revolution ensues…. Then ALL bets are off.
Define Encryption
So how would you define encryption anyway?
If I used EBCDIC instead of ascii to encode my characters in an email is that encrypted?
How about compression techniques? Are those encryption?
Basically anything that one person can’t make sense out of but that another person can is “encrypted”. So if this website was in chinese, it’d be encrypted from me as I can’t read (or speak chinese).
Obviously some “encryption” algorithms (such as chinese) are more well known than others and the “decryption” algorithm is also widely known, but does that make it less encryption?
My point is that I’m not sure how the government could distinguish between what they call unencrypted data, and encrypted data. (Which is not to say they wouldn’t try).
And after that they’ll insert mandatory cavity searches in every airport. Seems nothing is crazy enough for the Police States out there. Pakistan sure backed out of its decision but they’ll keep trying to find a way to make it go through.
God I hope you're right.
I think you overestimate the amount of processing power ISP’s have to evaluate every piece of data that comes through their system. It’s one thing to just build channels for data, which is what ISP’s do, but to subsequently process all that data to check it for encryption is a monumental task that no reasonable private company is going to want to undertake.
God I hope you're right.
As I stated to your friend… It’s an extremely monumental task to scan all data that comes through an ISP for encryption. The outlawing of encryption would be trivial to circumvent because it amounts to a law against thought which is nearly unenforceable.
Here… I made this in two weeks in Visual Studio. It will encrypt files and text with up to 128 byte keys in a data-dependent fashion such that each byte encrypted influences the encryption of every subsequent byte:
http://www.mediafire.com/download/sxdituc4t3u4vhy/KOStreamEncryption.zip
Here’s a description of the algorithm: http://imageshack.com/a/img208/6293/z0xc.png