Wednesday, February 15, 2006

Encrypted file systems, terrorism, personal privacy, oh my

Here's an interesting question ... suppose police capture a terrorists laptop and they want to get into the laptop to extract plans and other documents? Suppose the laptop is rigged so the file system is encrypted meaning the police can't get through the encryption? Suppose there's a ticking bomb, and the plans for the bomb are in the laptop?

That's the scenario posed here: UK holds Microsoft security talks (By Ollie Stone-Lee, BBC News political reporter) Microsoft is apparently in talks with the British Government to install a backdoor allowing Police to snoop into otherwise encrypted hard disks.

Hmmm... One glaring fault leaps to mind. Any backdoor installed for Police use could also be used by "hackers" to sneak through the same back door. And, for that matter, what if the Police (or someone) were to come up with a stealthy virus, that didn't announce itself, and simply sneaked through the backdoor and retrieve any interesting data? The utility of the backdoor of course depends on the implementation. But since the backdoor is targeted to be used by Police departments, that means the details are going to be widely dissemenated and hard to keep secret. There's an adage that security through secrecy just does not work.

The article makes this out to be a new problem brought about by Windows Vista. It's actually older, since on some operating systems you can make encrypted disk images that require a password to open. The easiest to use implementation is on Mac OS X, one simply makes a disk image file (using Disk Utility) and specifies options including read/write and encryption. When you want to fiddle with sensitive files, just open the encrypted disk image and fiddle away. Make sure to unmount it when you're done.

Suppose your computer is stolen, would you want the thief to have easy access to all that data? Wouldn't you breath easier knowing the data on your computer was safe because the thief didn't have your password?

And, why does the article only talk about the need to thwart terrorists? "Terrorists" have become the big bugaboo under which all sorts of threats to civil liberties have been enacted. Shouldn't the same concern also be aimed at ordinary criminals?

Would this backdoor only be documented for nice police departments? Or would it also be made available for other police departments, e.g. in totalitarian states? Another current events story is China gaining some success at their dissident crackdowns through working with the tech companies. Clearly a tech company like Microsoft would be obeying Chinese law by helping the Chinese government in understanding the backdoor into Windows Vista. And, then what?

Would China then have greater success in cracking down on their dissidents? Whom, from western eyes, are freedom fighters?

And, for that matter, it's well known that the majority of cyber attacks are coming from China. What if the backdoor Microsoft discloses to the Chinese government is also something they can use in the cyber attacks, which then threaten American computer security?