Things CS people don’t understand: Strong Encryption

Very very smart people can be very very wrong.

I’m listening to a recent podcast by Sam Harris, who is a very smart, very rational, very open-minded person. And also a completely wrong person.

He proposes an interesting analogy: Do you have the right to build an impregnable room in your house, that nobody can enter or break into without your permission?

I think that many layman think of encryption like they think of the locks on their door. Unfortunately layman don’t realize that the only reason to lock your door is to keep a confused neighbor from wandering in accidentally, and that locks are incapable of stopping anyone. They offer a feeling of security, but no actual security.

You can make your door perhaps more difficult to break into by adding 27 locks, a bar across the back, steel screens, etc. This will make your door “more secure”, and increase the amount of work an attacker must undertake to be able to get through.

“Strong encryption” is not like this. There is no “variable difficulty level” possibility. You build an impregnable room, and hand out keys, and now ONLY the people who have the keys can get in. (Or someone who has access to trillions of times more computing power than the entirety of the earth combined, but we’ll ignore the ‘attacks by god’ case.)

Sam thinks about things in terms of morality and philosophy rather than technology, which is understandable as that is his field. Unfortunately this means his arguments come off as a philosopher arguing that gravity must be incorrect because they feel it is morally incorrect to constrain people to the ground.

I would actually love for Sam to understand this, and then to get his thoughts on the moral and philosophical issues. (Assume that in 2050 we have the capability to upload your mind into a computer. Do you want Apple or the government having the decryption key to your brain?)

What this made me wonder is how incredibly smart people can have such incredibly wrong ideas. The only thing I can come up with is that they’re getting bad information.  I’m not willing to just say “blame the media” on this one. I think it’s a matter of how we communicate. It’s difficult to find information that doesn’t attempt to wrap up the technology, the morality, the legality, and the author’s opinions. What source could Sam go do that would educate him about encryption that did NOT attempt to make any argument about reasons behind it? (Not everyone can get a computer science degree just to try and understand a single issue!)

It makes me wonder about how I communicate ideas, and how I can do it better. How can I tag certain parts of what I’m saying as “philosophy”, but then tag another part of it with “provable science”?  How can I make you, the reader, understand which parts of what I’m saying I’m an expert in, and about which parts I’m just an interested laymen?

We’ll start with this: Computer Science is my field. Morality/Ethics/Philosophy is a hobby. Speaking from the computer science front: either you have digital secrets, or you have none at all. Philosophically: I am for this. Morally: Uncertain.

A thought on Morality and Justice

Watching an interesting documentary about the european sex slave “industry”. Apparently in Turkey if a girl escapes from her pimp and gets to the police she’s got a pretty decent chance of having the police return her to her pimp. The life these girls are subjected to is horrible, and the apparently a blind eye is turned in large portions of the world.

In very many cases the pimps who are perpetrating these are very clear cut, very easily identified, and there is no possible question of their intentional commission of unquestionably evil acts. Kidnapping, slavery, abuse, sexual exploitation, are these gray areas in any possible way? When someone who has kidnapped hundreds of people is not even pursued by the police, and another is given 5-years probation, is there any question that something must be done?

Hypothetical situation: A large security firm, or even nation, decides to take care of the issue and sends in teams to black-bag these unquestionably guilty people. (Leave them dead on the floor, or “extradite” them to a prison somewhere for the rest of their lives, take your pick.)

Clearly this violates the right of the host nation, which could be an act of war, which which is bad. Ignore that part. Maybe the nation never finds out.

Is it moral?

If a dog was running loose through a neighborhood biting people it would be put to sleep. Why should not we extend the same courtesy to humans who follow the same pattern of behavior? Could removal of such clear and present threats actually be a sign of a truly civilized society, interested in the well-being of all?

I would like to think on this further. If you have any suggested reading material or resources please leave a comment. There must be some wise philosophers who have muddled around this issue at some point.