On ‘the public understanding of encryption’ Tweet by Paul Johnston

Paul JohnstonSome of the questions by journalists about encryption prove they don’t get it. Politicians don’t seem to get it either (most of them). In fact, outside technology, there are some ridiculous notions of what encryption means. Over and over again, the same rubbish around encryption gets regurgitated as either a political point (and makes a good soundbite) or bad science.

Encryption is relatively complex to understand but the implications of the science are relatively simple. Just saying that “we need backdoors” and “breaking encryption” is easy politics. Actually asking the tough questions about encryption is more difficult.
It’s like climate change. We all know the basics, but many people don’t seem to want to really understand the implications of the science.

The implications of encryption are that we can all send messages back and forth with a high certainty of nobody else seeing it. We can do our banking online and make purchases in complete safety that our info is not being stolen.

Creating your own encryption solution is relatively trivial. If you have a basic understating of the technology, it’s easy. Coding something is quite simple, so much so that if we forced a backdoor, it would push nefarious communications further from our reach…

And make our own communications **less** safe…

This is because any communication that can be decrypted with a backdoor will eventually be decrypted by somebody nefarious. This simple change would mean that all of our personal and business communications would essentially be open.

That’s all of our communications. ALL of it.

And, nefarious users (e.g. terrorists) would simply stop using those communications that they know to be watched and instead build solutions hidden even further. This would make it much more difficult for security services to trace communications. Not to mention the fact that the weakest point of encryption is usually the person, not the technology.

If you want to find out what a person’s communications say, the simplest thing is to ask them or work on the human level. It is blatantly more effective. I mean, look at all the phishing scams. Why would they continue if they weren’t effective? Humans are the weak link in messaging communications.

The technology is frankly a massive red herring used by politicians. They use it to try to gain more powers to “keep us all safe,” when in fact, the opposite is true.  The only route forward for combating nefarious use of encrypted messaging is to focus on the humans, not the tech. This requires resources in terms of people. And the public is willing to help with this.

Technology is a tool. It is not a “Holy Grail” that can solve all problems. Technologists are happy to help, but politicians *and* reporters need to educate themselves or the tech community will simply keep saying the same thing.

There’s an opportunity to start making good decisions here. Let’s stop talking about breaking encryption and making us less safe, and start talking about building communities and looking after people and building a society that is knowledgeable and caring.

Because there isn’t a terrorist around every corner using Whatsapp to plan something terrible.

There are amazing people trying to build communities and look out for each other.

No more talking about encryption (or the companies that use it) as the enemy.

Encryption is not the problem. Not understanding it leads to dangerous politics. It’s bad science, it’s bad reporting, and it gets us nowhere.

This article was written based on the tweet by Paul Johnston in June 2017

If you’re interested in learning more about data encryption, take a look at this AWS Big Data Security: Encryption course or our other encryption content. The course firstly provides an explanation of data encryption, and the differences between symmetric and asymmetric cryptography. This provides a good introduction before understanding how AWS implements different encryption mechanisms for many of the services that can be used for Big Data.

Avatar

Written by

Paul Johnston

Paul is the Founder and CEO of RoundaboutLabs. Environmentalist, Consultant CTO, Startup Strategist, and Innovator, he loves Serverless and how to use the Serverless Framework. Paul is also one of the JeffConf organizers.

Related Posts

Avatar
Michael Sheehy
— August 19, 2019

What Exactly Is a Cloud Architect and How Do You Become One?

One of the buzzwords surrounding the cloud that I'm sure you've heard is "Cloud Architect." In this article, I will outline my understanding of what a cloud architect does and I'll analyze the skills and certifications necessary to become one. I will also list some of the types of jobs ...

Read more
  • AWS
  • Cloud Computing
Avatar
Andrew Larkin
— August 7, 2019

Disadvantages of Cloud Computing

If you want to deliver digital services of any kind, you’ll need to estimate all types of resources, not the least of which are CPU, memory, storage, and network connectivity. Which resources you choose for your delivery —  cloud-based or local — is up to you. But you’ll definitely want...

Read more
  • AWS
  • Azure
  • Cloud Computing
  • Google Cloud Platform
Avatar
Adam Hawkins
— June 12, 2019

What is Kubernetes? An Introductory Overview

In part 1 of my webinar series on Kubernetes, I introduced Kubernetes at a high level with hands-on demos aiming to answer the question, "What is Kubernetes?" After polling our audience, we found that most of the webinar attendees had never used Kubernetes before, or had only been expos...

Read more
  • Cloud Computing
  • Kubernetes
Avatar
Scott Huntington
— March 25, 2019

How Does Cloud Computing Work?

Whether you're looking to become a cloud engineer or you're a manager wanting to gain more knowledge, learn the basics of how cloud computing works. Are you wondering about how cloud computing actually works? We can help explain the basic principles behind this technology. Cloud comput...

Read more
  • Cloud Computing
Avatar
Guy Hummel
— March 4, 2019

What is Ansible?

What is Ansible? Ansible is an open-source IT automation engine, which can remove drudgery from your work life, and will also dramatically improve the scalability, consistency, and reliability of your IT environment. We'll start to explore how to automate repetitive system administratio...

Read more
  • Ansible
  • Cloud Computing
Avatar
Cloud Academy Team
— February 11, 2019

What is Puppet? Get Started With Our Course

When it comes to building and configuring IT infrastructure, especially across dozens or even thousands of servers, developers need tools that automate and streamline this process. Enter Puppet, one of the leading DevOps tools for automating delivery and operation of software no matter ...

Read more
  • Cloud Computing
  • Puppet
Avatar
Andrew Larkin
— January 15, 2019

2018 Was a Big Year for Content at Cloud Academy

As Head of Content at Cloud Academy I work closely with our customers and my domain leads to prioritize quarterly content plans that will achieve the best outcomes for our customers. We started 2018 with two content objectives: To show customer teams how to use Cloud Services to solv...

Read more
  • AWS
  • Azure
  • Cloud Computing
  • Google Cloud Platform
Avatar
Cloud Academy Team
— December 21, 2018

2019 Cloud Computing Predictions

2018 was a banner year in cloud computing, with Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) all continuing to launch new and innovative services. We also saw growth among enterprises in the adoption of methodologies supporting the move toward cloud-native...

Read more
  • Cloud Computing
  • Cloud Predictions
Albert Qian
Albert Qian
— August 28, 2018

Introducing Assessment Cycles

Today, cloud technology platforms and best practices around them move faster than ever, resulting in a paradigm shift for how organizations onboard and train their employees. While assessing employee skills on an annual basis might have sufficed a decade ago, the reality is that organiz...

Read more
  • Cloud Computing
  • Product Feature
  • Skill Profiles
Stefano Bellasio
Stefano Bellasio
— July 31, 2018

Cloud Skills: Transforming Your Teams with Technology and Data

How building Cloud Academy helped us understand the challenges of transforming large teams, and how data and planning can help with your cloud transformation. When we started Cloud Academy a few years ago, our founding team knew that cloud was going to be a revolution for the IT indu...

Read more
  • Cloud Computing
  • Skill Profiles
Albert Qian
Albert Qian
— May 23, 2018

Announcing Skill Profiles Beta

Now that you’ve decided to invest in the cloud, one of your chief concerns might be maximizing your investment. With little time to align resources with your vision, how do you objectively know the capabilities of your teams? By partnering with hundreds of enterprise organizations, we’...

Read more
  • Cloud Computing
  • Product Feature
  • Skill Profiles
Avatar
Cloud Academy Team
— April 5, 2018

A New Paradigm for Cloud Training is Needed (and Other Insights We Can Democratize)

It’s no secret that cloud, its supporting technologies, and the capabilities it unlocks is disrupting IT. Whether you’re cloud-first, multi-cloud, or migrating workload by workload, every step up the ever-changing cloud capability curve depends on your people, your technology, and your ...

Read more
  • Cloud Computing