On 'the public understanding of encryption' Tweet by Paul Johnston

Paul_JohnstonSome of the questions by journalists about encryption prove they don’t get it. Politicians don’t seem to get it either (most of them). In fact, outside technology, there are some ridiculous notions of what encryption means. Over and over again, the same rubbish around encryption gets regurgitated as either a political point (and makes a good soundbite) or bad science.
Encryption is relatively complex to understand but the implications of the science are relatively simple. Just saying that “we need backdoors” and “breaking encryption” is easy politics. Actually asking the tough questions about encryption is more difficult. 
It’s like climate change. We all know the basics, but many people don’t seem to want to really understand the implications of the science.

The implications of encryption are that we can all send messages back and forth with a high certainty of nobody else seeing it. We can do our banking online and make purchases in complete safety that our info is not being stolen.

Creating your own encryption solution is relatively trivial. If you have a basic understating of the technology, it’s easy. Coding something is quite simple, so much so that if we forced a backdoor, it would push nefarious communications further from our reach…

And make our own communications **less** safe…

This is because any communication that can be decrypted with a backdoor will eventually be decrypted by somebody nefarious. This simple change would mean that all of our personal and business communications would essentially be open.
That’s all of our communications. ALL of it.
And, nefarious users (e.g. terrorists) would simply stop using those communications that they know to be watched and instead build solutions hidden even further. This would make it much more difficult for security services to trace communications. Not to mention the fact that the weakest point of encryption is usually the person, not the technology.

If you want to find out what a person’s communications say, the simplest thing is to ask them or work on the human level. It is blatantly more effective. I mean, look at all the phishing scams. Why would they continue if they weren’t effective? Humans are the weak link in messaging communications.

The technology is frankly a massive red herring used by politicians. They use it to try to gain more powers to “keep us all safe,” when in fact, the opposite is true.  The only route forward for combating nefarious use of encrypted messaging is to focus on the humans, not the tech. This requires resources in terms of people. And the public is willing to help with this.

Technology is a tool. It is not a “Holy Grail” that can solve all problems. Technologists are happy to help, but politicians *and* reporters need to educate themselves or the tech community will simply keep saying the same thing.

There’s an opportunity to start making good decisions here. Let’s stop talking about breaking encryption and making us less safe, and start talking about building communities and looking after people and building a society that is knowledgeable and caring.

Because there isn’t a terrorist around every corner using Whatsapp to plan something terrible.

There are amazing people trying to build communities and look out for each other.

No more talking about encryption (or the companies that use it) as the enemy.

Encryption is not the problem. Not understanding it leads to dangerous politics. It’s bad science, it’s bad reporting, and it gets us nowhere.

This article was written based on the tweet by Paul Johnston in June 2017  

If you’re interested in learning more about data encryption, take a look at this AWS Big Data Security: Encryption course. The course firstly provides an explanation of data encryption, and the differences between symmetric and asymmetric cryptography. This provides a good introduction before understanding how AWS implements different encryption mechanisms for many of the services that can be used for Big Data. 

Written by

Paul is the Founder and CEO of RoundaboutLabs. Environmentalist, Consultant CTO, Startup Strategist, and Innovator, he loves Serverless and how to use the Serverless Framework. Paul is also one of the JeffConf organizers.

Related Posts

Albert Qian
— August 28, 2018

Introducing Assessment Cycles

Today, cloud technology platforms and best practices around them move faster than ever, resulting in a paradigm shift for how organizations onboard and train their employees. While assessing employee skills on an annual basis might have sufficed a decade ago, the reality is that organiz...

Read more
  • Cloud Computing
  • Product Feature
  • Skill Profiles
— July 31, 2018

Cloud Skills: Transforming Your Teams with Technology and Data

How building Cloud Academy helped us understand the challenges of transforming large teams, and how data and planning can help with your cloud transformation.When we started Cloud Academy a few years ago, our founding team knew that cloud was going to be a revolution for the IT indu...

Read more
  • Cloud Computing
  • Skill Profiles
— June 26, 2018

Disadvantages of Cloud Computing

If you want to deliver digital services of any kind, you’ll need to compute resources including CPU, memory, storage, and network connectivity. Which resources you choose for your delivery, cloud-based or local, is up to you. But you’ll definitely want to do your homework first.Cloud ...

Read more
  • AWS
  • Azure
  • Cloud Computing
  • Google Cloud
Albert Qian
— May 23, 2018

Announcing Skill Profiles Beta

Now that you’ve decided to invest in the cloud, one of your chief concerns might be maximizing your investment. With little time to align resources with your vision, how do you objectively know the capabilities of your teams?By partnering with hundreds of enterprise organizations, we’...

Read more
  • Cloud Computing
  • Product Feature
  • Skill Profiles
— April 5, 2018

A New Paradigm for Cloud Training is Needed (and Other Insights We Can Democratize)

It’s no secret that cloud, its supporting technologies, and the capabilities it unlocks is disrupting IT. Whether you’re cloud-first, multi-cloud, or migrating workload by workload, every step up the ever-changing cloud capability curve depends on your people, your technology, and your ...

Read more
  • Cloud Computing
— March 29, 2018

What is Chaos Engineering? Failure Becomes Reliability

In the IT world, failure is inevitable. A server might go down, an app may fail, etc. Does your team know what to do during a major outage? Do you know what instances may cause a larger systems failure? Chaos engineering, or chaos as a service, will help you fail responsibly.It almost...

Read more
  • Cloud Computing
  • DevOps
— November 22, 2017

AWS re:Invent 2017: Themes and Tools Shaping Cloud Computing in 2018

As the sixth annual re:Invent approaches, it’s a good time to look back at how the industry has progressed over the past year. How have last year’s trends held up, and what new trends are on the horizon? Where is AWS investing with its products and services? How are enterprises respondi...

Read more
  • AWS
  • Cloud Adoption
  • Cloud Computing
  • reInvent17
— October 27, 2017

Cloud Academy at Cloud Expo Santa Clara, Oct 31 – Nov 2

71% of IT decision-makers believe that a lack of cloud expertise in their organizations has resulted in lost revenue.1  That’s why building a culture of cloud—and the common language and skills to support cloud-first—is so important for companies who want to stay ahead of the transfor...

Read more
  • Cloud Computing
  • Events
— October 24, 2017

Product News: Announcing Cloud Academy Exams, Improved Filtering & Navigation, and More

At Cloud Academy, we’re obsessed with creating value for the organizations who trust us as the single source for the learning, practice, and collaboration that enables a culture of cloud.Today, we’re excited to announce the general availability of several new features in our Content L...

Read more
  • Cloud Computing
— July 13, 2017

Our Hands-on Labs have a new look

Building new hands-on labs and improving our existing labs is a major focus of Cloud Academy for 2017 and beyond. If you search "types of adult learning," you will get approximately 16.9 gazillion hits. Many will boast about how they meet the needs of a certain type of learner (up to 70...

Read more
  • Cloud Computing
  • hands-on labs
— July 11, 2017

New infographic: Cloud computing in 2017

With 83% of businesses ranking cloud skills as critical for digital transformation in 2017, it’s great news for anyone with cloud architecting experience, and for those considering a career in cloud computing. In our new infographic, we compiled some of the latest industry research to l...

Read more
  • Cloud Computing
— July 7, 2017

Embracing DevOps in your company – an interview with our DevOps expert

On the Cloud Academy Community, we get a lot of questions about DevOps. According to the 2017 State of DevOps Report by the DevOps Research & Assessment and Puppet, DevOps “is viewed as the path to faster delivery of software, greater efficiency, and the ability to pull ahead of the...

Read more
  • Cloud Computing
  • DevOps
  • Security