The absurdity of banning end-to-end encryption

:: security, politics

[An old article I forgot to publish.]

The UK government wants to effectively ban end-to-end encryption for messaging. Even if this was desirable, it is not usefully possible. The effort wasted on this futile and stupid attempt to do the impossible would be better spent elsewhere.

For as long as I can remember, politicians have been arguing that end-to-end encrypted messaging systems should be, effectively, banned. Of course, they don’t say ‘banned’, they make some noise about how they will still be secure even though third-parties will be able to read the data if need be. But they mean banned, even if they don’t understand what they are asking for.

And it’s quite possible that politicians indeed do not understand what they are asking for: their educational attainment, at least in the UK, is usually dreadful. It might equip them for governing ancient Greece, or perhaps even Britain in the 18th century, but it doesn’t really cut it today.

Perhaps less forgivable are the advisors politicians employ to do their thinking for them: some of them, at least, do understand what they are asking for I hope, and why they are asking for it. If you’re not frightened that the UK’s security services are giving such terrible advice in such bad faith, well, you should be: it is, in fact, frightening.

Horrible things circulate by encrypted messaging systems, including images of child sexual abuse and worse things (it is hard to think of worse things). Making secure communication impossible for everyone (except of course the privileged few) would help stop that (the privileged few, of course, never indulge in unsavoury activities). Even if doing so makes everyone’s lives less secure in all other ways. It is strange, though, that the very same government that wants to ban secure encryption for the sake of the children also wants to restrict sex education in schools, which is one of the single best ways of reducing the sexual abuse of children and young adults. You’d almost think they want to make it easier for adults to abuse children. Why would a group of adults want that, I wonder? Well, perhaps it’s not that: perhaps they are just very stupid, or religious fundamentalists, or something.

But of course they are not lying. Because of course you can certainly trust the government never to eavesdrop on you if you worry too much and too loudly about climate change, or human rights. That has never happened. And if it has happened, it wasn’t that bad. And if it was that bad, it wasn’t a big deal. And if it was a big deal, that wasn’t their fault. And if it was their fault, they didn’t mean it. And if they did mean it, well, you deserved it.

If you think that I don’t trust them, you’d be right. So it’s fortunate that what they want to do is effectively as impossible as legislating that $\pi$ is 3, that angles can be trisected or that Rwanda is safe (oh, wait).

Here’s why. A secure messaging system is also something else. It’s a program: a set of instructions for a general-purpose computing machine. Given such a machine you could write a secure messaging system. You’d probably get it wrong (I know I would) because getting encryption right is hard. But there are many people out there: some person or group is going to write such a thing and give it away. They already have, in fact. As well as the program you need some service to relay its messages around. But those are pretty common, and they don’t get to see the content of the messages.

Imagine if these general-purpose computing engines were not vast machines living in air-conditioned halls attended by technicians in white coats. Imagine if they were small enough to carry. Small enough to put in a backpack, a handbag, your pocket. Imagine if, rather than over nests of cables, they could send and receive information wirelessly.

They are. They do. We call these things mobile phones. It may surprise you, but a mobile phone is a general-purpose computing machine. Except, of course, that the people who make mobile phones don’t let you treat them like that, do they? Well, yes, actually, they do. Web browsers have fully-fledged programming languages in them, and are fast enough to run really significant programs. Indeed, I use an end-to-end encrypted note-taking tool which will run happily in a browser, as well as an encrypted email system which can do the same. And if that’s not enough I have a fully-fledged Python environment on my iPad, and so can you: it’s in the app store. There are others.

These are general-purpose programming environments which run on your phone. They can be used to write general programs, including encrypted messaging systems. They might not be quite as convenient as a native app, but they’ll be perfectly usable. All it takes is for someone to write such a thing and publish it as open source.

Now the cryptography geeks are going to pipe up that it’s really difficult to write a program in Python, say, which isn’t subject to side-channel attacks, whereby another program running on the same machine can extract information and … wait: another program running on the same machine and you can stop right there. Yes the bad, erm I mean good, guys can probably persuade your messaging system to leak information if they can install software on your phone. That’s precisely what they don’t want to have to do: your phone is one of the ends in end-to-end encryption, and it is just because attacking those endpoints is laborious that they want to be able to read your messages without doing so. If it were easy none of this farce would be happening.

So the whole idiot saga of governments wanting to ban secure messaging systems is not only illiberal and stupid, it’s not even possible: the only way they could achieve their idiot goal is by forbidding everybody access to general-purpose computing systems at all. Instead, the people whose job it is to catch baddies need to step up and deal with the reality that the only way to intercept their communications is to compromise the endpoints – to attack their phones in other words.

And somewhere in the minute collective mind of the entitled halfwits who govern us an idea is now forming. I can hear it now:

Could we just prevent access to general-purpose computers? I mean, it’s not as if anyone needs them, is it? Doing everything by hand was good enough for our great-grandparents, why shouldn’t it be good enough for us? Also, we should start a jolly lot of coal mining and cabbage-farming, it will keep the peasants busy.

Shut up, Jacob: not even Rishi is that stupid.