Feeds

Crypto Daddy Phil Zimmerman says surveillance society is DOOMED

We’ve been here before when we defeated slavery and the absolute monarchy

Beginner's guide to SSL certificates

Defcon 22 A killer combination of rapidly advancing technology and a desire for greater privacy among the public should condemn current surveillance state to an historical anachronism, according to PGP creator Phil Zimmermann.

In an extended talk at Defcon 22 in Las Vegas, Zimmermann said it might seem as though the intelligence agencies have the whip hand at the moment but mankind had faced this situation before. He also said the abolition of slavery and absolute monarchy, and the achievement for civil rights, also once looked unlikely but were achieved.

Zimmermann praised the release of information by NSA whistleblower Edward Snowden, saying his efforts have alerted the populace to the real state of affairs and made people much more concerned about privacy. The revelations had also forced the technology industry to “up its game” and provide products to meet that demand, he opined.

Back in the 1990s Zimmermann said he had seen this in action. The US government had banned the sale and export of strong cryptography and viewed those who used it with suspicion. Today, not using strong crypto is suspect, and illegal in some professions if it risked patient or customer data.

Back in the day Zimmermann claimed RSA had complained to the federal government about him and PGP, triggering an investigation that nearly led to jail time. But the increasing use of PGP, plus some common sense from politicians had resolved the situation in society’s favor.

He cited former Attorney General John Ashcroft, who in the 1990s was in Congress and a strong supporter of cryptography. In the wake of September 11 Ashcroft had removed a lot of civil liberties Zimmermann said, but he’d left crypto alone.

In the present day, Zimmermann’s said his current business, the encrypted mobile phone firm Silent Circle, is having the same effect. The US government had never asked him to put a backdoor in Silent Circle phones, mainly because Congress, the police, army and some members of the judiciary were already using them and didn't want to be vulnerable themselves.

"I remember getting a call from the office and hearing that the FBI had marched in the front door," he told the crowd. "I thought the hammer was coming down, but it turned out that they wanted to discuss volume pricing so they could equip their agents."

Once people get used to the practice of privacy they will rebel if politicians try to take it away from them, Zimmermann opined. He pointed out that if the government decided that everyone using SSL for internet banking had to be routed through a surveillance proxy people wouldn't stand for it.

But before Defcon attendees got their hopes up Zimmermann warned them that there was a long road ahead. In Silent Circle’s case the company wasn't planning to push its technology to US telecommunications companies. Instead it was winning over European firms to build momentum, and has already signed up Dutch telco KPN.

Companies were waking up to the fact that there is money to be made in providing privacy, and that market demand will be critical in reining in the surveillance state he said. In the meantime it was up to the technology industry to give people the tools they wanted and drive public policy forward. ®

Intelligent flash storage arrays

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.