If You Value Privacy, Follow the Likes of Eben Moglen, Phil Zimmermann, and Richard Stallman, Not Back Doors' Boosters Who Mislabel Themselves as Security Experts
Signal is not really secure
Having just researched some older interviews or press releases from Professor Moglen [1, 2] we deemed it appropriate to point out computer security advice should be pursued from Computer Scientists, not people who pretend or narcissists who lie about their qualifications. 'Digital natives' who grew up with the Net and with computers tend to start developing software at a very young age (around 10; Moglen's bio says "Professor Moglen began building software as a professional programmer at age 13" and it's common knowledge Stallman studied IBM manuals as a kid) and that's why Moglen and Stallman have far more credibility than the jealous people who keep attacking them to distract from their own ignorance and moral depravity.
Decades ago Moglen cautioned the encryption guru Philip Zimmerman about the sort of government interference which appears to have become common but still veiled (until a whistle gets blown). Quoting this page from the 1990s: "Naturally, once you grasp the mindset that has dominated the rulers of the American Empire since the end of the Second World War, this was too dangerous not to be illegal."
This is a lengthy recollection of what happened even well before 9/11 (2001):
In the fall of 1993 I was representing Philip Zimmerman, the author of a computer program called Pretty Good Privacy, in connection with a criminal investigation by the United States. Phil's program was the first serious attempt to make sophisticated data encryption at the highest technical level freely available to users of all personal computers. Naturally, once you grasp the mindset that has dominated the rulers of the American Empire since the end of the Second World War, this was too dangerous not to be illegal. I was talking to John Markoff of The New York Times, who was taking an interest in these obscure events, and I said, "The right to speak PGP is the right to speak Navajo." I meet that statement from time to time now in email signatures and usenet posts; it seems to have become part of the Bartlett's Familiar Quotations of the crypto wars. I chose Navajo at that moment precisely because Navajo embodies the basic social uncertainty that results from linguistic diversity. The Na-Dené languages are collectively an isolate.1 They bear, as one accident of the evolutionary descent of human language over time, no demonstrable relation to any other languages on Earth.As it happens, speaking Navajo, throughout the lifetime of all living native speakers, has been an assertion of cultural self-determination. During the long process of the imperialization of the continent by the United States, speaking Navajo--and other languages in other pre-European families represented within our borders--has been the central means of maintaining a cultural tradition apart from, and often explicitly hostile to, the government exercising control over the territory.
But in one of history's little ironies it has also, from time to time, suited the United States Government to take advantage of Navajo as a cipher--a story with which, I imagine, some of you are familiar. Before electronic digital cryptography was developed, during the Second World War, the United States military used Navajo speakers as an encrypted form of radio communication in the Pacific theater of operations. What was in one context cultural self-determination and an assertion of a human right against the United States Government, was in another locale military-grade encryption. So there we find ourselves with the central, and regrettably mostly unaddressed, argument concerning all the encryption regulations with which you presently have been told there are no First Amendment problems.
May the United States government require English to be spoken in the telecommunications network of the United States? We could reduce the federal budget substantially, releasing those translators whom the FBI must keep locked in basements all over Quantico to render their wiretap results useful to English-speaking agents. Once, concerning preventive detention of "terrorists"--they were also called Puerto Rican separatist criminals, freedom fighters, whatever you like--awaiting trial in Hartford for conspiring to commit politically-motivated bank robberies, the United States Government explained that two or three years of preventive detention was necessary while the wiretap evidence was translated from Spanish to English.2 The process would have been much facilitated if it could have been made a crime to speak Spanish while engaged in making telecommunications for the purpose of planning crimes. Unfortunately for the poor policeman such a statute is facially unconstitutional. A mere ``official English statute,'' requiring you to speak English not among yourselves, but with government only, is in all likelihood unconstitutional, let alone a regulation forcing use of a particular language in private conversation for the convenience of eavesdropping spooks.
Litigation of the official English issue, in the event that another such statute is unwisely enacted by a state legislature and a proper case is presented to the Supreme Court, would be a stepping-stone to the constitutional recognition of the freedom to speak PGP. At present, the discussion, when it happens at all, is dominated by foolish arguments against our right to choose our language--including a private or secret language--that will not stand the test of precise definition. Accordingly, they are presented imprecisely, and are hard to respond to.
First, it is said, secret speech is merely mechanical in its nature. I'm not exactly sure whether that's a criticism of my Serbo-Croatian or my PGP, but fundamentally after all, they are the same--modes of communication chosen for their utility in a particular social setting, in which the motive to be comprehensible to some and incomprehensible to others is the same as that which lies behind many linguistic phenomena, such as the argot of teenagers, the jargon of post-structuralists, and the acronyms of bureaucrats. The level of technical intermediation between me and my listener is entirely irrelevant, utterly without First Amendment significance, as you are well aware.
Certainly, it can be declared, as it is in present regulations with respect to ham radio communications, that I may not use some particular segment of the government-administered public-trust airwaves for encrypted communications. And I won't at the present moment address the question whether, once we establish the root proposition that encrypted speech is protected, particular time, place and manner restrictions on the encrypted use of the airwaves in particular frequencies might withstand challenge. Where we reserve places (including spectrum locations) for speech to the public, it may be reasonable to ask that speech occur in comprehensible ways. But could one constitutionally prohibit amateur-frequency communication in Basque?
In any event, technical intermediation is not a ground of distinction. The media of communication useful with ``natural'' languages all may be used for encrypted language. They may be employed in writing or printing, by exchanges of telecommunications in fax or email, or the exchange of vocalized speech live through the network. And if some natural languages, such as sign languages, are difficult to employ in some technical settings, in absolute darkness for example, that does not make it constitutional to control their use.
Or else it is asserted, with particular foolishness, that PGP is not a ``natural'' language unlike, say, Sumerian. Certainly, you will object, Sumerian is an isolate with no ascertainable history, unused by anyone for thousands of years. But if I encrypt data by turning it into compressed transliterated Sumerian, for some ``PGP isn't natural'' objectors, that should alter the constitutional analysis. Meanwhile, the status of Esperanto and Gregg shorthand becomes just one of those little mysteries to be disspelled by hand-waving. When it comes, however, to the private languages often invented by identical twins and objects of durable interest to sociolinguists, where we are undoubtedly observing a cipher in use between confederates, the zealots of the distinction between natural and artificial languages have nothing left to do but attend the funeral of a theory killed by a fact, leaving us to get on with the real work.
The real work, then, begins in the recognition that PGP is as much a language as Navajo from the First Amendment perspective. Neither the involvement of a computer in its transmission nor the fact that like all language, ``natural'' or ``artificial,'' it is an artifact of human intelligence changes our right to choose to speak it. Precisely because our choice to employ a language comprehensible to some and incomprehensible to others expresses our political, social, and personal intentions as well as the manifest content of particular speech acts, no system of free expression can tinker with our right to choose one language over another without risking fundamental commitments that the system itself values.
So linguistic regulation in our culture cannot be subjected to mere niggling as-applied challenges. For the reason usually advanced for extended rules of standing in First Amendment cases, the ``chilling effect'' (which is known, when cherished for its positive value by criminal law theorists, as ``general deterrence'') of constraining language choice makes it entirely unsuitable in our multinational democracy. Here, unlike the other empires of our enlightened time, one may vote in a language other than the dominant one, and States have an obligation to make such ballots available where their refusal unduly burdens political choice. For reasons so basic that they can await no demonstration of particular individual harm--and which brook no justification on the grounds that the speaker is a bad person--rules forbidding use of Navajo, French, Pittman, Esperanto and PGP are facially unconstitutional.
But, the police comedian rejoins, we're not seeking to forbid use of PGP, though we entirely reject the First Amendment argument on grounds we can't put clearly because the evidence is classified. We just want you to use our favorite form of escrowed encryption. No, no, not that form of French--use the one we understand! Even if that means a back door in the world financial system. Even if that means when in Iraq you have to escrow your keys with his secret police. Or else that the international escrow agents have to honor his subpoenas. For the policemen, the latter isn't a problem, while for the spook that would be unquestionably destructive.
In fact the whole conversation, however promisingly full of ripe and fruity controversy between realists and rights-mongers, is futile. As I shall show in a moment, strong unescrowed end-to-end encryption of the net is available and is here to stay. Technology does affect policy, to reassure a couple of other participants this afternoon, who have suggested some doubt on the subject. The printing press affected policy, and so has the movement for free strong encryption software.
Others are indeed right to claim that government regulation futile in the long run is not therefore unconstitutional in the present. Government may take a step at a time even in directions potentially nugatory. What is unconstitutional about encryption regulation of any blanket kind--mandatory escrow, outright bans, maximum key lengths, forbidden algorithms, forcibly classified research, and so on--has nothing to do with factual futility.
Privacy is an area that Moglen has long dealt with and has even given high-profile talks about (in recent years). "Eben Moglen says freedom depends on the Net," this piece from over a decade ago said. "Beware of even democratic regimes which want to wiretap," he said.
Such regimes would recommend honeypot "apps", not real solutions to snooping. They would even sponsor those (e.g. Tor).
Moglen's piece has aged well. He mentioned back doors, too:
No government has ever had such control over the lives of its subjects in the history of the world. But every government that is currently seeking to be able to “wiretap” the Net is actually asking for technical facilities to be created, for ‘backdoors’ and holes to be opened in the facilities that make the Net, so as to permit all this monitoring, surveillance and control to be exercised anywhere, throughout society, at any time.
In short, do pay attention to people who know what they are talking about, not charlatans who merely pretend to know what they talk about while attacking their critics and even their critics' families. It is being done while back doors' companies pay them salaries. █
Image source: Phil Zimmermann
