[FDE] on the proposed demise of the bill of rights
Allen
netsecurity at sound-by-design.com
Fri Oct 5 09:32:48 MDT 2007
Patrick Cahalan wrote:
[snip]
> It seems like we'd keep a lot more dangerous people off the street by
> simply building more prisons so that we can house them for the duration
> of their sentences, no?
>
> Oh, but that costs money, and therefore we need to pay taxes. Nobody
> wants a prison in their neighborhood.
>
> If we're so blithely willing to let all these bad guys out to save some
> money, why are we even willing to *consider* throwing away the right to
> not incriminate ourselves to keep one guy in jail?
As the Dutch figured out as a result of WWII, long prison
sentences do not make for low recidivism rates. They have among,
if not the shortest, the shortest prison sentence terms anywhere
and among the lowest recidivism rates.
So how does this apply to FDE? I think it is tough to see, but in
much the same way as does the society's sense of safety affects
its actions against the non-conformists to the social "norm" I
think we become focused on the number and quality of the locks on
our doors, the protection of our data, our privacy, against
perceived threats, real, of little likelihood, or statistically
no more likely than winning the lottery.
Yes, we need encryption, full disk or otherwise, for there *are*
truly evil people in the world, but let's keep it in proportion
to the real threats.
SELinux is a prime example of what I think we need to worry
about. Who wrote the bulk of it? NSA. What are they known for?
Secret snooping, invasion of privacy among a host of other,
probable but undisclosed as yet, threats against liberty and justice.
FDE must, as we can see from the disclosure of the "hidden" back
door in PGP, look to finding these as well as making sure we are
helping to provide the underpinnings of a safe society where
safety is not just for those with enough cash or political pull.
A lock that deters for 4 hours is no more useful than one that
deters for 15 minutes if people don't know they exist and can, in
fact, actually be able to use it, even the weakest one.
FDE is in the boat, I think, where encrypted e-mail is, there,
adequate for the most part, but unusable by the ordinary,
non-technical user. How many can truly be said to understand and
utilize encryption other than for static protection of our siloed
data? A friend and I have had many conversations about
exchanging programming and design data for products he is
developing but we keep coming up with the same problem - no two
people do it the same way and so having a three way exchange is
very cumbersome. Four ways? Five ways? Fergit it.
Best,
Allen
More information about the FDE
mailing list