Washington Post Publishes... And Then Unpublishes... Opinion Piece By Ex-Intelligence Industry Brass, In Favor Of Strong Encryption

from the what-happened? dept

Wed, Jul 29th 2015 10:41am — Mike Masnick

Update: And... the article has been republished at the Washington Post's site with a note claiming that it was accidentally published without fully going through its editing process. Extra points if anyone can spot anything that's changed...

Earlier this week, we noted with some surprise that both former DHS boss Michael Chertoff and former NSA/CIA boss Michael Hayden had come out against backdooring encryption, with both noting (rightly) that it would lead to more harm than good, no matter what FBI boss Jim Comey had to say. Chertoff's spoken argument was particularly good, detailing all of the reasons why backdooring encryption is just a really bad idea. Last night, Chertoff, along with former NSA boss Mike McConnell and former deputy Defense Secretary William Lynn, published an opinion piece at the Washington Post, doubling down on why more encryption is a good thing and backdooring encryption is a bad thing.

Yes, the very same Washington Post that has flat out ignored all of the technical expertise on the subject and called for a "golden key" that would let the intelligence community into our communications. Not only that, but after being mocked all around for its original editorial on this piece, it came back and did it again.

Of course, you may note that I have not linked to this piece by Chertoff, McConnell and Lynn at the Washington Post... and that's because it's gone. If you go there now you get oddly forwarded to a 2013 story (as per the rerouted URL), with a 2010 dateline, claiming that "this file was inadvertently published."

Of course, this is the internet, and the internet never forgets. A cached version of the story can be found online. The title really says it all: Why the fear over ubiquitous data encryption is overblown. Of course, technical experts have been saying that for decades, but it's nice to see the intelligence community finally coming around to this. And here's a snippet of what was said in the article before it disappeared.

We recognize the importance our officials attach to being able to decrypt a coded communication under a warrant or similar legal authority. But the issue that has not been addressed is the competing priorities that support the companies’ resistance to building in a back door or duplicated key for decryption. We believe that the greater public good is a secure communications infrastructure protected by ubiquitous encryption at the device, server and enterprise level without building in means for government monitoring.

First, such an encryption system would protect individual privacy and business information from exploitation at a much higher level than exists today. As a recent MIT paper explains, requiring duplicate keys introduces vulnerabilities in encryption that raise the risk of compromise and theft by bad actors. If third-party key holders have less than perfect security, they may be hacked and the duplicate key exposed. This is no theoretical possibility, as evidenced by major cyberintrusions into supposedly secure government databases and the successful compromise of security tokens held by the security firm RSA. Furthermore, requiring a duplicate key rules out security techniques, such as one-time-only private keys.

The op-ed also points out that "smart bad guys" will still figure out plenty of ways to use encryption anyway and all we're really doing is weakening security for everyone else. And, of course, it raises the fact that if the US demands such access, so will China and other companies.

Strategically, the interests of U.S. businesses are essential to protecting U.S. national security interests. After all, political power and military power are derived from economic strength. If the United States is to maintain its global role and influence, protecting business interests from massive economic espionage is essential. And that imperative may outweigh the tactical benefit of making encrypted communications more easily accessible to Western authorities.

These are the same basic arguments that experts have been making for quite some time now. What's also interesting is that the three former government officials also point out that the "threat" of "going dark" is totally overblown anyway. It raises the original crypto wars and the fight over the Clipper Chip, and notes that when that effort failed, "the sky did not fall, and we did not go dark and deaf."

But the sky did not fall, and we did not go dark and deaf. Law enforcement and intelligence officials simply had to face a new future. As witnesses to that new future, we can attest that our security agencies were able to protect national security interests to an even greater extent in the ’90s and into the new century.

This is an important bit of input into this debate, and one hopes that the Washington Post only "unpublished" it because it forgot to correct some grammar or something along those lines. Hopefully it is republished soon -- but even if it was published briefly, this kind of statement could be a necessary turning point, so that hopefully we can avoid having to waste any further effort on the wasteful idiocy of a second crypto war.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoors, encryption, going dark, james comey, jim comey, michael chertoff, michael mcconnell, mobile encryption, william lynn
Companies: washington post

35 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 29 Jul 2015 @ 10:54am

This is not the article you are looking for.
That article never existed. Move along, now.
[ link to this | view in chronology ]
- Anonymous Coward, 29 Jul 2015 @ 1:30pm
  
  Re: This is not the article you are looking for.
  We have always been at war with encryption.
  [ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 10:55am

More evidence of government and corporate capture of the media
This is yet more evidence of government and corporate capture of the media. Someone, somewhere told them to pull this piece. It had to come from the government.
[ link to this | view in chronology ]
- tqk (profile), 30 Jul 2015 @ 10:49am
  
  Re: More evidence of government and corporate capture of the media
  You had this right the first time:
  This is yet more evidence of government and corporate capture of the media.
  
  Why then this:
  It had to come from the government.
  
  Abuse of power by gov't officials, or deep pocketed advertiser's nose is out of joint? It could be either. It could even be the editors not wanting to offend one or the other or both.
  [ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 11:12am

Well if I was an editor at the Post I suppose I wouldn't think that highly of Michael "Skeletor" Chertoff and his cronies either. But that's just missing the point
[ link to this | view in chronology ]
DannyB (profile), 29 Jul 2015 @ 11:16am

The dumb bad guys
Not only will the Smart Bad Guys be able to use strong encryption, but they will show the Dumb Bad Guys how to use strong encryption as well.

Only the Good Guys will have weak backdoored cryptography to make the Bad Guys* jobs easier.

* also meaning the government big brother snoops
[ link to this | view in chronology ]
BL, 29 Jul 2015 @ 11:45am

Minor relevant detail not mentioned in this post
Jeff Bezos now owns Washington Post and has $600M contract with CIA:
http://fair.org/blog/2013/08/06/amazon-wilkileaks-the-washington-post-and-the-cia/
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 11:48am

Online Corroborating Evidence
Indirect corroborating evidence online now: Google cache of Omnifeed link to Washington Post article

This is Google's cache of http://omnifeed.com/article/www.washingtonpost.com/opinions/the-need-for-ubiquitous-data-encryption/ 2015/07/28/3d145952-324e-11e5-8353-1215475949f4_story.html. It is a snapshot of the page as it appeared on Jul 29, 2015 07:59:39 GMT.

[ . . .]

Why the fear over ubiquitous data encryption is overblown - Washington Post
Washington Post • 8 hours ago • 10 Shares
More than three years ago, as former national security officials, we penned an op-ed to raise awareness among the public, the business community and Congress of the serious threat to the nation's well-being posed by the massive theft of intellectual ...

Read more on Washington Post »

I've copied this just to show what I'm seeing in as of this post. To see for yourself, look in Google's cache now. Note also that Omnifeed itself has already updated its page to reflect the new Washington Post content.

But this provides some confirmation that the Chertoff/Hayden article was indeed up at the Washington Post site. I myself have no connection with Omnifeed, and in fact had never heard of them or visited their site before today.
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 11:59am

Google cache oddities
Anyone understand why Washington Post content is not readily available directly from Google cache?
[ link to this | view in chronology ]
- Anonymous Coward, 29 Jul 2015 @ 12:07pm
  
  Re: Google cache oddities
  Google doesn't cache websites that want them to anymore.
  [ link to this | view in chronology ]
  - Anonymous Coward, 29 Jul 2015 @ 12:16pm
    
    Re: Re: Google cache oddities
    robots.txt ?
    
    That's what I'm getting from Internet Archive regarding this Washington Post article.
    [ link to this | view in chronology ]
  - Anonymous Coward, 29 Jul 2015 @ 12:38pm
    
    Re: Re: Google cache oddities
    that *don't* want them to
    [ link to this | view in chronology ]
    - Anonymous Coward, 29 Jul 2015 @ 12:44pm
      
      Re: Re: Re: Google cache oddities
      that *don't* want them to
      And s#Chertoff/Hayden#McConnell/Chertoff/Lynn# in my 11:48am post.
      [ link to this | view in chronology ]
- Sheogorath (profile), 29 Jul 2015 @ 3:29pm
  
  Re: Google cache oddities
  A paywall, probably.
  [ link to this | view in chronology ]
Guardian, 29 Jul 2015 @ 12:14pm

show the post you have balls america
go make a print out of the original article and glue them to its building, perhaps a few million copies might send them the right message
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 12:30pm

Bing cache showing inconistent results now
Bing cache is showing inconsistent results for me. I'm getting one view from:
http://www.bing.com/search?q=url:https%3A%2F%2Fwww.washingtonpost.com%2Fopinions%2Fthe-need-for -ubiquitous-data-encryption%2F2015%2F07%2F28%2F3d145952-324e-11e5-8353-1215475949f4_story.html
The text in this view appears to corroborate the story—
1 resultsAny time

Why the fear over ubiquitous data encryption is …
https://www.washingtonpost.com/opinions/the-need...18 hours ago
Cached page

We all benefit from end-to-end encryption of data without building in a means for government monitoring.

But when I actually check Bing's cache, I'm getting the updated contented content as of 7/29/2015. It shows the editor's note.
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 12:34pm

Too much javascript on WaPo's site
I had never visited WaPo's site until they started carrying The Volokh Conspiracy. The first few times I visited my computer went nuts with all the javascript (I have NoScript). And making matters worse: no link to The Volokh Conspiracy on their front page. Even when I figured out the direct link there was so much javascript. Volokh's old site never had that much.
[ link to this | view in chronology ]
David, 29 Jul 2015 @ 12:35pm

Maybe it wasn't genuine...
Maybe the article was just fan fiction.
[ link to this | view in chronology ]
Sheogorath (profile), 29 Jul 2015 @ 12:44pm

It raises the original crypto wars and the fight over the Clipper Chip, and notes that when that effort failed, "the sky did not fall, and we did not go dark and deaf."
Talking of the Clipper Chip, I know it was apparently defunct in 1996, but weren't Nintendo making a big thing about its inclusion in Gamecubes just five years later? ;)
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 1:08pm

Twitter backtracking
Who is Michael Goldstein? Anyone know him personally?
[ link to this | view in chronology ]
- Agonistes (profile), 29 Jul 2015 @ 10:50pm
  
  Re: Twitter backtracking
  Gotta be related to Emmanuel Goldstein.
  [ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 1:29pm

Washington Post
Too bad the Post got rid of its ombudsman; now we'll probably never get an explaination.
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 1:43pm

"wasteful idiocy"
One look at history will tell you that wasteful idiocy is probably the thing humanity does best, if only from a lot of repeated practice.
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 1:55pm

The check to The Chertoff Group from
Google, Apple or Facebook must have bounced.
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 3:06pm

This certainly shows that there are washington post reporters low on the totem pole that haven't sold out the public. Seems the higher you go up to the editors the more government collusion and corruption you find. Unsurprising these days.
[ link to this | view in chronology ]
Sheogorath (profile), 29 Jul 2015 @ 3:26pm

Yes, the very same Washington Post that has flat out ignored all of the technical expertise on the subject and called for a "golden key" that would let the intelligence community into our communications.
There's your answer. Does the Washington Post receive any Federal funding, by any chance? Maybe could make a First Amendment case out of this.
[ link to this | view in chronology ]
Anonymous Coward, 29 Jul 2015 @ 3:32pm

Jesus, put your tin foil hats down. The article is back up.
https://www.washingtonpost.com/opinions/the-need-for-ubiquitous-data-encryption/2015/07/28/3d145952- 324e-11e5-8353-1215475949f4_story.html
[ link to this | view in chronology ]
Mike Masnick (profile), 29 Jul 2015 @ 4:15pm

Updated
We've added an update now that WaPo has reposted the article:

https://www.washingtonpost.com/opinions/the-need-for-ubiquitous-data-encryption/2015/07/28/3 d145952-324e-11e5-8353-1215475949f4_story.html

They claim it was taken down because it was was posted before it had completed the editing process. Anyone able to figure out what edits have been done?
[ link to this | view in chronology ]
- Anonymous Coward, 29 Jul 2015 @ 5:26pm
  
  Re: Updated
  Anyone able to figure out what edits have been done?
  
  By eyeball—
  
  • Bio blurbs at top
  • Insert “Clinton” in 2nd to last graf
  
  Actually started to use automated tools, but after converting the PDF you provided to text, got stuck on unicode whitespace chars compared to copy of text from Post website.
  
  Probably need to pull out perl to convert—not sure it's worth it. Anyhow, that's when I decided eyeball scan would get initial results quicker.
  
  But I'm still not sure of the provenance of your copy. Might have been altered anywhere along the way. Some sort of cache-poisoning attack? Who knows.
  [ link to this | view in chronology ]
mrtraver (profile), 29 Jul 2015 @ 4:34pm

Of course they pulled it.
The NSA and FBI both threatened to take the Washington Post off their Christmas card lists.
[ link to this | view in chronology ]
Gwiz (profile), 29 Jul 2015 @ 5:16pm

Update: And... the article has been republished at the Washington Post's site with a note claiming that it was accidentally published without fully going through its editing process.

"editing"? I think you spelled "vetting" wrong.
[ link to this | view in chronology ]
Lance, 29 Jul 2015 @ 7:30pm

Golden key
Why not do a beta test of golden keys with FBI infrastructure only. Then all issues can be verified/hacked....
[ link to this | view in chronology ]
Anonymous Coward, 31 Jul 2015 @ 10:41am

The internet does not forget.
[ link to this | view in chronology ]
- tqk (profile), 31 Jul 2015 @ 1:00pm
  
  Re:
  The internet does not forget.
  
  So true! Even more, we still practice the old Roman Empire tradition of stirring entrails. You go ahead and un-publish what you mistakenly published. We've got our own Wayback Machines containing cached copies of what you no longer want us to see. A few incantations of pdftotext piped through diff, and voila your tap dancing is revealed. Shazam!
  
  There's a lot of eyeballs out here watching, and apparently you forgot. Mike nailed it before he even showed us what was going on.
  
  You might want to put in a bit more effort next time, and know that you underestimate us at your peril. Have a marvy day!
  [ link to this | view in chronology ]
vdev (profile), 31 Jul 2015 @ 8:25pm

It is worth noting that this piece is published in today's printed version of Washington Post (31 July)
[ link to this | view in chronology ]