Digital health check-up

I recently read this article on techdirt comparing the NSA leaving/using backdoors into computers with public health issues, and it rang very true for me.  It reminded me of when I heard about a study investigating the deaths in the Iraq war.

Traditionally, in a war, casualty counts come out of newspaper reports.  I won't say that that's a useless way to investigate, but it's certainly known that that will undercount.  It's the nature of the beast; no reporter is where most of the deaths in a war occur.  But headlines were made when medical groups did an epidemiological (ie: done in the same way as would be done in studying the spread of a disease) study of the deaths, and found far more casualties than reported anywhere else (note that that is the second survey in that link; I hadn't previously realized there was more than one).

That was the first thing I encountered that took biological solutions to decidedly non-biological problems.  And Cory's piece cited in the techdirt article is certainly a similar idea.

It also makes me think of what struck me as the biggest problem back when security services were talking about a key escrow that would give a backdoor into all encrypted communications.  That would mean that there would be a key that could be used to decrypt, say, all SSL/TLS communications.

And the big problem with that is that it means that there's a master key that can be found.  Generally, public key cryptography relies on making it computationally infeasible to break a key before it no longer matters what the data was.  The weakness of that model is that this would be a key that would always be useful.  The amount of money that could be stolen would easily be in the trillions of dollars.

Gruber's latest podcast talked (among other things) about how much computer power is currently going into bitcoin mining.  If there was a target like that, it would be worth more than all the bitcoins in the world, and would consequently be targeted with even more computational power.  It wouldn't last long.  And you wouldn't know about the problem until it bit you in the ass.  And you wouldn't be able to do anything about it when it did.  Very scary.

Anyway, I think Cory's definitely onto something, and it bears serious thought.  What is the purpose of our government?  If it isn't making life better for people, is it worth paying for?

Update: It just occurred to me that there's another national security angle to this, as well.  If these exploits are allowed to fester (so the NSA can use them), then other governments can also do so.

No comments:

Post a Comment