This. That entire period should be examined as a lapse in judgement, not a time when things were better.
Because of our state-of-the-art security, we're now able to do more things online in less secure environments. A secure, distributed internet is normal. One that is insecure by design is not.
Even HTTPS was costly in terms of resources back then, thankfully hardware acceleration and better algorithms came and there are no valid reasons anymore not to encrypt communications now.
They brought it up themselves too https://www.youtube.com/watch?v=xozVBAWo8XI (not dubbed unfortunately) where their users would accuse them of being antiquated for not doing any server sync'ed messages but it's all by intent.
Even burner phones were a technically state-of-the-art which was a story which underpinned an entire season of a TV show's plotline (and title).
Cellphones became so cheap and widely available you could buy and throw them away efficiently to not get easily tapped and still make enough money, even as a low level drug dealer living in low income neighbourhoods. That wouldn't have been possible years prior.
Really good point. I'm amazed we don't hear this argument more, and also the related one that we always used to have an anonymous payment system (cash) so why is a digital equivalent unthinkable?
In the inter-war years and through WW2 there was a GPO Special Investigations Unit in every sorting office.
They were steaming open, photographing mail, then sending them on, and the photos to MI5. They were also responsible for recording phone calls so had presence in major exchanges.
The historical norm also included pretty overbearing social surveillance of movements and contacts. I think you'd have an easier time getting a conspiracy past the NSA than getting it past the town elders.
In bulk, as opposed to targeted spying - you can send an agent to hide behind the bushes, or plant a microphone, or infiltrate a group. Which was possible for a long time before computers or electronics (minus the microphone example), but it's not possible to do it at scale - you can spy on a few hundred people this way, but not on a few million.
In fact those techniques have even gotten substantially better with technology. It is fairly easy to create a laser microphone that can pick up sound on the other side of glass. There are even devices that can do it through solid walls, but sensitivity is vastly different between these. These are huge advantages though because you don't need to get close to the target.
We have telephoto lenses and a 50 megapixel camera is only $4k. Imaging has gotten both substantially cheaper and substantially better.
We also now have IMSI-catchers that can easily be deployed. Which makes wire tapping much easier.
By all accounts everything that could be done in the past can be done substantially better and for much cheaper while having a lower risk of an operative being caught by trying to place the spying device (since we can increase the distance). Which also means the term bulk has changed.
I'm sure reading encrypted message would make their job easier too. But I'd need to see some hard data on how effective advancements in other areas have enabled catching terrorists, because I highly doubt they have.
Also, backdoors seem self sabotaging. If you have operatives in another country don't you want them to have easy access to encrypted communication lines? If only spies use SuperSecretCommunicationApp then that's pretty easy to trace. I've understand this to be the whole reason for releasing Tor to the public. Gives a lot of cover. Besides the fact that your enemies are also going to get ahold of any backdoor created.
Targeted spying is limited by manpower, not by technology.
If undercover agents can work mostly from the comfort of their home or office because they operate online, they might be able to spend time on other activities, but not to infiltrate two organizations at once.
If some speech recognition AI finds interesting bits in conversations so that the same analyst is ten times faster at examining wiretapping output, it doesn't mean catching terrorists ten times faster.
Listening to wiretaps is only a small part of the work and Amdahl's law applies; moreover more data and better data analysis tools tend to improve quality, not to reduce effort (in this case, it becomes affordable to snoop on ten times as many people).
> they might be able to spend time on other activities, but not to infiltrate two organizations at once.
This kinda contradicts itself. Maybe the answer isn't 2x but like 1.3x or something. But that's all my point. That it makes it easier.
No one is saying that it's a linear or exponential relationship. I'm sure everyone here would expect the effectiveness to be sublinear.
The problem though is that the number of people being snooped on isn't 10x. Not even 1kx. More like 1e6x. With that much more snooping if we aren't getting terrorists 10x faster (which let's be real, that's poor gain), I don't know how this is even remotely justifiable (maybe a good argument could be made at 1000x catch rate, but that's leaving out moral questions).
If you're going to talk about Amdahl, let's talk about Pareto. We know that catch rate is going to have a logarithmic catch rate compared to energy spent. Most terrorists will be easy to catch. The last 0.001% will take a ton of resources to catch. This is a key part to Amdahl's. You don't just throw more and more resources at the problem. You don't gain at a certain point and are wasting resources. If we're spending all that money, time, and sacrificing all that freedom just to scrape the bottom of the barrel, then I'd argue that this isn't a good use of resources. That's the issue at hand here. Amdahl's Law is the issue. People don't care about targeted surveillance. People care about mass surveillance that doesn't meaningfully improve the catch rate. It's a waste of money and an over reach in control.
But again, if you can show me data to suggest that the catch rate is much better then I'm open to changing my mind. But I'm highly skeptical that this is the case, because it doesn't match the intuition of the above principles.
What about asking companies to voluntarily limit their encryption to bit depths that are crackable with huge resources, but to avoid anything stronger than that? Then you don't even need a backdoor.
This means government can't do it in bulk, and it would out of the reach of an ordinary individual, but it would still be possible.
They don't need backdoors for targeted spying - they can plant hardware bugs or hidden cameras to watch the target type in messages and passwords. So the only reason they'd want them is to use them on scales where targeted spying is infeasible.
How will people know it's not done in bulk? The only thing that the public sees is the client binary. A client binary with a backdoor looks the same whether the backdoor is used one time in a million or thousand times, or a million times. The companies might publish reports on how often they got asked to access the backdoor but they might be compelled to lie or even be hacked and not notice it, or they might even use the backdoor themselves to extract more revenue.
When surveillance is being rolled out, it's always just about a few single cases here and there. And then gradually, silently, the number increases.
The pretext of the meeting (and others like it) notwithstanding, it's not unfair to say that strong encryption renders communication to a state closer to the pre-digital era in terms of the amount of work required to perform individual surveillance. I think that was the point deogeo was making, and it seems like a sound one to me.
This is the line the Australian anti-encryption bill that past last year was trying to walk with its "no systemic backdoors" clause.
The idea/claim was that the bill only allowed targeted spying, and systemic/bulk spying, so it's okay. But that's really only only a small part of it.
They weren't able to spy in bulk when communication was primarily offline, and they won't when it's primarily encrypted.
Don't let them frame the brief, anomalous period when they could listen in on everyone, as 'normal'.