Encryption Quotes

[Bill] Binney designed ThinThread, an NSA program that used encryption to try to make mass surveillance less objectionable. It would still have been unlawful and unconstitutional.

Now, with a warrant, they can always go to the information service provider and attempt to get that information. But even then, they may not be able to because the party selling the encryption services may be a third party and may not even know who the parties are that are communicating.

It seems that 'national security' is the root password to the Constitution. As with any dishonest superuser, the best countermeasure is strong encryption.

So end-to-end encryption, keeps things encrypted and that means that law enforcement, without a warrant, cannot read that information.

Those who are experts in the fields of surveillance, privacy, and technology say that there need to be two tracks: a policy track and a technology track. The technology track is encryption. It works and if you want privacy, then you should use it.

We basically have only two real tried and true techniques that can help counter this. One of them is to make systems as simple as we can, and there are limits to that because we can only simplify things so much. The other is the use of encryption.

I believe that if you took privacy and you said, I'm willing to give up all of my privacy to be secure. So you weighted it as a zero. My own view is that encryption is a much better, much better world. And I'm not the only person that thinks that.

Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.

The new iPhone has encryption that protects the contents of the phone. This means if someone steals your phone - if a hacker or something images your phone - they can't read what's on the phone itself, they can't look at your pictures, they can't see the text messages you send, and so forth. But it does not stop law enforcement from tracking your movements via geolocation on the phone if they think you are involved in a kidnapping case, for example.

One of the things that I think is true is that encryption actually is able to secure our communications, that every individual can use encryption, and that it's accessible and in many cases free.

We have to solve the encryption problem. It is not easy.

Properly implemented strong crypto systems are one of the few things that you can rely on.

Without strong encryption, you will be spied on systematically by lots of people.

I'm a strong believer in strong encryption.

Everyone is a proponent of strong encryption.

Encryption...is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government... It's hard to think of a more powerful, less dangerous tool for liberty.

Let's put it this way. The United States government has assembled a massive investigation team into me personally, into my work with the journalists, and they still have no idea what documents were provided to the journalist, what they have, what they don't have, because encryption works.

The US government still has no idea what documents I have because encryption works

I think it's interesting because the 1990s ended with the government pretty much giving up. There was a recognition that encryption was important. In 2000, the government considerably loosened the export controls on encryption technology and really went about actively encouraging the use of encryption rather than discouraging it.

If we try to prohibit encryption or discourage it or make it more difficult to use, we're going to suffer the consequences that will be far reaching and very difficult to reverse, and we seem to have realized that in the wake of the September 11th attacks. To the extent there is any reason to be hopeful, perhaps that's where we'll end up here.

There are two types of encryption: one that will prevent your sister from reading your diary and one that will prevent your government.

If, technologically, it is possible to make an impenetrable device or system where the encryption is so strong that there's no key - there's no door at all - then how do we apprehend the child pornographer? How do we solve or disrupt a terrorist plot?

Companies made these decisions about encryption when they were finding it very difficult to sell their products overseas because the [Edward] Snowden disclosures created the impression that the U.S. government was inside this hardware and software produced by them. They needed to do something to deal with the perception.

It may be true that encryption makes certain investigations of crime more difficult. It can close down certain investigative techniques or make it harder to get access to certain kinds of electronic evidence. But it also prevents crime by making our computers, our infrastructure, our medical records, our financial records, more robust against criminals. It prevents crime.

The people working in my field also are quite skeptical of our ability to do this. It ultimately boils down to the problem of building complex systems that are reliable and that work, and that problem has long predated the problem of access to encryption keys.

Clipper took a relatively simple problem, encryption between two phones, and turned it into a much more complex problem, encryption between two phones but that can be decrypted by the government under certain conditions and, by making the problem that complicated, that made it very easy for subtle flaws to slip by unnoticed. I think it demonstrated that this problem is not just a tough public policy problem, but it's also a tough technical problem.

Sure, end-to-end encryption means that whether it's a phone call we're on or an email message we're sending or any form of electronic communication, that the content of that communication is encrypted from your device, such as your phone or PC, unto the other person's device at the other side, wherever they might be on the planet Earth.

Coalition [against ISIS] need the tools. And the tools involve encryption where we cannot hear what they're even planning. And when we see red flags, a father, a mother, a neighbor who says we have got a problem here, then we have to give law enforcement the ability to listen so they can disrupt these terrorist attacks before they occur.

[Eric]Goldman [a professor at Santa Clara University School of Law] says back in the 1990s, courts began to confront the question of whether software code is a form of speech. Goldman says the answer to that question came in a case called Bernstein v. U.S. Department of Justice. Student Daniel Bernstein who created an encryption software called Snuffle. He wanted to put it on the Internet. The government tried to prevent him, using a law meant to stop the export of firearms and munitions. Goldman says the student argued his code was a form of speech.

There is a concern that the Internet could be used to commit crimes and that advanced encryption could disguise such activity. However, we do not provide the government with phone jacks outside our homes for unlimited wiretaps. Why, then, should we grant government the Orwellian capability to listen at will and in real time to our communications across the Web?

When the September 11th attacks happened, only about a year later, the crypto community was holding its breath because here was a time when we just had an absolutely horrific terrorist attack on U.S. soil, and if the NSA and the FBI were unhappy with anything, Congress was ready to pass any law they wanted. The PATRIOT Act got pushed through very, very quickly with bipartisan support and very, very little debate, yet it didn't include anything about encryption.

There is a big problem. It's called encryption. And the people in San Bernardino were communicating with people who the FBI had been watching. But because their phone was encrypted, because the intelligence officials could not see who they were talking to, it was lost.

Without encryption, you and I wouldn't be able to do our banking online. We wouldn't be able to buy things online, because your credit cards - they've probably been ripped off anyway, but they would be ripped off left and right every day if there wasn't encryption.

On balance, the use of encryption, just like the use of good locks on doors, has the net effect of preventing a lot more crime than it might assist.

What encryption lets us do is say, "Yes, the Internet is insecure." Bad guys are able to compromise computers everywhere, but we're able to tolerate that because if they do intercept our messages, they can't do any harm with it.

A company can spend hundreds of thousands of dollars on firewalls, intrusion detection systems and encryption and other security technologies, but if an attacker can call one trusted person within the company, and that person complies, and if the attacker gets in, then all that money spent on technology is essentially wasted.

Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit card information from someone living in a cardboard box to someone living on a park bench.

The reality is that if you - let's say you just pulled encryption. Let's ban it. Let's you and I ban it tomorrow. And so we sit in Congress and we say, thou shalt not have encryption. What happens then? Well, I would argue that the bad guys will use encryption from non-American companies, because they're pretty smart.

We need to think about encryption not as this sort of arcane, black art. It's a basic protection.

My favorite method of encryption is chunking revolutionary documents inside a mess of JPEG or MP3 code and emailing it off as an "image" or a "song." But besides functionality, code also possesses literary value. If we frame that code and read it through the lens of literary criticism, we will find that the past hundred years of modernist and postmodernist writing have demonstrated the artistic value of similar seemingly arbitrary arrangements of letters.

As far as Paris goes, we don't know for sure yet how these guys communicate among themselves and how they communicated back to the ISIS leadership in Iraq and Syria, but I'm fairly confident we're going to learn they used these encrypted communication applications that have commercial encryption and are extremely difficult for companies to break - and which the companies have made the decision not to produce a key for.

I don't own encryption, Apple doesn't own encryption. Encryption, as you know, is everywhere. In fact some of encryption is funded by our government.

The new iPhone encryption does not stop them from accessing copies of your pictures or whatever that are uploaded to, for example, Apple's cloud service, which are still legally accessible because those are not encrypted. It only protects what's physically on the phone.

The digital age is for me in many ways about temporal wounding. It's really messed up our ontological clocks. In the digital economy, everything is archived, catalogued, readily available, and yet nothing really endures. The links are digital encryptions that can and won't be located. That will have to be reassembled over time. It won't be exactly what it was. There will be some slightly altered version. So the book is both an immaterial and material artifact.

The government can now delve into personal and private records of individuals even if they cannot be directly connected to a terrorist or foreign government. Bank records, e-mails, library records, even the track of discount cards at grocery stores can be obtained on individuals without establishing any connection to a terrorist before a judge. According to the Los Angeles Times, Al Qaeda uses sophisticated encryption devices freely available on the Internet that cannot be cracked. So the terrorists are safe from cyber-snooping, but we're not.

They're implementing what was the strategy of Al Qaeda, which was to have attacks of different levels simultaneously. ... So the idea is, on the one hand you have these spectacular attacks that take months to plan, and others like Reda Hame, a French national, who went to Syria and was there for about a week, given a couple of days of target practice and one day of encryption training, sent back and arrested almost immediately.

If you go to a coffee shop or at the airport, and you're using open wireless, I would use a VPN service that you could subscribe for 10 bucks a month. Everything is encrypted in an encryption tunnel, so a hacker cannot tamper with your connection.

So, in 1993, in what was probably the first salvo of the first Crypto War, there was concern coming from the National Security Agency and the FBI that encryption would soon be incorporated into lots of communications devices, and that that would cause wiretaps to go dark. There was not that much commercial use of encryption at that point. Encryption, particularly for communications traffic, was mostly something done by the government.

There are programs such as the NSA paying RSA $10 million to use an insecure encryption standard by default in their products. That's making us more vulnerable not just to the snooping of our domestic agencies, but also foreign agencies.

The concern is over what will happen as strong encryption becomes commonplace with all digital communications and stored data. Right now the use of encryption isn't all that widespread, but that state of affairs is expected to change rapidly.