Attorney General Barr and Encryption - Schneier on Security by Bruce Schneier

With this change, we can finally have a sensible policy conversation. Yes, adding a backdoor increases our collective security because it allows law enforcement to eavesdrop on the bad guys. But adding that backdoor also decreases our collective security because the bad guys can eavesdrop on everyone. This is exactly the policy debate we should be having -- not the fake one about whether or not we can have both security and surveillance.

When I break it down, what I think the attorney general is saying to all of us law-abiding citizens, is "in the interest of finding the criminals among you we want the power to stop and frisk".

I do not trust these three-letter government agencies with this power.

I agree with Bruce:

As computers continue to permeate every aspect of our lives, society, and critical infrastructure, it is much more important to ensure that they are secure from everybody -- even at the cost of law enforcement access­ -- than it is to allow access at the cost of security. Barr is wrong, it kind of is like these systems are protecting nuclear launch codes.

Public-Interest Technology Resources by Bruce Schneier (Public-Interest Technology Resources)

As technology—especially computer, information, and Internet technology—permeates all aspects of our society, people who understand that technology need to be part of public-policy discussions. We need technologists who work in the public interest. We need public-interest technologists.

Defining this term is difficult. One Ford Foundation blog post described public-interest technologists as “technology practitioners who focus on social justice, the common good, and/or the public interest.” A group of academics in this field wrote that “public-interest technology refers to the study and application of technology expertise to advance the public interest/generate public benefits/promote the public good.”

I think of public-interest technologists as people who combine their technological expertise with a public-interest focus, either by working on tech policy, working on a tech project with a public benefit, or working as a more traditional technologist for an organization with a public-interest focus. Public-interest technology isn’t one thing; it’s many things. And not everyone likes the term. Maybe it’s not the most accurate term for what different people do, but it’s the best umbrella term that covers everyone.

Public-interest technologists are a diverse and interdisciplinary group of people. Their backgrounds are in technology, policy, or law. (This is important, you do not need a computer-science degree to be a public-interest technologist.) They work inside governments, at nongovernmental agencies, for independent research institutions, within for-profit corporations, and for the press. Some of them do this full time as a career. Others take short leaves of absence from their careers to pursue public-interest technology. Still others do this in their spare time, as an avocation.

This is a resources page for public-interest technologists with a public policy focus. As such, it excludes the many tech organizations that are building public-interest tools. (Yes, they’re important, but they’re not my focus here.) The lists on this page are not exhaustive, and I am not endorsing or recommending any particular program. This is meant to be a curated sample of the richness of this space, one which I intend to further develop over time. Please e-mail me with corrections, additions, and suggestions — especially if you are from one of the organizations I list and I mischaracterize you in some important way.

Why Are Cryptographers Being Denied Entry into the US? - Schneier on Security (Schneier on Security )

In March, Adi Shamir -- that's the "S" in RSA -- was denied a US visa to attend the RSA Conference. He's Israeli.

This month, British citizen Ross Anderson couldn't attend an awards ceremony in DC because of visa issues. (You can listen to his recorded acceptance speech.) I've heard of two other prominent cryptographers who are in the same boat. Is there some cryptographer blacklist? Is something else going on? A lot of us would like to know.

It certainly seems that way on the surface.