Become a fan of Slashdot on Facebook


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Comment Re:We don't need "backdoors" (Score 1) 259

Put simply, there exist plenty of systems and techniques that don't depend on a third-party who could possibly grant access to secure communications. These systems aren't going to disappear. Why would terrorists or other criminals use a system that could be monitored by authorities when secure alternatives exist? Why would ordinary people?

That's a really easy answer -- terrorists use these simple platforms for the same reason normal people do: because they're easy to use. Obviously a lot of our techniques and capabilities have been laid bare, but people use things like WhatsApp, iMessage, and Telegram because they're easy. It's the same reason that ordinary people -- and terrorists -- don't use Ello instead of Facebook, or ProtonMail instead of Gmail. And when people switch to more complicated, non-turnkey encryption solutions -- no matter how "simple" the more savvy may think them -- they make mistakes that can render their communications security measures vulnerable to defeat.

I'm not saying that the vendors and cloud providers ALWAYS can provide assistance; but sometimes they can, given a particular target (device, email address, etc.), and they can do so in a way that comports with the rule of law in free society, doesn't require creating backdoors in encryption, and doesn't require "weakening" their products. And of course, it would be good if we were able to leverage certain things against legitimate foreign intelligence targets without the entire world knowing exactly what we are doing, so our enemies know exactly how to avoid it. Secrecy is required for the successful conduct of intelligence operations, even in free societies.

Comment Re:We don't need "backdoors" (Score 1) 259

Sure. One hypothetical example:

The communication has to be decrypted somewhere; the endpoint(s) can be exploited in various ways. That can be done now. US vendors could, in theory, be at least a partial aid in that process on a device-by-device basis, within clear and specific legal authorities, without doing anything like key escrow, wholesale weakening of encryption, or similar with regard to software or devices themselves.

The point is that when US adversaries use systems and services physically located in the US, designed and operated by US companies, there are many things that could be discussed depending on the precise system, service, software, or device. Pretending that there is absolutely nothing that can be done, and it's either unbreakable, universal encryption for all, or nothing, is a false choice.

To sit here and pretend that it's some kind of "people's victory" when a technical system renders itself effectively impenetrable to the legitimate legal, judicial, and intelligence processes of even democratic governments operating under the rule of law in free civil society is curious indeed.

Comment We don't need "backdoors" (Score 3, Informative) 259

And the NYT has a new and extensive story that absolutely "mentions" crypto.

We don't need "backdoors". What we need is a clear acknowledgment that what increasingly exists essentially amounts to a virtual fortress impenetrable by the legal mechanisms of free society, that many of those systems are developed and employed by US companies, and that US adversaries use those systems against the US and our allies, and for a discussion to start from that point.

The US has a clear and compelling interest in strong encryption, and especially in protecting US encryption systems used by our government, our citizens, and people around the world from defeat. But the assumption that the only alternatives are either universal strong encryption, or wholesale and deliberate weakening of encryption systems and/or "backdoors", is a false dichotomy.

Comment Re:Missing information... (Score 2) 393

If 40% of those university graduates are still overqualified by their mid-thirties, they've already been typecast by their experience in the 25-35 range.

That's certainly a problem with the data provided--it bundles together the fresh-out-of-school 25-year-olds with the decade-plus-in-the-workforce 34-year-olds. There's a lack of resolution. It could be that 40% of 25-year-olds and 40% of 34-year-olds are "overqualified". Or it could be that 60% in the 25-29 age group are overqualified, and just 20% of the 30-34 bracket.

Actually, that brings to mind another confounder to the interpretation of these data. As more young people get more years of formal education (3-year college diploma to 4- or 5-year bachelor's degree to 7-year bachelor-plus-master's degree) they enter the workforce later. A 25-year-old with a high school diploma might have been working for 7 years (and is also more likely to be working in a job for which they are not "overqualified" by their lower level of formal educational attainment). A 25-year-old with a master's degree might have graduated this summer and could still be job-hunting.

Comment Missing information... (Score 2) 393

... an increasing number of university graduates are overqualified for their jobs.... 40 per cent of university graduates aged 25-34 were overqualified for their job.... The problem is bigger than that, because those young workers spent money, time, and resources to get those qualifications.

It could be a problem, but we're missing some information. This is looking at people aged 25-34. A lot of them are taking crappy entry-level jobs. A lot of them don't have any significant work experience, and have trouble breaking into their preferred fields. A lot of them have student loans and other financial obligations, and just need to take a job - any job - to keep food on the table and a roof overhead. (That, in itself, is another kettle of problems that I'm not going to go into right now.)

An important question is, then, how many of them are still overqualified by the time they're into the 35-44 age bracket? Was the extra education actually "wasted", or did they eventually come out ahead because they didn't have to drop out of the workforce later on to go back to school to get the education they missed in their twenties? Did their extra "unnecessary" knowledge help them move up the ladder faster than they would have without it? (I'm not looking for anecdotes - of which I am sure there exist examples to suit any preferred narrative - but rather real data.)

And that leaves aside the rather more philosophical question of whether or not it's generally a Good Thing to have more university-educated individuals in it, even if they don't need those degrees specifically as job training. Are universities now only vocational schools, and only of value to society in that context? If I can't cash in my degree for a high-paying job, is it worthless?

Going the speed of light is bad for your age.