Milestones in the history of encryption and combat
Encryption is a topic around which passions are constantly seething in recent years. Manufacturers of devices and programs embed protection systems into their products. These systems, on the one hand, help ordinary people and organizations, on the other - they are also used by violators of the law. The latter leads to security concerns, which, ideally, would like them to have the keys to all encrypted data. Before you - a story about ten events from the history of encryption and struggle with it.
In 1789, the United States passed the Law on All Claims and Court Orders (All Writs Act). He gave the courts wide powers to issue regulations on virtually any matter. It was on this law that a California court relied, demanding that Apple create a program that would help the FBI hack the Iphone 5C, which belonged to Syed Farouk, one of the San Bernardino terrorists. The main question here is whether the law, adopted two hundred years ago, allows the court to oblige the company to create something that does not yet exist to assist in the investigation.
In 1993, the US government offered to embed the Clipper chip in phones, which would help law enforcement agencies to listen to encrypted calls by court order. The microcircuit was something like a key, which only the special services could use, but all this outraged supporters of civil liberties. They argued that such an "improvement" would reduce the attractiveness of devices manufactured in the United States and violate consumer rights to privacy. As a result, this idea, not having had time to get into mass production, became outdated, not keeping up with the development of digital technologies.
')
In 1994, the United States passed the Law on Assistance and Assistance to Telecommunication Service Providers to Law Enforcement Agencies (CALEA). He obliged telephone companies to assist the secret services in wiretapping. In 2005, the law was expanded; its action extended to Internet traffic, obliging Internet service providers to help law enforcement authorities intercept user traffic. Both types of surveillance require a court order. In the conflict between Apple and the FBI, about which we have already spoken, this law was not applied, as it does not apply to data stored in smartphones.
In 1996, SSL 3.0 was released. This software has created today's data protection system for transmission over the Internet. But not all data that travels over the Internet is encrypted. Work on correcting this situation has been going on for many years and brings certain results. For example, according to the forecasts of the Canadian network company Sandvine, more than 70% of the global Internet traffic will be encrypted by the end of 2016.
In 2001, the US enacted the law “On Consolidating and Strengthening America by Providing the Necessary Means to Prevent and Prevent Terrorism” (USA PATRIOT Act). He appeared after the terrorist attack on September 11, 2001. The law extremely expands the powers of the special services. Of particular note is that the encryption debate paved the way for the creation of a Federal Foreign Intelligence Surveillance Court (FISC), which, working in closed session, can issue warrants for investigative actions.
In 2009, an attack took place on Internet companies coming from China, known as Operation Aurora. In particular, Google was attacked, Gmail-accounts of human rights activists were hit. In general, the incident affected more than 20 companies. This led to the beginning of a sharp cooling of relations between Google and China. The search giant stopped censoring search results in China and moved its offices from mainland China to Hong Kong. Now Google services in China are very limited.
In 2010, Research in Motion allowed the Saudi government to gain access to BlackBerry user data. The agreement led to the threat of blocking BlackBerry services in the country. A similar situation is typical for other countries where RIM was given the choice of not doing business, or meeting the special services. As a result of all these events, the reputation of RIM, as the creator of devices and services that provide reliable data protection, has been spoiled.
In 2013, a former employee of the NSA contracting company, Edward Snowden, showed the extent of US surveillance of other countries and of their own citizens. The center of the exposure was the cooperation with the secret services of the seven largest technology companies. They provided the NSA with data that the agency investigated using the PRISM complex. The New York Times called these companies: Google, Microsoft, Yahoo, Facebook, Apple, AOL and PalTalk, saying that they confirmed the fulfillment of requests for receiving user data on FISA orders. All this has led to efforts to limit the access of companies to user data. In particular, Apple has gone in this direction.
The year 2014 is marked by the growth of messaging applications with end-to-end encryption. Among them are Signal, Telegram, WhatsApp, Line, Cyber ​​Dust and Apple iMessaging. All of these programs provide the ability to exchange messages that are encrypted and decrypted only on users' devices. As a result, no one but these users can freely read their messages. Without the use of end-to-end encryption technology, unprotected messages are delivered to the servers of the service providers. This means that companies like Facebook can view user messages and transmit them to special services.
In 2014, Apple and Google announced that data encryption on phones would be enabled by default. In fact, we are talking about the fact that thanks to this approach, outsiders will not have access to what is stored on the smartphone. Later, Google made amendments to this statement, saying that the decision to enable encryption will be made by manufacturers of Android devices.
The fight for encryption goes on today, and is unlikely to ever stop. It is difficult to say who exactly will be the winner - those who want to hide information, or those who seek to find out what is hidden. One can only hope that the general attention that has been attracted to the issues of information protection in recent years will play a role in the choice of the correct way for the encryption industry.
Dear readers! How do you feel about data encryption? Encrypted? ;)
1789. All Writs Act
In 1789, the United States passed the Law on All Claims and Court Orders (All Writs Act). He gave the courts wide powers to issue regulations on virtually any matter. It was on this law that a California court relied, demanding that Apple create a program that would help the FBI hack the Iphone 5C, which belonged to Syed Farouk, one of the San Bernardino terrorists. The main question here is whether the law, adopted two hundred years ago, allows the court to oblige the company to create something that does not yet exist to assist in the investigation.
1993. Clipper chip
In 1993, the US government offered to embed the Clipper chip in phones, which would help law enforcement agencies to listen to encrypted calls by court order. The microcircuit was something like a key, which only the special services could use, but all this outraged supporters of civil liberties. They argued that such an "improvement" would reduce the attractiveness of devices manufactured in the United States and violate consumer rights to privacy. As a result, this idea, not having had time to get into mass production, became outdated, not keeping up with the development of digital technologies.
')
1994. CALEA
In 1994, the United States passed the Law on Assistance and Assistance to Telecommunication Service Providers to Law Enforcement Agencies (CALEA). He obliged telephone companies to assist the secret services in wiretapping. In 2005, the law was expanded; its action extended to Internet traffic, obliging Internet service providers to help law enforcement authorities intercept user traffic. Both types of surveillance require a court order. In the conflict between Apple and the FBI, about which we have already spoken, this law was not applied, as it does not apply to data stored in smartphones.
1996. SSL 3.0
In 1996, SSL 3.0 was released. This software has created today's data protection system for transmission over the Internet. But not all data that travels over the Internet is encrypted. Work on correcting this situation has been going on for many years and brings certain results. For example, according to the forecasts of the Canadian network company Sandvine, more than 70% of the global Internet traffic will be encrypted by the end of 2016.
2001. USA PATRIOT Act
In 2001, the US enacted the law “On Consolidating and Strengthening America by Providing the Necessary Means to Prevent and Prevent Terrorism” (USA PATRIOT Act). He appeared after the terrorist attack on September 11, 2001. The law extremely expands the powers of the special services. Of particular note is that the encryption debate paved the way for the creation of a Federal Foreign Intelligence Surveillance Court (FISC), which, working in closed session, can issue warrants for investigative actions.
2009. Operation Aurora
In 2009, an attack took place on Internet companies coming from China, known as Operation Aurora. In particular, Google was attacked, Gmail-accounts of human rights activists were hit. In general, the incident affected more than 20 companies. This led to the beginning of a sharp cooling of relations between Google and China. The search giant stopped censoring search results in China and moved its offices from mainland China to Hong Kong. Now Google services in China are very limited.
2010. BlackBerry in Saudi Arabia
In 2010, Research in Motion allowed the Saudi government to gain access to BlackBerry user data. The agreement led to the threat of blocking BlackBerry services in the country. A similar situation is typical for other countries where RIM was given the choice of not doing business, or meeting the special services. As a result of all these events, the reputation of RIM, as the creator of devices and services that provide reliable data protection, has been spoiled.
2013. Exposing Snowden
In 2013, a former employee of the NSA contracting company, Edward Snowden, showed the extent of US surveillance of other countries and of their own citizens. The center of the exposure was the cooperation with the secret services of the seven largest technology companies. They provided the NSA with data that the agency investigated using the PRISM complex. The New York Times called these companies: Google, Microsoft, Yahoo, Facebook, Apple, AOL and PalTalk, saying that they confirmed the fulfillment of requests for receiving user data on FISA orders. All this has led to efforts to limit the access of companies to user data. In particular, Apple has gone in this direction.
2014. Encrypted Messaging Applications
The year 2014 is marked by the growth of messaging applications with end-to-end encryption. Among them are Signal, Telegram, WhatsApp, Line, Cyber ​​Dust and Apple iMessaging. All of these programs provide the ability to exchange messages that are encrypted and decrypted only on users' devices. As a result, no one but these users can freely read their messages. Without the use of end-to-end encryption technology, unprotected messages are delivered to the servers of the service providers. This means that companies like Facebook can view user messages and transmit them to special services.
2014. Default data encryption
In 2014, Apple and Google announced that data encryption on phones would be enabled by default. In fact, we are talking about the fact that thanks to this approach, outsiders will not have access to what is stored on the smartphone. Later, Google made amendments to this statement, saying that the decision to enable encryption will be made by manufacturers of Android devices.
Results
The fight for encryption goes on today, and is unlikely to ever stop. It is difficult to say who exactly will be the winner - those who want to hide information, or those who seek to find out what is hidden. One can only hope that the general attention that has been attracted to the issues of information protection in recent years will play a role in the choice of the correct way for the encryption industry.
Dear readers! How do you feel about data encryption? Encrypted? ;)
Source: https://habr.com/ru/post/331496/
All Articles