Sometimes Even Smart People Need to STFU & Listen

I listened to a http://debatesofthecentury.org/ debate on encryption tonight between CNN's Fareed Zakaria and Edward Snowden. Zakaria had the position that the US should mandate backdooring encryption to allow government access to communication and Snowden had the position that backdooring encryption makes everyone less secure. My feelings on this topic are clear if you read my blog already but I wanted to discuss some other issues brought up tonight.

For the record, I think Zakaria is a reasonably intelligent fellow and a good debater. I don't see him much on tv anymore as I haven't watched CNN in years. Sorry, I just can't take a "news" organization seriously that openly discusses blackholes as potential causes for MH-370 going missing. But let's cut to the chase. Sometimes even smart people need to shut up and listen. Zakaria came across as an imbecile to anyone with a conceptual understanding of how cryptography works. To make it more maddening he seemed to be quite proud of the fact that he couldn't tell the difference between software development and cryptography. He persisted in arguing from authority saying essentially that Bill Gates == Technologist and Bill Gates == Supporter of Backdoors so Backdoors == Good. QED.

Unfuckingbelievable. Yes, you read that right. Zakaria doesn't need to understand the math behind crypto because Bill Gates. An operating system developer turned business mogul is not the same thing as an expert in cryptography. They are very separate things. Should we also assume that the owner of Home Depot is an expert in building Swiss chalet's because he sells hammers? The clown show didn't end there though. Zakaria went on to ramble about how if you write encryption software that there is no reason why you can't simply "undo" someone's cipher text. I mean, why not, you implemented the cryptosystem right? It was probably at this point that my head exploded or I just suffered a minor stroke.

Sadly, in my altered mental state I could still hear Fareed talking and the hits just kept on coming. He talked about American banks and Swiss banks. In particular he argued that if the US passes laws mandating backdoors Americans will not simply use crypto from other countries. Why not, you ask? Because it's just like in banking where American laws didn't force all Americans to switch to Swiss banks, according to Fareed. The problem here seemed obvious to me but was certainly lost on the debater. 30 years ago banking was a much more in person sort of affair. Americans didn't start using Swiss banks in large numbers because of the inconvenience of locations separated by an ocean. On the Internet though that's no longer an issue. If I can get another, more secure product from another country I will be using it. Why? Because it's too damn easy not to. Is it just me? This isn't hard, right?

Zakaria also had an opinion on patching. Surprise. He thinks that if the FBI finds a vulnerability in a US product they shouldn't report it to the vendor. Why not? Because it shouldn't be their job to make Apple better, again according to him. To recap, this guy is arguing that security is of paramount importance to our nation and if one measly vuln can get the FBI access to one extra cell phone where there may or may not be evidence of something then certainly it is worth putting the security of 300,000,000 other Americans at risk. What doesn't make sense about that? Snowden pointed out that Obama had used a Blackberry that had a known vuln which would have allowed the Canadians access to it to point out the importance of responsibly reporting vulns to vendors. Zakaria responded with something along the lines of, "Colgate should not have to report a problem with toothpaste to the president either." Snowden smartly followed up immediately with a, "Should Colgate let the president know if the flaw was fatal?" Zakaria stipulated to that. Then Snowden with his best point of the night said that, (again paraphrasing) "Vulns are poison to computers on the Internet."

I thought Snowden was particularly effective in the Colgate argument as he showed a willingness to mix it up with the overmatched Zakaria. My one complaint with Snowden was that he was too civil during the debate. I thought he let a lot of bullshit go unchecked to try and keep it civil. I appreciate this but when you have a bull shitter spewing bullshit someone needs to call them out for it. And this is why this debate was both good and terrible. It's good to expose people to these discussions. But very bad to give someone viewed as smart and credible as Fareed Zakaria such a platform to spread such an ignorant opinion.