Politicians are commonly technologically ignorant. This is not news. In the few times I’ve seen politicians give speeches about IT security at conferences, my common reaction has been “wow, these people were elected, and have actual power!”
So today should come as no surprise, as two US congress members propose legislation that implicitly requires encryption back doors. Nowhere in the draft bill does it say that vendors have to create back doors, but that’s clearly what the bill is about:
Thankfully, it sounds like this turd won’t survive a senate hearing or a presidential veto, but you never know. If such a thing were to pass, then:
- There would be zero impact on security, since strong crypto is widely available in the world and in any case terrorists are often too dumb to use it.
- There would be massive adverse consequences for US tech companies, which will either be forced to relocate to safer harbours (Canada is nice!) or lose all sorts of non-US market.
I suppose the tactical question is: “how do we block stupid legislation like this?”
The bigger question is “how do we recruit politicians who are not idiots?” That’s a much harder question – politics is nasty, and smart people know well enough to avoid it.