Hello Internet. We need to talk about locks The physical and the digital. In the physical world, locks aren't as good as you think they are. The lock on your door stops worries, not burglars, As two minutes of searching will reveal. Spend more, get more; but all fail with tools and time enough. That physical locks are bad at locking mostly doesn't matter in normal life, Because burglars are constrained by the physical world. A burglar must cruise the neighborhood, spending their time to pick a target, Which makes a house that looks secure most of the way toward being secure. Each target house can then only be attacked one at a time, And comes with a risk of being physically caught in the act. But digital is different. The constraints of the physical no longer apply. On the Internet, a digital lock must protect you from, not just the neighborhood burglar, But all burglars everywhere. For, on the Internet, there's no such thing as distance. Internet burglars don't crack digital locks personally, they build burglar bots That try millions of combinations just to see what opens. One lock down the street or a country-full on the other side of the world — it's all the same. Actually, other side of the world is better — a dude in East-whatever-landia stealing your identity Has a near-zero chance of getting caught. This is bad news, but thanks to mathematics, digital locks can be made unbreakable. This is encryption — a digital lock that, without the password, cannot be opened. Burglar bots will plough through all the possibilities, but a secure password Will take longer than the heat death of the Universe to guess. No password, no entry. No matter how much of a l33t hacker your mom is Your private files stay private. Which might just be the greatest social good mathematics has done mankind. But it's easy to imagine unbreakable digital locks as bad news. Maximum lazy: ticking time bomb, the location and off-code of which Are locked on the phone of a dead man. Now, were the information on a piece of paper in a safe room, no problem: In the physical world, if you can't crack the lock, then you crack the wall. Society agrees, under this scenario, it's reasonable for police to get in, no matter what it takes. Note: this means real-world locks aren't just physically weak, but also legally weak. We could live in a world with privacy laws that forbade police to break into all locks, no matter how flimsy, but we don't, because that would be dumb. Hmmm... This is where gears turn in government heads. If digital locks are physically invulnerable, maybe they can be made legally vulnerable: To require digital locks be built with a keyhole for which police have the key. Highly secure, top secret, for emergencies only, surely. This legal vulnerability to ban citizens from owning perfect digital locks, To require companies manufacture their devices with keyholes, is an idea That many, many governments are interested in. And governments point out that a warrant which lets police into your house and into your papers Should let police into your phone. If your home is your castle, but the need, pressing enough, the police bring a battering ram. But there's no battering ram to crack open a well-locked phone to comply with a warrant. Not helpfully, anyway. Which is a problem: again, we all ideally want police to crack digital locks sometimes. But at our current level on the tech tree, digital locks that cannot be opened are a thing that exists. And because they are made of math, something a skilled coder can build at home, Trying to ban digital locks for everyone is pretty close to trying to ban an idea. Good luck with that. But even were it possible to successfully ban perfect digital locks in a country, remember: On the Internet, there is no such thing as distance. Even if your government is a Xanadu bureaucracy of the Seraphim Incorruptible, There are demons elsewhere. Unbreakable digital locks are the foundation upon which computing and Internet-ing is built. Banking, buying, blogging, vlogging, gaming, tweeting, beating, meeting — All of this is possible because of unbreakable digital locks. They've existed since computers filled rooms, but now, with computers in our pockets, We rely on those locks to protect the content of our lives — the content of our minds. Forced weakness, even with the best of intentions, places everyone in danger. The nature of a keyhole is to be cracked, And the nature of the Internet is to bring demons to the door. No matter how much we might wish it, there is no way to build a digital lock That only angels can open and demons cannot. Anyone saying otherwise is either ignorant of the mathematics, Or less of an angel than they appear. This video has been brought to you in part by Audible.com, where there's more than 180,000 audio books and spoken audio products. Get a free trial today at Audible.com/grey. This time, I'm going to recommend Daemon by Daniel Suarez. I never like to say anything about fictional books, I don't like spoilers, but if you've made it to the end of a video about encryption, this one's for you. Why don't you give it a try as part of your free 30-day trial at Audible.com/grey? And show Audible that you support this channel.
Anyone else see the footnote?
Knock knock. It's the United States.
"Open the lock" they said.
"Stop having it be closed."
One of the scariest aspects of this is that a computer does not forget. The human mind can only hold so much information, but having a device to re-learn or gather that information has so many implications both good and bad, and whether anyone likes or it not, they are here to stay.
One example is recently this case where 4 men got cleared of rape. They have not been protected, this will haunt them until they die. If somebody googles their names, they will forever be tied to this article, which can never be erased.
Imagine if somebody got access to all of the data on your phone/computer. For example going back to Snowden or Panama Papers leak and the consequences once all that information is published. Remember the iCloud hacks? Yeah, those photos are not being deleted any time soon.
It's scary stuff when the world's information is so loosely protected and a leak can spell disaster for so many people at any given time. All I can say is if there was another world war again there would be so much documentation I'm just glad the infrastructure didn't exist 77 years ago....The pictures/videos/data we'd have would be horrifying....
I really appreciate how nuanced and level-headed CGP Grey is. The argument he makes for encryption is so much more persuasive because of it.
PSA: for the unaware, most passwords aren't secure. If you want to be as safe as possible, you need a long, random passphrase. Here are a few article from The Intercept about how to protect your computer, your phone and yourself in general.
Obviously, how secure you want to make your passcode is up to you. As a victim of an illegal search of my computer that cost me a $250 bribe on the Ukrainian border in 2011, my computer and phone are encrypted with secure passcodes and sensitive computer files are kept on an encrypted disk file. Once I memorized the passcodes, it is as easy as before to open my computer or phone. I've just accepted that an extra 1-2 seconds to type in my code is worth my privacy.
I think Grey made a short stab at the FBI with the last two sentences.
For anyone interested, here's how Grey made the iPhone image https://www.youtube.com/watch?v=255KRAle5ZU
One thing he should have emphasized is that it is perfectly possible to break one particular lock in the physical world, using explosives, drills etc. because each lock is a separate entity, and any instruments you apply on it only affects one particular entity. It is not feasible to take that drill and crack open all safes in the country. So that drill is not a master key.
But with encryption, there is no way to ensure that just one particular lock gets cracked. This is because the instrument which was used for cracking it can easily be copied and transferred to millions of other phones. So, if you have the tool for opening up one phone, you have a tool for opening them all. It is a master key. It is impossible for it to not be a master key. Do you trust the FBI to ensure that it stays hidden? All it takes is for one employee to give into corruption. Suddenly, freelance hackers and/or Russian and Chinese cyberwar divisions have that tool. And what would stop the FBI themselves from using this tool again, and again?
He does mention a few aspects of this, but I wish he'd have gone into greater detail, because this is the lynchpin of the entire FBI-Apple debate.