Alec Stratton EncryptAuto Neg
advertisement
Alec Stratton SCFI 2013 Negative Case Value: Morality Value Criterion: Autonomy Autonomy is necessary for morality, autonomy gives us the power to self determine morals Daniel Callahan, Senior Research Scholar and President Emeritus of the Center, Senior Lecturer at the Harvard Medical School and is now a Senior Scholar at Yale. He received his B.A. from Yale and a Ph.D in philosophy from Harvard. 10/1986, A Moral Good, Not a Moral Obsession, The Hastings Center, Vol. 14, No. 5, Autonomy, Paternalism, and Community, Date Accessed- 7/21/2013 A major attraction of the concept of autonomy is that it helps to establish moral independence. Not only does it entail that, as an individual, I am to be treated by others as a moral end rather than a moral means, it also requires that they allow me to pursue my own moral goods. Autonomy can thus be understood as the basis for moral enfranchisement, establishing my standing as an equal in the community and my liberty to pursue my own ends. In the context of medicine, it is a value that has served to establish the rights of patients over physicians, and the right to be spared the paternalistic interventions of those who think they understand my welfare better than I do. The purpose of autonomy is to make me my own moral master. But if autonomy may serve me in some fundamental ways, what would it be like to live in a community for which autonomy was the central value? What kind of a medical practice might emerge with patient autonomy as the sole goal? Let me try to answer that question by first reviewing some of the benefits of giving moral priority to autonomy. Among them are a recognition of the rights of individuals and of their personal dignity; the erection of a powerful bulwark against moral and political despotism; a becoming humility about the sources or certainty of moral claims and demands; and a foundation for the protection of unpopular people and causes against majoritarian domination. Those are powerful benefits, to be meddled with only at our peril. Nonetheless, I believe that if autonomy is made the moral goal of a society, or of medical care within that society, then we are equally at peril in our common life together. Analysis: So what? Removing autonomy makes moral action by US citizens impossible. Autonomy is valuable because it allows moral actions to take place. By removing autonomy from United States citizens, the United States essentially eliminates all possibly of moral action taken in the united states. This is inherently immoral, because the action of removing autonomy destroys the possibility of countless other moral actions. Alec Stratton SCFI 2013 Contention 1: Lack of Privacy Impacts Autonomy In a world with spying we damage autonomy. Ron Watson, Department of Political Science, Washington University., “The Ethics of Domestic Government Spying” March 2013¶ http://rewatson.wustl.edu/The%20Ethics%20of%20Domestic%20Government%20Spying.pdf So widespread intuitions support the principle of just cause for Domestic Government Spying. Let us turn to the¶ consequentialist case for just cause. The sophisticated consequentialist, I suggested in the¶ introduction, would endorse a simple set of principles for DGS. But which principles would¶ she endorse? She obviously could not endorse a principle permitting all DGS, since the con-¶ sequences would be dire. If government agents were always at liberty to spy, people could¶ not develop stable expectations about where, when, and by whom they are being observed¶ without expending considerable resources on countermeasures, nor could they conceal their¶ personal information. People's enjoyment of goods requiring even a modicum of privacy¶ would rapidly diminish. People's autonomy would be gravely threatened, since the pressures¶ to conform to social norms would be virtually unchecked. The liberal democratic culture of¶ free thought, free speech, and free action would be stifled.¶ Further, the benefits of such a permissive policy would be minimal. Some grave harms¶ might be prevented. But permitting all spying is more likely to lead to ineffective and even¶ harmful spying. Spying for political gain and to protect bureaucratic turfs, for example,¶ would likely be rampant. Privacy is needed in order to retain autonomy DANIEL J. SOLOVE, 2002, Assistant Professor, Seton Hall Law School, DIGITAL DOSSIERS AND THE DISSIPATION OF FOURTH AMENDMENT PRIVACY, http://www-bcf.usc.edu/~usclrev/pdf/075502.pdf government information-gathering can severely constrain democracy and individual selfdetermination. Paul Schwartz illustrates this with his theory of “constitutive privacy.”99 According to Schwartz, privacy is essential to both individuals and communities: “[C]onstitutive privacy seeks to create boundaries about personal information to help the individual and define terms of life within the community.”100 As a form of regulation of information flow, privacy shapes “the extent to which certain actions or expressions of identity are encouraged or discouraged.”101 Schwartz contends that extensive government oversight over an individual’s activities can “corrupt individual decision making about the elements of one’s identity.” Further, inadequate protection of privacy threatens deliberative democracy by inhibiting people from engaging in democratic activities. This can occur unintentionally; even if government entities are not attempting to engage in social control, their activities can have collateral effects that harm democracy and self-determination. Invasions of privacy causes loss of autonomy, human dignity Ron Watson, Department of Political Science, Washington University., “The Ethics of Domestic Government Spying” March 2013¶ http://rewatson.wustl.edu/The%20Ethics%20of%20Domestic%20Government%20Spying.pdf This line of argument is supported by a further set of responses that people might have¶ to learn how their government regulates domestic spying. When principles unfairly or¶ unequally target certain groups, they can demean, humiliate, and disrespect members of¶ those groups when they become public. Principles can also have these effects if they signal¶ to people their chosen pursuits are unworthy, shameful, or depraved. People's self-respect¶ often depends on the existence of spaces for action free from Alec Stratton SCFI 2013 government intrusion. Further,¶ when citizens worry that they are under covert observation by their government, there are a¶ range of activities that can become less enjoyable because they are less private. Finally, when¶ citizens suspect that the government spies on them, they may lose trust in their government¶ and its institutions Contention 2: Digital Surveillance doesn’t stop terrorists The US surveillance progams aren’t effective at stopping terrorists-they can’t gain access to their covert communications. Bershidsky, Leonid. Staff Editor. Jun 23, 2013. U.S. Surveillance Is Not Aimed at Terrorists. http://www.bloomberg.com/news/2013-06-23/u-s-surveillance-is-not-aimed-at-terrorists.html. Accessed 7/16/2013. “People who radicalise under the influence of jihadist websites often go through a number of stages,” the Dutch report said. “Their virtual activities increasingly shift to the invisible Web, their security awareness increases and their activities become more conspiratorial.” ¶ Radicals who initially stand out on the “surface” Web quickly meet people, online or offline, who drag them deeper into the Web underground. “For many, finally finding the jihadist core forums feels like a warm bath after their virtual wanderings,” the report said. ¶ When information filters to the surface Web from the core forums, it’s often by accident. Organizations such as al-Qaeda use the forums to distribute propaganda videos, which careless participants or their friends might post on social networks or YouTube. ¶ Communication on the core forums is often encrypted. In 2012, a French court found nuclear physicist Adlene Hicheur guilty of, among other things, conspiring to commit an act of terror for distributing and using software called Asrar al-Mujahideen, or Mujahideen Secrets. The program employed various cutting-edge encryption methods, including variable stealth ciphers and RSA 2,048-bit keys. ¶ The NSA’s Prism, according to a classified PowerPoint presentation published by the Guardian, provides access to the systems of Microsoft Corp. (and therefore Skype), Facebook Inc., Google, Apple Inc. and other U.S. Internet giants. Either these companies have provided “master keys” to decrypt their traffic - - which they deny -- or the NSA complete access to these servers brings U.S. authorities no closer to the core forums. These must be infiltrated by more traditional intelligence means, such as using agents posing as jihadists or by informants within terrorist organizations. ¶ Similarly, monitoring phone calls is hardly the way to catch terrorists. They’re generally not dumb enough to use Verizon. Granted, Russia’s special services managed to kill Chechen separatist leader Dzhokhar Dudayev with a missile that homed in on his satellite-phone signal. That was in 1996. Modern-day terrorists are generally more aware of the available technology. ¶ At best, the recent revelations concerning Prism and has somehow found other means. Even telephone surveillance might deter potential recruits to terrorist causes from using the most visible parts of the Internet. Beyond that, the government’s efforts are much more dangerous to civil liberties than they are to al-Qaeda and other organizations like it. Encrypted communications are practically impossible to crack Ou, Geore. 2006 (Network engineer. “Is encryption really crackable?”. 30 Apr. Accessed 17 July 13. http://www.zdnet.com/blog/ou/is-encryption-really-crackable/204) The problem is compounded by the fact that much of the misinformation out there actually sounds somewhat believable and many people just don't know what to believe. So to settle this once and for all, let's look at the facts. One of the things that make these myths plausible is the fact that "128-bit" WEP encryption used in 802.11 Wireless LANs is so pathetically weak. The inside scoop is that WEP was designed during the late 90s during a time when USA export laws were extremely tight. Fearing 802.11 devices would be banned by US export laws, good encryption algorithms were deliberately passed up by the 802.11 group in favor of a weaker one. The WEP algorithm was fundamentally flawed and the Alec Stratton SCFI 2013 802.11 standards body knew full well that it wasn't a strong encryption algorithm when they selected it. However, WEP's glaring weaknesses are not characteristic of any properly implemented symmetric encryption algorithms used in SSL or VPN implementations. To give you an idea of how good something like DES is, DES is 30 years old and no one has found any weakness or shortcut for cracking it yet though it can be brute forced. Brute force techniques are considered impractical because modern encryption algorithms are 128 to 256 bits long.¶ Further propelling the myth that encryption is worthless is that I often hear people saying that they heard that a 512 bit RSA key was broken. The truth of the matter is that 512 bit (and recently even 660 bit) RSA keys have been broken by the University of Bonn in Germany but that is has absolutely nothing to do with the type of encryption that's used for ordinary bulk encryption. Furthermore, RSA's inventors were well aware of the fact that it takes a much larger key to be secure which is why typical implementations are at a minimum 768 bits and can easily go up to 2048 bits and beyond. To give you an idea what it takes to break an RSA 1620 bit key, you would need a computer with 120 Terabytes of memory before you can even think about attempting it and the memory requirement virtually rules out massively distributed cracking methods. Some may ask why use RSA keys when it's many orders of magnitude slower and requires so many more bits to be secure, the reason is that RSA encryption has the special property of being able to do secure key exchanges in plain sight of an adversary who is trying to break in but still remain safe. For this reason, RSA keys are strictly used for the initial phases of a secure communication session for the purpose of Authentication (where one entity proves who they are) and for secure key exchanges (used for bulk symmetric encryption). Once the initial transaction is complete, the key that was exchanged during the initial RSA phase can now be used for SSL or VPN bulk encryption with algorithms like RC5, 3DES, or AES.¶ The last big factor in encryption myths and bit size inflation is salesmen and marketers because bigger numbers always sound nicer. I've had salesmen come in to my office and try to tell me that RSA or AES encryption was worthless and that I should be using their product which uses some kind of 1000 bit wonder-crypto solution. All it takes is one company to try and out do their competitors and pitch their products using 4096-bit RSA and the next company will come along and pitch 16384-bit RSA keys in their product. Many IT consultants will shy away from quoting smaller bit sizes because they're afraid to be out done by their competitors. ¶ Ah, but what about the dreaded massively distributed cracking brute force method for attacking something like 128 bit RC5 encryption? There are massive zombie farms of infected computers throughout the world and some may have gotten as big as 1 million infected computers. What if that entire army was unleashed upon the commonly used 128 bit RC5 encryption? Surprisingly, the answer is not much. For the sake of argument, let's say we unleash 4.3 billion computers for the purpose of distributed cracking. This means that it would be 4.3 billion or 2 to the 32 times faster than a single computer. This means we could simply take 2 to the 128 combinations for 128-bit encryption and divide it by 2 to the 32 which means that 2 to the 96 bits are left. With 96 bits left, it's still 4.3 billion times stronger than 64 bit encryption. 64 bit encryption happens to be the world record for the biggest RC5 bit key cracked in 2002 which took nearly 5 years to achieve for a massive distributed attack. ¶ Now that we know that the distributed attacks will only shave off a few bits, what about Moore's law which historically meant that computers roughly doubled in speed every 18 months? That means in 48 years we can shave another 32 bits off the encryption armor which means 5 trillion future computers might get lucky in 5 years to find the key for RC5 128-bit encryption. But with 256-bit AES encryption, that moves the date out another 192 years before computers are predicted to be fast enough to even attempt a massively distributed attack. To give you an idea how big 256 bits is, it's roughly equal to the number of atoms in the universe!¶ Once some of these basic facts on encryption become clear, "is encryption crackable" isn't the right question because the real question is "when can it be cracked and will it matter then". This is just like Bank safes which are rated by the time it takes an attacker to crack it open and never sold as "uncrackable". Encryption strength and the number of bits used are selected based on how many decades the data needs to be kept safe. For a secure ECommerce transaction, the data being transmitted is moot after a few decades which is why 128-bit encryption is perfectly suitable since it's considered unbreakable for the next few decades. For top secret classified data that needs to remain secret for the next 100 years, the Government uses NIST certified 256-bit AES encryption. So the next time someone tells you that encryption is crackable, ask him if he'll be around on this earth to see it demonstrated. Alec Stratton Analysis: SCFI 2013 Because of the fact that violations of privacy make moral action by those observed impossible, prioritizing national security over privacy directly links into destroying all semblance or moral action in the entirety of the United States.
