UK Government Using Manchester Attacks As An Excuse To Kill Encryption

It's no secret that there are those in the current UK government who are just itching to kill encryption. Earlier this year, Home Secretary Amber Rudd made some profoundly ill-informed comments about how encryption on the internet was "completely unacceptable" and saying that they needed to stop companies from providing end-to-end encryption. And, in the recently leaked Tory Manifesto, it was made clear that the current government sees breaking encryption as a priority:

In addition, we do not believe that there should be a safe space for terrorists to be able to communicate online and will work to prevent them from having this capability.

As has been explained time and time again, the only way you prevent bad guys from having encryption is by preventing everyone from having effective encryption... and that makes everyone significantly less safe. Seriously, the only way to do this is to put dangerous vulnerabilities into encryption that will certainly be hacked fairly quickly. This doesn't make people safer. It makes them less safe.

But, of course, like so many politicians these days (of all major parties) it appears that the Conservative Party in the UK can't let a good tragedy go to waste. The Independent is reporting that, because of the attack in Manchester this week, the party is ramping up its plans to outlaw encrypted communications:

Government officials appear to have briefed newspapers that they will put many of the most invasive parts of the relatively new Investigatory Powers Act into effect after the bombing at Manchester Arena.

The specific powers being discussed - named Technical Capability Orders - require big technology and internet companies to break their own security so that messages can be read by intelligence agencies.

Again, in case you're just joining us, requiring that internet companies "break their own security so that messages can be read by intelligence agencies" is the nice way of saying "kill real encryption." It means that these companies will be deliberately forced to leave vulnerabilities in encryption that will be a goldmine for hackers of all kinds, from foreign surveillance to online criminals.

And, so far, there is zero evidence that the Manchester attack had anything to do with encryption. And, even if it did, so what? If the UK forced companies to break encryption, people planning terrorist attacks would just switch to other encryption products that don't have corporate entities in the UK. Or they'd come up with other ways to communicate. It will do basically nothing to stop terrorist attacks, but will instead make it much, much easier for all sorts of people with nefarious intent to hack into the private communications of everyone.