Why being too “tough on crime” is a bad idea.
On the need to reform the NSA.
Any solution we devise will make the NSA less efficient at its eavesdropping job. That’s a trade-off we should be willing to make, just as we accept reduced police efficiency caused by requiring warrants for searches and warning suspects that they have the right to an attorney before answering police questions. We do this because we realize that a too-powerful police force is itself a danger, and we need to balance our need for public safety with our aversion of a police state…. The same reasoning needs to apply to the NSA.
In other words, we need the NSA on a shorter leash. I’ll add that we need to hold accountable those who lied to the Congress and the public regarding what the NSA has been doing.
And on the security of hardware, and possibility (Note: conjecture at this point) that the NSA or other government agency pressures companies like Intel to cripple security directly in the hardware layer, including that of built-in pseudo random number generators (used in conjunction with encryption software for key generation).
Our collective security is drastically decreased, not increased, by these sorts of shenanigans.
As an aside, I’ve long considered the rise of hardware disk encryption (integrated in the hard drive enclosure itself) to be a potential growth area of encryption and security of data at rest, something that would benefit all of us (reduce our risk of being victimized by identity theft, for eg). You get the convenience of encryption and potentially augmented security. I now question the use of such products, for multiple reasons, which now include the possibility that drive manufacturers have purposefully crippled the security of their products due to pressure or coercion from government.