Linked by Thom Holwerda on Thu 6th Sep 2018 21:14 UTC
Privacy, Security, Encryption

The US, UK, and three other governments have called on tech companies to build backdoors into their encrypted products, so that law enforcement will always be able to obtain access. If companies don't, the governments say they "may pursue technological, enforcement, legislative, or other measures" in order to get into locked devices and services.

Their statement came out of a meeting last week between nations in the Five Eyes pact, an intelligence sharing agreement between the US, UK, Canada, Australia, and New Zealand. The nations issued a statement covering a range of technology-related issues they face, but it was their remarks on encryption that stood out the most.

Break encryption, or we'll break you.

Thread beginning with comment 662048
To view parent comment, click here.
To read all comments associated with this story, please click here.
Alfman
Member since:
2011-01-28

kurkosdr,

Basically, the simple question is: Should companies be allowed to manufacture and sell to the public a safe that cannot be opened without the password and immediately destroys all its contents the moment someone tries to crack it open with a blowtorch? There is no easy answer to this question.



In a government "for the people by the people", the government really shouldn't have any say over this. In fact, we ought to be entitled to demand all "our" government's secrets rather than the other way around. Our private matters are none of their business. It's only through a perverted role-change that we've ended up becoming subjects of government rules. Democracy isn't supposed to work this way, we the people should be making the rules and the government should obey.

Some will argue that weakening crypto is for the public good, but A) you can't stop people from using math, and B) whatever the case is for prohibiting effective crypto, it needs to be made in the open were it is the people's will. It is inherently undemocratic for a government to dictate rules without the public's consent.

Edited 2018-09-07 03:50 UTC

Reply Parent Score: 3

streetmagick Member since:
2013-04-14

I'd be cool with it if the government actually followed our nation's laws : They're free to search with a warrant. Citizens are supposed to have a right to privacy. If you could trust them to respect that, it'd be OK.


...You'd have to make failsafes/backdoors in these conditions when they actually DO get a warrant though.


But now the real problem is that the government will try to find any damn way to get a warrant. And I hate to get too political, but people are going to finally see how deeply corrupt it is when they find out what they did to obtain FISA warrants on Donald Trump to smear his presidential campaign (and now presidency). If a president can't even get justice (whether you like him or not is irrelevant.. I know he's not a pleasant guy), then YOU sure as hell won't. He's being punished simply because he isn't one of the "right" people. He wasn't "supposed" to win. We've already seen a little come out on the shenanigans they tried (the Steele dossier), but there's more coming.

This should be a lesson for EVERYONE, but no one yet sees what kind of disaster it spells for themselves. They're clouded by their disgust for one guy. But that's how laws often get abused. Burn one witch.. and then suddenly you're burning thousands.

Reply Parent Score: 1

Brendan Member since:
2005-11-16

In a government "for the people by the people", the government really shouldn't have any say over this.


Let's try a multiple choice question:

a) The government has a duty to protect the people, and needs to be able to protect the people.

b) You get your butt raped daily and doctors aren't able to stop your anal bleeding; but you're glad that nobody can find your rapist even if you can't sit down.

Note: My point here is that there needs to be a balance between "protecting people from other people" and "protecting people from the government". Too far to one extreme or the other is bad.

- Brendan

Edited 2018-09-07 09:35 UTC

Reply Parent Score: 2

Alfman Member since:
2011-01-28

Brendan,

a) The government has a duty to protect the people, and needs to be able to protect the people.



This may sound odd given how we just accept things, but no it does not have a duty to protect the people against it's will. With regards to threats of banning crypto, this has not undergone a necessary public debate necessary for democracy, it oversteps moral bounds and is reminiscent of an undemocratic regime.

b) You get your butt raped daily and doctors aren't able to stop your anal bleeding; but you're glad that nobody can find your rapist even if you can't sit down.


With regards to things like military and police, they can exist but only because the people will it, the underlying authority must come from the people rather than the other way around.

Reply Parent Score: 3

kurkosdr Member since:
2011-04-11

A) you can't stop people from using math


Well, duh. Even in the era of 40-bits encryption limit, people could download and compile source code from off-shore websites, and in fact they did. Much like the DMCA prohibits DVD ripping software but everyone can acquire one easily.

I think the real problem governments have is that every smartphone sold out there has full-disk encryption and prompts the user to enable it during initial setup. This means any information stored in a phone is off-limits to law enforcement, including petty thieves, sex offenders and drug mules, not only organized terrorist networks using secure channels.

I can imagine how this makes governments and police departments feel powerless and why they want to stop it. I mean, if strong encryption was outlawed DMCA-style, iPhone users would be SOL without going through the process of jailbreaking, and Android users would have to download an apk from a third party website to gain access to some kind of encryption, which is something fewer users would do or even know where to go.

Edited 2018-09-07 12:57 UTC

Reply Parent Score: 3

Alfman Member since:
2011-01-28

kurkosdr,

I can imagine how this makes governments and police departments feel powerless and why they want to stop it. I mean, if strong encryption was outlawed DMCA-style, iPhone users would be SOL without going through the process of jailbreaking, and Android users would have to download an apk from a third party website to gain access to some kind of encryption, which is something fewer users would do or even know where to go.


Agree but just want to make a subtle point that for crypto to be integrated into the file system (rather than just a standalone app) you'd need more than just "sideloading" APKs. You may need root and even a new kernel build to enable file system crypto. Otherwise you end up copying files between secure and insecure storage, which obviously represents a weak link.

Many android devices are still too locked down to allow owners to modify the OS itself despite sideloading (I wish it weren't this way, but alas, lost cause...) So if manufacturers were to remove/weaken OS based crypto, it would negatively affect security at the OS level for both android and IOS users.

IMHO open source on mobile in it's current form is not in a good place to promote owner freedoms. It's ironic then that most of our phones are running linux. Trouble is the freedoms offered by GPLv2 were conceived under assumptions that owners would be in control their machines, which is increasingly in jeopardy in more modern computer eras.

Edited 2018-09-07 14:03 UTC

Reply Parent Score: 3