Linked by Thom Holwerda on Thu 6th Sep 2018 21:14 UTC
Privacy, Security, Encryption

The US, UK, and three other governments have called on tech companies to build backdoors into their encrypted products, so that law enforcement will always be able to obtain access. If companies don't, the governments say they "may pursue technological, enforcement, legislative, or other measures" in order to get into locked devices and services.

Their statement came out of a meeting last week between nations in the Five Eyes pact, an intelligence sharing agreement between the US, UK, Canada, Australia, and New Zealand. The nations issued a statement covering a range of technology-related issues they face, but it was their remarks on encryption that stood out the most.

Break encryption, or we'll break you.

Thread beginning with comment 662077
To view parent comment, click here.
To read all comments associated with this story, please click here.
kurkosdr
Member since:
2011-04-11

A) you can't stop people from using math


Well, duh. Even in the era of 40-bits encryption limit, people could download and compile source code from off-shore websites, and in fact they did. Much like the DMCA prohibits DVD ripping software but everyone can acquire one easily.

I think the real problem governments have is that every smartphone sold out there has full-disk encryption and prompts the user to enable it during initial setup. This means any information stored in a phone is off-limits to law enforcement, including petty thieves, sex offenders and drug mules, not only organized terrorist networks using secure channels.

I can imagine how this makes governments and police departments feel powerless and why they want to stop it. I mean, if strong encryption was outlawed DMCA-style, iPhone users would be SOL without going through the process of jailbreaking, and Android users would have to download an apk from a third party website to gain access to some kind of encryption, which is something fewer users would do or even know where to go.

Edited 2018-09-07 12:57 UTC

Reply Parent Score: 3

Alfman Member since:
2011-01-28

kurkosdr,

I can imagine how this makes governments and police departments feel powerless and why they want to stop it. I mean, if strong encryption was outlawed DMCA-style, iPhone users would be SOL without going through the process of jailbreaking, and Android users would have to download an apk from a third party website to gain access to some kind of encryption, which is something fewer users would do or even know where to go.


Agree but just want to make a subtle point that for crypto to be integrated into the file system (rather than just a standalone app) you'd need more than just "sideloading" APKs. You may need root and even a new kernel build to enable file system crypto. Otherwise you end up copying files between secure and insecure storage, which obviously represents a weak link.

Many android devices are still too locked down to allow owners to modify the OS itself despite sideloading (I wish it weren't this way, but alas, lost cause...) So if manufacturers were to remove/weaken OS based crypto, it would negatively affect security at the OS level for both android and IOS users.

IMHO open source on mobile in it's current form is not in a good place to promote owner freedoms. It's ironic then that most of our phones are running linux. Trouble is the freedoms offered by GPLv2 were conceived under assumptions that owners would be in control their machines, which is increasingly in jeopardy in more modern computer eras.

Edited 2018-09-07 14:03 UTC

Reply Parent Score: 3

kurkosdr Member since:
2011-04-11



IMHO open source on mobile in it's current form is not in a good place to promote owner freedoms. It's ironic then that most of our phones are running linux. Trouble is the freedoms offered by GPLv2 were conceived under assumptions that owners would be in control their machines, which is increasingly in jeopardy in more modern computer eras.


It's something not often mentioned: Most people don't really care about the freedom of access to the source code. Some people care about freedom of installation and freedom to patch the binary (hence the whole deal with jailbreaking and rooting). Stallman made a big mistake two consider these two as granted. On the other hand, can't blame him for doing so, he wrote the GPLv2 in more innocent times.

Edited 2018-09-07 22:11 UTC

Reply Parent Score: 2