Gov'ts: We want a backdoor, it's possible to do it so only lawful access is permitted.
Big Tech: We have very smart people working for us who say it is not possible to do this safely. The risks greatly outweigh the rewards.
Gov'ts: no u
---
Not a new conversation. I've been wondering - what reason do big tech firms have to oppose backdoors except for concerns over compromising their legitimate users' privacy? I don't know what else would explain their resistance.
Assuming good faith and logic on both sides (tall order), how does the conversation progress?
Isn't the resistance to official backdoors the enormous downside to a crack or hack? That is, everyone knows there's an official backdoor in Chromium encryption. All criminals and all nation state cryptanalysis orgs start in on it. The Romanians crack it. The crack gets used to siphon money from all kinds of accounts. Now Google has to replace all instances of Chromium for everyone to be safe. Huge PR and money downside.
You can change "Chromium" to "Safari" and "Google" to "Apple" and "Romanians" to whoever you like. Once the encryption or the backdoor or whatever is broken, there's a crisis. Google/Apple/Microsoft has to figure out what to do, and how to get the change past the various government certifications, and deal with the PR fallout.
If this happens 3 times, e-commerce becomes a thing of suspicion: nobody will want to have bank accounts on line.
There's some obvious 2nd order effects:
Slower development cycles. Every change has to be certified as a good back door by opaque government entities, from multiple governments. What a nightmare!
Open source goes away. If the source is available, someone recompiles without the backdoor. Illegal! Now we've got to ban open source. This is probably a good thing from the copyright maximalist position, but for nobody else.
Next order effect, is that governments will periodically sample traffic or test the backdoors to see if they work. They will find shady people with fake backdoors or encrypted-encryption with an unknown/better interior algorithm. This will lead to a lot of monitoring to ensure that only criminals have fake backdoors or better encryption.
There's a whole row of knock-on effects, every few of them with any benefit.
The internet is ubiquitous today because people trust it, where in the past they did not. Many seniors still will avoid online banking because of this. After a few massive hacks, the whole internet and the economy built on it will regress 2 decades
I think the governments all still want strong encryption, but with a man-in-the-middle style eavesdrop point at the tech company where the NSA or whoever can perform their inspection on all the communication flowing through the service. This is certainly not to protect the children but more likely for terrorist monitoring with the added bonus of vacuuming up your dick pics. It should be more secure than back-dooring AES/RSA/ECC, but it still has the potential to compromise quite a bit of information and basically does away with what little privacy any end user has left.
Of course they do. They want a mathematically perfect, impossible to crack system, that also happens to have a common key that works for everything, that they alone own. And by 'they', I mean their government. Not enemy governments.
What happens when (not if) that common key leaks or is abused is not their concern. Until, of course, it invariably happens, and they find their citizens having their bank accounts siphoned, their agents being discovered and blackmailed for their basic 'civilian' internet use, etc.
There is no common key in the MITM scenario. It's still securely encrypted using over the counter algorithms, but instead of the end users exchanging keys, you exchange with the MITM and different key sets are used by both parties.
It would just be really easy to exploit the system, and ensuring that only authorized users have access opens them up to all kinds of restrictions on how they can process user data. e.g. I believe Google mentioned that their root GCP KMS keys are only accessible to a handful of people at the company.
Not to mention: being inundated with requests from law enforcement would impose significant operational costs on the industry. Just being able to shrug when asked for this kind of data probably saves a lot of man hours.
We should have backdoor$ in every house and building too. It is necessary to save the children and achieve 'political statment here.' Incase one of the other doors is locked by the home or business owner.
Can you imagine public opinion of this versus it being applied to Tech?
NatSecCell: we heve a secret backdoor into coms platform by companyX. We will make our administrations demand openly and officially for a disclosed backdoor to be installed. Just make sure company fights them to the dead on this because otherwise our secret backdoor is useless as our targets would just leave platform X.
It's complex. There might be different views on this matter within the same company, and even different executions. If this is presented as a national security issue not even the CxO team might be fully informed.
It is not just PR. You actually want the 'bad actors' to believe your platform is not compromised or even not compromizable, because otherwise they wouldn't use it and your backdoor would be useless. So fighting openly for backdoors by 5e+2 would, if not a ruse, be entirely self defeating.
So you can vehemently protest or deny even the potential for backdoors, while at the same time having it in your product already.
As always the agencies potential for acting on information gained is not straightforward, as doing so would compromise the secrecy of the infrastructure. So second sourcing would be strickly required, and you would only nudge official enquiries in the right direction under very high stakes circumstances.
Imagine thinking nobody will ever stumble onto your personal back door. Some of us will even get curious enough to open it - thats just humans, before we consider malicious intent.
But if you think "we have a problem with Chinese hackers" Now? Wait until they share the same backdoor in the software we sell them / buy from them!
Please do. And make sure it's present on all computers used by the gov's in the "Five Eyes nations plus Japan". I'm sure plenty of groups would love to have a crack at it regardless of how long it takes. (Being somewhat ironic in case it's missed and some take this statement at face value). I really don't know what that lot are thinking... or if they are thinking at all.
Ignoring for a second the NSA sitting in the middle sucking up everything I think a lot of this is just down to domestic law enforcement wanting the status quo.
Currently you send an email/message and its encrypted between you and Google/FB/etc, they have a decrypted copy, and the encrypted copy is sent on to the recipient. Governments can submit a subpoena (or whatever the local equivalent is) and get copies of that communication. They can also require said companies to monitor those communications for child porn. With E2EE encryption all that goes away and combined with things like iPhone encryption you end up with a situation like Pensacola where the FBI cannot access the attackers messages without brute forcing (or however they cracked) the device itself.
I also suspect when they say Big Tech they really mean Facebook. One Facebook is the company most prominently moving in that direction. Two unlike most existing encrypted communication apps where you need to know the persons phone number or username, FB/IG allow you to search for and identify potential victims (e.g., child predators) or others sympathetic to your cause (e.g., ISIS) and subsequently contact them.
So there are those who want backdoors that only (their) government can access. Tech people say that's impossible. And the response is "do it anyway".
I wish those people would attempt to construct a proof-of-concept. Or they could could hire someone to do it. Then when the result is shown to the world and everyone laughs at how bad it is, maybe it'll start to be clear that what they want is "magic", not real.
The government might as well mandate the energy companies to develop perpetual motion machines.
No, they're mandating backdoors that the companies can access, which the governments can then compel the companies to use on individuals they want to wiretap. This is not only not impossible but already the case in practice for most currently deployed communications systems, including several that are nominally E2E encrypted, like iMessage. They just want to encode it into law.
> so they offer access to encrypted messages and content.
Defeats the purpose, doesn't it? Morons. I have a feeling I have to start backing up applications I use in case they start adding backdoors, and the older the safer will definitely be the case, regardless of bugs.
I am, but I cannot go through the source code of everything I use. :/ I was merely trying to say that it seems like future programs might be stained with anti-privacy bullshit. Soon it will be foolish to upgrade.
A sufficiently conspiratorially-minded person could wonder if this is just kabuki, to cover that they can already break encryption at some exorbitant cost.
I doubt they can. This comes up every few years, and each time it gets shitcanned due to techs showing politicians and bureaucrats how idiotic it is. New politicians and bureaucrats show up a few years later, and the process repeats. I have even had one of them delete their Reddit account after I conclusively showed them that they can live in a world with enforcible warrants for encrypted comms, or one with online banking (which was sad as his half of the debate dissappeared - but I guess that was the point).
This is a wonderful thing! Think of all the open source replacements that will get interest now. Host stuff off of your NAS or rpi and just use a redirect service to get around NAT.
Central services were never good for us, just too easy to ignore. We should rip off the band-aid and get back to a decentralized web.
The Five Eyes + 1 nations are positively Orwellian. They say
"We, the undersigned, support strong encryption, which plays a crucial role in protecting personal data, privacy, intellectual property, trade secrets and cyber security,” the Statement commences, adding: “Encryption is an existential anchor of trust in the digital world and we do not support counter-productive and dangerous approaches that would materially weaken or limit security systems.”
Which is to say, they support encryption but then they want to have a backdoor that would materially weaken or limit security systems. Orwell would have been proud that double speak has emerged again in the wild.
31 comments
[ 2.1 ms ] story [ 72.6 ms ] threadBig Tech: We have very smart people working for us who say it is not possible to do this safely. The risks greatly outweigh the rewards.
Gov'ts: no u
---
Not a new conversation. I've been wondering - what reason do big tech firms have to oppose backdoors except for concerns over compromising their legitimate users' privacy? I don't know what else would explain their resistance.
Assuming good faith and logic on both sides (tall order), how does the conversation progress?
You can change "Chromium" to "Safari" and "Google" to "Apple" and "Romanians" to whoever you like. Once the encryption or the backdoor or whatever is broken, there's a crisis. Google/Apple/Microsoft has to figure out what to do, and how to get the change past the various government certifications, and deal with the PR fallout.
If this happens 3 times, e-commerce becomes a thing of suspicion: nobody will want to have bank accounts on line.
There's some obvious 2nd order effects:
Slower development cycles. Every change has to be certified as a good back door by opaque government entities, from multiple governments. What a nightmare!
Open source goes away. If the source is available, someone recompiles without the backdoor. Illegal! Now we've got to ban open source. This is probably a good thing from the copyright maximalist position, but for nobody else.
Next order effect, is that governments will periodically sample traffic or test the backdoors to see if they work. They will find shady people with fake backdoors or encrypted-encryption with an unknown/better interior algorithm. This will lead to a lot of monitoring to ensure that only criminals have fake backdoors or better encryption.
There's a whole row of knock-on effects, every few of them with any benefit.
What happens when (not if) that common key leaks or is abused is not their concern. Until, of course, it invariably happens, and they find their citizens having their bank accounts siphoned, their agents being discovered and blackmailed for their basic 'civilian' internet use, etc.
Not to mention: being inundated with requests from law enforcement would impose significant operational costs on the industry. Just being able to shrug when asked for this kind of data probably saves a lot of man hours.
Can you imagine public opinion of this versus it being applied to Tech?
Regular people: no.
Govt's: Why not?
Regular people: We don't trust you
Govt's: Why not?
Regular people: History
Government: put a backdoor then
Big tech: no! (Except in our biggest market - china)
I’m only half joking
It is not just PR. You actually want the 'bad actors' to believe your platform is not compromised or even not compromizable, because otherwise they wouldn't use it and your backdoor would be useless. So fighting openly for backdoors by 5e+2 would, if not a ruse, be entirely self defeating.
So you can vehemently protest or deny even the potential for backdoors, while at the same time having it in your product already.
As always the agencies potential for acting on information gained is not straightforward, as doing so would compromise the secrecy of the infrastructure. So second sourcing would be strickly required, and you would only nudge official enquiries in the right direction under very high stakes circumstances.
But if you think "we have a problem with Chinese hackers" Now? Wait until they share the same backdoor in the software we sell them / buy from them!
Currently you send an email/message and its encrypted between you and Google/FB/etc, they have a decrypted copy, and the encrypted copy is sent on to the recipient. Governments can submit a subpoena (or whatever the local equivalent is) and get copies of that communication. They can also require said companies to monitor those communications for child porn. With E2EE encryption all that goes away and combined with things like iPhone encryption you end up with a situation like Pensacola where the FBI cannot access the attackers messages without brute forcing (or however they cracked) the device itself.
I also suspect when they say Big Tech they really mean Facebook. One Facebook is the company most prominently moving in that direction. Two unlike most existing encrypted communication apps where you need to know the persons phone number or username, FB/IG allow you to search for and identify potential victims (e.g., child predators) or others sympathetic to your cause (e.g., ISIS) and subsequently contact them.
I wish those people would attempt to construct a proof-of-concept. Or they could could hire someone to do it. Then when the result is shown to the world and everyone laughs at how bad it is, maybe it'll start to be clear that what they want is "magic", not real.
The government might as well mandate the energy companies to develop perpetual motion machines.
https://www.wired.com/2015/09/apple-fighting-privacy-imessag...
Here it is: https://en.wikipedia.org/wiki/Transportation_Security_Admini...
It failed of course, but since their actual goal is not safety but control, they are going to continue pushing such things.
Defeats the purpose, doesn't it? Morons. I have a feeling I have to start backing up applications I use in case they start adding backdoors, and the older the safer will definitely be the case, regardless of bugs.
Central services were never good for us, just too easy to ignore. We should rip off the band-aid and get back to a decentralized web.