G7 Comes Out in Favor of Encryption Backdoors(schneier.com)
schneier.com
G7 Comes Out in Favor of Encryption Backdoors
https://www.schneier.com/blog/archives/2019/04/g7_comes_out_in.html
21 comments
If intelligence agencies really want access to someone's data, they can plant bugs, or spy on them as they type in the password, or compel them with jail time. This isn't about access - it's about cheap, covert access, and in bulk. It's not enough for them to metaphorically break into your house and go through your stuff - they want you to remain unaware of it. Only not just your house, but everyone's.
And not just once, but all the time, in real-time.
A good reason to support Coreboot, Libreboot and similar projects since most of us already run hardware that can be exploited remotely, probably by design.
https://www.eff.org/it/node/95854
I think the only way lawmakers will learn that weakening encryption is a terrible thing to do is if one country does it and their banking system gets crushed by it. Or something else as disastrous would have to happen for them to learn.
Like we’ve learned from all the other private sector security breaches?
But those weren't due to the actions of the lawmakers. They won't learn from that.
[deleted]
What about developing a three-party system where the third party doesn't have any "master key" (to prevent a single key from compromising the encryption system), and perhaps the third party has something akin to a "slow hash" that is time consuming to decrypt (to prevent bulk real-time decryption by NSA, etc.) but still allows LEO access when truly needed? Maybe the third party's encryption would, in this sense, be much more difficult to decrypt, so that the three-party system would not be significantly weaker than the two-party system?
There is already unbreakable encryption publicly available for those who wish to use it. I personally feel that it's irresponsible to deploy unbreakable two-party systems at any national/global scale.
There is already unbreakable encryption publicly available for those who wish to use it. I personally feel that it's irresponsible to deploy unbreakable two-party systems at any national/global scale.
Why would you be trying to enable this?
As stated, in my opinion, it's irresponsible to deploy unbreakable two-party encryption at a national/global level. IMO, authorities should have a way to decrypt the encryption used by the masses, when needed.
Further, it's clear that policy makers will typically push for such a mechanism. If such three-party systems are to be deployed, it would further your privacy cause to help to develop such a system, if your efforts to push back without compromise do not bear fruit.
Further, it's clear that policy makers will typically push for such a mechanism. If such three-party systems are to be deployed, it would further your privacy cause to help to develop such a system, if your efforts to push back without compromise do not bear fruit.
Is it also irresponsible to allow cars and houses without always-listening microphones planted in them?
Not relevant to the topic.
Why not? People could say anything to each-other in private - shouldn't the authorities have a way of finding out what was said, when needed? How does the medium of communication change things?
The topic is about encryption, not microphones.
The topic is government access to private communications - encryption is an implementation detail.
No, the name of the G7 document is "Combating the use of the internet for terrorist and violent extremist purposes". Scanning the PDF, there doesn't appear to be any discussion about microphones placed in vehicles or residences.
Encryption keeps communication private, talking to someone directly keeps communication private. The analogy is extremely simple, it seems like you are intentionally trying to ignore it.
Do you think the government should be able to listen and see all of your communication?
Do you think the government should be able to listen and see all of your communication?
> Encryption keeps communication private, talking to someone directly keeps communication private. The analogy is extremely simple, it seems like you are intentionally trying to ignore it.
The analogy breaks down when considering that direct communication in a confined private space is not the same thing at all as creating virtual private / untraceable spaces on a global encrypted communication network, as it pertains to natsec.
> Do you think the government should be able to listen and see all of your communication?
It depends on context. Confined private spaces aren't the same thing as remote communications through the internet or airwaves. Globally deployed mass 2-party strong encryption meant to entirely lock out the ABC's at scale isn't the same thing as not stopping those who seek to use already-available 2-party strong encryption tools. Designing a system that still allows an "in case of emergency break glass" mechanism to stop terrorism/acts of horror is a good, responsible policy.
FWIW, I completely disagree with the actions of Edward Snowden. He should be executed.
It would be something if the NSA really is fighting to give privacy back to the people (stolen by corporate and entrenched government interests) while still being able to protect us. What a tough challenge that must be, to secure our comms while still having a way to perform sigint. God bless patriots who can see the bigger picture.
The analogy breaks down when considering that direct communication in a confined private space is not the same thing at all as creating virtual private / untraceable spaces on a global encrypted communication network, as it pertains to natsec.
> Do you think the government should be able to listen and see all of your communication?
It depends on context. Confined private spaces aren't the same thing as remote communications through the internet or airwaves. Globally deployed mass 2-party strong encryption meant to entirely lock out the ABC's at scale isn't the same thing as not stopping those who seek to use already-available 2-party strong encryption tools. Designing a system that still allows an "in case of emergency break glass" mechanism to stop terrorism/acts of horror is a good, responsible policy.
FWIW, I completely disagree with the actions of Edward Snowden. He should be executed.
It would be something if the NSA really is fighting to give privacy back to the people (stolen by corporate and entrenched government interests) while still being able to protect us. What a tough challenge that must be, to secure our comms while still having a way to perform sigint. God bless patriots who can see the bigger picture.
You are conflating untraceable and private. You keep saying two things are different without explaining why you think they are fundamentally different.
What do you think about the fact that the US literally has a right to privacy in their constitution?
Finally, let's see if you are consistent in your beliefs. Upload an archive of all your emails and chat logs to a public server so that anyone can read them, since having your communication intercepted does not seem to bother you.
What do you think about the fact that the US literally has a right to privacy in their constitution?
Finally, let's see if you are consistent in your beliefs. Upload an archive of all your emails and chat logs to a public server so that anyone can read them, since having your communication intercepted does not seem to bother you.
Now I'm SURE you're forum-sliding.
Clipper was a disaster (what? 30 years ago?) but we continually have idiot governments still persisting in trying to make square wheels.