‘Five Eyes’ Nations Quietly Demand Government Access to Encrypted Data

The mythical "back door" is a chimera. Any route into the app will quickly be exploited by hackers and intelligence officials from nefarious states like Russia and the DPRK, rendering encryption completely meaningless. Companies will not comply with these demands, because the stakes are far, far too high.

Boots on the ground. Stop being lazy. Get your agents into the field, poor things. They want intelligence? Get it the old fashioned way. Ignore the critics and use profiling -- it works -- just ask the Israelis. We, the citizens whom you claim to protect, want ALL our activities kept private from bureaucrats on fishing expeditions, prosecutors with agendas and cops with attitudes.

Truman nationalized US steel assets in a time of nationalization emergency. its unlikely but not impossible to conceive of expropriation as a clumsy move that has complex first mover and after effects strategy Dynamics.

Like others here I can only speak about the U.S.. I don't believe that this should be allowed until laws are passed delineating what is and is not allowed to be given to government agents and penalties enacted for anyone, including any president who violates the law. I certainly don't trust the current administration to responsibly use this power. The current president would abuse the power to target his critics and enemies. I'm not sure I would trust any administration to use the power responsibly. But we currently have a president who believes anything he says or does is legal and is already trying to curb free speech in this country. This would be a disaster waiting to happen. There is simply no way to ensure that agents wouldn't take a stroll through everyone's communication and use of the internet and social media platforms. Unless I make it public or they can prove bad intent or illegality what I say or look up online is none of the government's business. I don't need them trying new ways to violate my right to free speech.

What is missing from this discussion is any understanding of the fundamentals of cryptography, and the article further conflates two different problems: 1. It's easy (very easy) to create effectively-unbreakable ciphers, provided that (a) the traffic sent with the cipher is not too large, and (b) the attacker (party that wants to break the cipher) cannot guess parts of the message. Most ciphers that are actually "broken" (usually meaning the user's individual key discovered from analysis of the ciphertext) are due to violations of (b) In most cases what the government wants is a way to get the user's individual cipher key, not actually a cipher that "is easy to break." And yes, any cipher that is constructed to be easy to break given only a small amount of ciphertext -- likely almost any competent party could break. 2. "unlocking" phones is just the problem of obtaining the user's key ... see (1) The demands from these governments for "clipper chip" (jocularly "cripple chip") solutions will endanger the legitimate privacy needs of millions, to obtain an extremely marginal utility against felons: all but the dumbest will turn to private ciphers. All real spies and state actors use both other ciphers and other means of communication and/or steganography and addressee spoofing, to prevent traffic analysis. These government demands have nothing to do with real espionage.

Put a backdoor into Google or Facebook and the first person in will be from Russian or Chinese intelligence services. It is insane to think that a backdoor isn't going to be found out almost as soon as it is in place. This is idiocy. Bruce Schneier should be required reading for anyone who votes on or drafts security legislation.

I can't speak to the state of play in other nations but my concern here in the U.S. is that the term "lawful access" is vague. This is not to say that the government never has a legitimate interest in seeking access to private communications. However, it would be helpful if there was some widely known and agreed upon set of criteria that the average citizen could use to determine what expectation of privacy they have in their communications in an intelligence/anti-terrorism context. I say this because it seems to me that (except for Rand Paul), those who push for expansions of these kinds of powers do not concern themselves with transparency or oversight until their own personal/political interests have been compromised. How many conservatives ignored the opaque nature of FISA warrants until it became a problem for Trump? Now with Trump expressing a willingness to actively involve himself in active investigations, will "lawful access" simply mean whatever Trump wills as head of the Executive Branch? If so, the entire nation should be aware of that ahead of time. And if there are limits, can we outline those limits now? As it is, we have heard statements about how it is "impossible" for a president to obstruct justice and how any exercise of presidential power is legal, no matter the motive. Will there be any LEGAL (not political) consequence for deviating from standards or this another "absolute" power for Trump to play with? #bottomline it for me, please.

It's a matter of trust, isn't it? Do you trust the government (any government) with this information? I don't, neither should you.

The idea that law enforcement has recently lost capability because criminals can now "go dark" is a red herring. The ubiquity of smart phones is a very recent development. Certainly, it was a boon for law enforcement when so many people started voluntarily carrying devices that record their every movement and utterance. But if criminals have now figured out how to hide the secrets on their smart phones, that only means law enforcement has to fall back on the techniques they used for many preceding decades--still backed up with the awesome power and resources of the government.

“Cybersecurity experts have repeatedly proven that it’s impossible to create any back door that couldn’t be discovered — and exploited — by bad actors,” This is the most important line in the article, and is the reason for all the hacks that we have encountered so far. The World Wide Web needs to be strengthened, not weakened by backdoors.

Perhaps this right, but it is so wrong.

I think that end to end encryption is here to stay. Criminals now have their communications better protected from investigation but also law-abiding individuals have their information better shielded (and that has been a real problem). Governments still have the meta data enabling everything about the communications except the content. They will have to work with that. If that means that we are all in a bit more danger, so be it.

It's easy for the government to assert the need for back-door access to private communications, just as it's easy for them to assert that invaluable information can be obtained by torturing prisoners of combat: the veil of "national security" prevents the actors from disclosing any actual outcomes from these practices. Beyond the "utility" argument, our conversation should include the moral and Constitutional aspects of the problem. We have (or did have), after all, a Fourth Amendment protection against searches and seizures, which can (could) only be challenged by a Court warrant (not a self-approved agent warrant). The problem is no doubt real, and I'm open to persuasion about the right approach. However, my current view is that Tim Cook has it right: creating back doors will only bring down the whole network security structure.