'Five Eyes' Governments Urge Tech Companies to Build Backdoors into Encrypted Services

[rotax]

I have been thinking for a while that if this gets through politically that these companies will not provide any encryption at all "out of the box" so to speak. They could leave all the hooks in place for end to end encryption, but not provide the certificates / keys themselves. You as the user, would take explicit action at setup to generate, install and be able to, at any time or frequency, change these keys. This way the company is not providing encryption itself, only the capability that the user is taking and would not be in violation of any "back door" laws that would require shared key access.

Btw... not using iCloud for personal docs / shared desktop and docs folder content until end to end encrypted with my private key/s.

 

[twistedpixel8]

With respect to this particular argument, it will be much less likely such individuals would do so. In as much as the "strip searches" everyone who flies must endure, it's done so that it is MUCH LESS LIKELY that an unsavory character doesn't bring something aboard that would jeopardize the lives of hundreds of people. Sure, it's not perfect. But as such, should we just do away with the TSA checks? Would people feel better knowing anyone can bring anything onto a plane in the name of privacy and freedom? Since no security checks are perfect, let's do away with all of them and just let whatever happens, happen. That's your argument?

So you’re saying that we should abolish clothing as well “just to be sure nobody is hiding anything”? And we should be cavity searched when leaving our homes? Entering shops? Should children be cavity searched too, when going to school - just in case they’re being used as bomb mules?

This paranoia is insane and a line has to be drawn somewhere. Otherwise we may as well just set off all our nukes and be done with humanity. I don’t want to live in a world where “privacy” is an archaic philosophy.

 

[john123]

Any citizen who supports this does not deserve freedom and true liberty.

While I think this is a terrible idea both philosophically and practically...hyperbole much?

 

[GaryMumford]

And I bet you also believe the world is flat, that pigs can fly and unicorns are real

WHAT??? Unicorns aren't real? Nooooooooo

 

[826317]

While I think this is a terrible idea both philosophically and practically...hyperbole much?

Not hyperbole. Realistic. If you're for the government to have such tremendous powers, you, per definition are an authoritarian who sees liberty as superfluous.

 

[macduke]

Bring on the legislation you mothers! I will vote anyone out of office who supports this garbage which takes encryption away from normal users and leaves it in the hands of the criminals and government officials (IS THERE A DIFFERENCE?). This is an issue that I will not budge on and I will fight you—I don't care if you're democrat, republican, green or purple. You vote for this and you're done! This is nothing more than a consolidation of power as those who run the government can use encryption all day to keep their activities hidden from WE THE PEOPLE while taking away the capability for WE THE PEOPLE to discuss dissenting views privately or organize protests against you cowards. You all are TRASH and the founding fathers are surely looking down at your smug, punchable faces wishing they had the chance to put you in your place.

 

[swissmann]

I appreciate the replies. I agree about the corrupt access (aka psycho shower) and concern for my daughters (which anyone can find out about thanks to social media). But if I’m acting correctly the lawsuit should be strengthened not undermined by my data. Yes I think having an affair would get you, but not because the data was uncovered but because you had an affair.

I’m split in my thoughts of where I stand on this. I just thought that posing a different side could help me gain information to form a better opinion.

A real problem is that those accessing my information are not guaranteed to use it uprightly.

Is this a risk worth taking to expose those not acting uprightly in an attempt to minimize them acting against the rest of us? Would we act better if we knew it was easier to get caught when we didn’t?

I have my problems and skeletons in the closet like anyone else but access my data along with everyone else’s and I’d be surprised if I (along with most of us) end up being the target.

Again I’m split and thanks for the shared thoughts.

 

[twistedpixel8]

I have been thinking for a while that if this gets through politically that these companies will not provide any encryption at all "out of the box" so to speak. They could leave all the hooks in place for end to end encryption, but not provide the certificates / keys themselves. You as the user, would take explicit action at setup to generate, install and be able to, at any time or frequency, change these keys. This way the company is not providing encryption itself, only the capability that the user is taking and would not be in violation of any "back door" laws that would require shared key access.

Btw... not using iCloud for personal docs / shared desktop and docs folder content until end to end encrypted with my private key/s.

This is an excellent idea; but then new legislation will surface that outlaws companies providing means for users to encrypt their own data. It’s inevitable. Law enforcement are simply too lazy to do the hard work and want an easy answer - whatever the cost - so they will keep pushing until the public revolts and throws democracy out the window.

 

[user1234]

But those that do illegal activities doesn't care if the encryption they use is legal or not... So this is only going to affect those who play by the rules by implementing backdoors that may be abused by rouge officials and hacked by criminals.

Do the people that make these suggestions even use their brains and learn about how encryption works?

 

[Wondercow]

At first I thought horrible idea but then I started thinking about what information of mine would be uncovered and thought there wasn’t much if anything I’d like to hide.

Wondering what others are afraid of having exposed (in general terms)?

What am I missing? Any insight as to what the average law abiding and good person citizen is afraid of exposing?

In no particular order, these are a few of the things that I would like to hide from prying eyes: my music, my notes, my Angry Birds scores, my passwords, my calendar, my address book, what apps I use, my banking info, the books I read, my photos, and how many characters I've unlocked in Crossy Road.

No one, neither government nor citizen, has any right, need, or reason to look at any of my stuff.

 

[john123]

Not hyperbole. Realistic. If you're for the government to have such tremendous powers, you, per definition are an authoritarian who sees liberty as superfluous.

Errr, no, that's not "per definition" at all. Reasonable people can have different views and interpretations.

The attitude that "if you don't agree with my view, you are un-American / hate liberty / are a terrible person" is precisely the sort of nonsense on both sides of the political aisle that has us in the mess we're in today.

What's being proposed here is not insane. I don't personally agree with it, but it's not nuts. It simply reflects the attitudes of people who place a higher value and importance on things like "catching bad guys" and "preventing attacks" than you and I do relative to freedom and liberty as guiding principles. The notion that that makes them "authoritarian" is silly. The notion that they "don't deserve freedom" is downright arrogant.

The world and the USA especially would be a lot better off if people actually made even a modicum of effort to find common ground.

 

[MacknTosh]

And I bet you also believe the world is flat, that pigs can fly and unicorns are real

Of course unicorns are real - why else would Scotland have it as its National Animal??

 

[chucker23n1]

Meanwhile, truthspeakers like Snowden and Assange get hunted down and silenced.
Funny how we humans live the most artificial life as per definition.

With Assange, it’s complicated. He started out with some pretty good intel, then made himself a martyr figure by evading Swedish police on a rape charge, claiming ever since that it’s a trick to get extradited to the US, and lastly leaked, at oddly coincidentally strategic moments, anti-Hillary dirt.
[doublepost=1536075497][/doublepost]

Errr, no, that's not "per definition" at all. Reasonable people can have different views and interpretations.

Reasonable people don’t agree on the literal meaning of authoritarianism, only on which extent they accept.

 

[fairuz]

Hack away at the security all you want, but we're not installing backdoors.

 

[chucker23n1]

Not hyperbole. Realistic. If you're for the government to have such tremendous powers, you, per definition are an authoritarian who sees liberty as superfluous.

So, hyperbole.

 

[cwanja]

With respect to this particular argument, it will be much less likely such individuals would do so. In as much as the "strip searches" everyone who flies must endure, it's done so that it is MUCH LESS LIKELY that an unsavory character doesn't bring something aboard that would jeopardize the lives of hundreds of people. Sure, it's not perfect. But as such, should we just do away with the TSA checks? Would people feel better knowing anyone can bring anything onto a plane in the name of privacy and freedom? Since no security checks are perfect, let's do away with all of them and just let whatever happens, happen. That's your argument?

You realize that roughly 80% of things the TSA is supposed to check for, still get through every year? Just look up reports, people test the line every year. There is plenty of reports out there.

The TSA is there to make you feel good. They do literally nothing at all. Frankly, it should be up to the airlines to screen passengers and if something happens - well you sue the airline. And take your business else where. Or if they want to implement the harshest screening measures possible, they can. And if you want to go with them, you know what you signed up for.

Private jet passengers do not have to go through TSA and they are flying just fine.

At first I thought horrible idea but then I started thinking about what information of mine would be uncovered and thought there wasn’t much if anything I’d like to hide.

Wondering what others are afraid of having exposed (in general terms)?

I’d feel even better about it if our government wasn’t as corrupt as it generally across the board.

What am I missing? Any insight as to what the average law abiding and good person citizen is afraid of exposing?

I am not sure it is having something to hide. It is just the fact that ANYONE, for ANY REASON in the government could tap your device and capture information. And the government is pretty good at making up reasons for needing things.

 

[jdechko]

Just make a backdoor toggle in settings and have it default to "off", giving the user an option to turn it on.

 

[Superhai]

What am I missing? Any insight as to what the average law abiding and good person citizen is afraid of exposing?

Oh nothing. Don't worry if you suddenly find your bank account emptied, and all your property transferred to someone else.

Don't have any money? Well that's fine, you surely need some credit cards and loans to support some "new" friends, they maybe want to go to Las Vegas on your expense. Surely a good person don't want to refuse some fun for others?

But you say all your accounts are already max pure debt. Again don't worry when suddenly someone use your name and identifications in transactions of drugs, or to open a new phone number in your name, conveniently used by some suicidal bomber.

And you say you have no online persona at all? Ah, so convenient, we'll create one for you, and maybe hand it over to your envious neighbor who would do anything to taint you. Or your other "friend" who want to sell photos of your pre-teen sons and daughters. Because his current name is already blocked on most online services and wanted by Interpol.

 

[826317]

Just make a backdoor toggle in settings and have it default to "off", giving the user an option to turn it on.

Do you honestly think that this would make any sense at all?

 

[rotax]

This is an excellent idea; but then new legislation will surface that outlaws companies providing means for users to encrypt their own data. It’s inevitable. Law enforcement are simply too lazy to do the hard work and want an easy answer - whatever the cost - so they will keep pushing until the public revolts and throws democracy out the window.

Point well taken, but I think its a bridge too far for politicians to cross constitutionally. Its like saying to any company who makes any locked device (safe, front door lock, bank vualt / individual lock boxes) that the government shall have a key or reasonably be able to brute force access it, or that it shall not be lockable. The constitution protects these rights for us as individuals and our ability to use these products to protect our privacy.

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.​

A company doing it for us, as is the case today, is arguable constitutionally. Passing a law that says we as individuals are only afforded 4th amendment protections when the method of security used ensures that the government shall have a key or reasonably be able to brute force access it, or that it shall not be lockable in my opinion is unconstitutional. If legislation surfaces that outlaws companies providing means for users to encrypt their own data, that would have a significant economic impact as users as well as service providers (loosely defined as banking apps any any other app managing valued assets / money) no longer offer services on unsecured devices as they would have to be willing to own that risk of fraudulent access and financial loss if consumers were to continue to use them.

 

[826317]

Errr, no, that's not "per definition" at all. Reasonable people can have different views and interpretations.

The attitude that "if you don't agree with my view, you are un-American / hate liberty / are a terrible person" is precisely the sort of nonsense on both sides of the political aisle that has us in the mess we're in today.

What's being proposed here is not insane. I don't personally agree with it, but it's not nuts. It simply reflects the attitudes of people who place a higher value and importance on things like "catching bad guys" and "preventing attacks" than you and I do relative to freedom and liberty as guiding principles. The notion that that makes them "authoritarian" is silly. The notion that they "don't deserve freedom" is downright arrogant.

The world and the USA especially would be a lot better off if people actually made even a modicum of effort to find common ground.

Ah yes, "catching the bad guys". My god, you're one of the first 2000 members on this forum, signed up in 2001. You've had some years on this earth. How in the hell can you still believe that the American government, specifically their intelligence agencies such as NSA, CIA, DHS, USIC, NIC, NCC etc. have the best interest of the American people at heart? We've seen what the NSA does. These agencies are run by people like you and I. There is nothing innately more trustworthy about these individuals than any other person and we're being asked to provide a backdoor to EVERY piece of communication that we make so these individuals can have a gander? Please.

 

[cult hero]

So nice to see the champions of western philosophy still care about privacy. Oh wait...

Also nice to see so many posters eager to give up privacy to help the “good guys” stop the “bad guys.” People writing propaganda don’t even have to be creative anymore.

Even if you cling to that idiocy, encryption with a back door isn’t really encryption. Do you really trust your friends at your local government spooks club to not lose those keys or get them owned?

The arguments opposed to safe encryption are a joke. Safety? The price of a modern society? We’re gonna sell ourselves out for meaningless platitudes. Awesome.

 

[CarlJ]

However, I also think that anyone that wants to destroy my way of life via terrorist activities, I want them caught at all costs, if that includes, infringing on my privacy, I might be ok with that.

Do you have any idea how much more likely you are to die in a car accident than in a terrorist attack? Why so quick to give up so much in the way of freedom and privacy to prevent such an unlikely event? Would you be willing to make similarly far-reaching concessions to lessen much more real dangers?

 

[username:]

The only thing that scares me about this is the fact that if there IS a backdoor, how in the world do I know who has access? What if criminals gain access? Although I guess the outcome is the same as a burglary. Don’t know. Not sure what I think about this.

 

[CaTOAGU]

Make them legislate is what I'd say to them, make them set out their case in their respective legislators. Make them draft legislation that would actually accomplish their aims without undermining security, that latter part will be impossible, barring some new undiscovered maths. I'd much rather this, than some shadowy behind the scenes deal.