Comment by gigatexal

12 days ago

The math doesn’t math when it comes to encryption. It’s Pandora’s box. Once backdoors are created encryption may as well not even be enabled.

22 comments

gigatexal

Reply
gambiting  12 days ago

Well - maybe. But take for example how Microsoft is doing bitlocker encryption on every Win11 system - by default, without prompting the user, your system drive gets encrypted automatically and the encryption key gets saved to your microsoft account.

Yes I hate that they do that without prompting, but in theory that solution offers that balance that OP talks about - if there are no backdoors in Bitlocker(let's assume that there aren't), then your encrypted data is perfectly secure. But if a judge issues a warrant for your data, then Microsoft can provide them with a key to unlock your device.

To me, that's an acceptable compromise - it means that someone stealing my laptop won't get my data, but if a warrant is produced then bitlocker drives can be unlocked for a criminal investigation.

Couldn't Apple create a solution where all your communication is end to end encrypted with a key that they just have a copy of? No backdoors necessary.

  • pjc50  12 days ago

    > Couldn't Apple create a solution where all your communication is end to end encrypted with a key that they just have a copy of? No backdoors necessary.

    But that is a backdoor!

    Especially, it's a backdoor that's inside a foreign country and subject to their intelligence services! It might be valid for a hypothetical autochthonous UKphone, but having a system where the US can secretly crack all UK comms is .. not ideal.

    Given the tendency of UK ministers to use Whatsapp for private government communications, should we allow the US to have a backdoor into all of that via Meta? (in practice, they tend to leak to newspapers themselves, but it's the principle)

    • johnisgood  12 days ago

      It really is.

      > then Microsoft can provide them with a key to unlock your device.

      This is a quote from parent. That renders the key and encryption itself pretty useless if it has been given to someone other than you.

      13 replies →

    • gambiting  12 days ago

      >>But that is a backdoor!

      ...is it? That's a weird definition if I've ever heard one - backdoor to me is a normally hidden functionality that can be triggered if you know the secret, so for example adding a secret universal key that unlocks every drive - that would be a backdoor. And that's a dangerous one, because if it leaks out then all criminals of the world can now decrypt your drives.

      With the way MS does it, Bitlocker could be the most secure encryption on the planet, unbreakable by any quantum computer, and yet if they have a copy of the key then the law enforcement can obtain it if needed - that's not a backdoor, not any more than giving your parents copy of your house key is an exploit on your home security.

      >>but having a system where the US can secretly crack all UK comms is .. not ideal.

      No, of course not, I agree with you there.

      >>Given the tendency of UK ministers to use Whatsapp for private government communications, should we allow the US to have a backdoor into all of that via Meta?

      Well, they shouldn't be using WhatsApp in the first place, given that they don't control the underlying technology. A backdoor might already exist and they wouldn't even know about it.

      5 replies →