Comment by gambiting
12 days ago
>>But that is a backdoor!
...is it? That's a weird definition if I've ever heard one - backdoor to me is a normally hidden functionality that can be triggered if you know the secret, so for example adding a secret universal key that unlocks every drive - that would be a backdoor. And that's a dangerous one, because if it leaks out then all criminals of the world can now decrypt your drives.
With the way MS does it, Bitlocker could be the most secure encryption on the planet, unbreakable by any quantum computer, and yet if they have a copy of the key then the law enforcement can obtain it if needed - that's not a backdoor, not any more than giving your parents copy of your house key is an exploit on your home security.
>>but having a system where the US can secretly crack all UK comms is .. not ideal.
No, of course not, I agree with you there.
>>Given the tendency of UK ministers to use Whatsapp for private government communications, should we allow the US to have a backdoor into all of that via Meta?
Well, they shouldn't be using WhatsApp in the first place, given that they don't control the underlying technology. A backdoor might already exist and they wouldn't even know about it.
>With the way MS does it, Bitlocker could be the most secure encryption on the planet, unbreakable by any quantum computer, and yet if they have a copy of the key then the law enforcement can obtain it if needed - that's not a backdoor, not any more than giving your parents copy of your house key is an exploit on your home security.
It is more like the local lock company keeps the name, address, and the key bittings for every home in town. What happens when they are robbed and now your address and how to make a key for your lock are in the hands of some criminals in your area?
>>What happens when they are robbed and now your address and how to make a key for your lock are in the hands of some criminals in your area?
I'd hope that Microsoft's key storage is harder to break into than a random local lock company. And there is no need for theoreticals - all my locks are key coded and the manufacturer can make more keys for them if I ask them. They also have my address since they know where they shipped the locks. And yet, I'm not worried about this - I suspect a wannabe robber will just break my windows with a brick not infiltrate the manufacturer's production facility to make a clone of my key.
https://firewalltimes.com/microsoft-data-breach-timeline/
Giving your parents a house key _is_ an exploit on your home security.
There's now an additional two people with access, with the risk of the key being stolen from them, them losing it etc.
No, that's delegation. It's a useful feature to be able to give out multiple keys and an even more useful one if you can revoke them.