Should tech companies be forced to put backdoors in their encryption?

Anonymous (User Deleted) · December 06, 2015, 03:29:00 PM

or their programs in general

T4R

I'll write something up later.

challengerX · December 06, 2015, 03:55:11 PM

This user has been blacklisted from posting on the forums. Until the blacklist is lifted, all posts made by this user have been hidden and require a Sep7agon^® SecondClass Premium Membership to view.

rC · December 06, 2015, 03:56:00 PM

no that's autistic

ΚΑΤΑΝΑΛΩΤΗΣ · December 06, 2015, 04:06:27 PM

This user has been blacklisted from posting on the forums. Until the blacklist is lifted, all posts made by this user have been hidden and require a Sep7agon^® SecondClass Premium Membership to view.

Word Wizard · December 06, 2015, 04:23:24 PM

Anonymous (User Deleted) · December 06, 2015, 08:18:28 PM

Quote from: I slam Islam on December 06, 2015, 03:55:11 PM

Not sure.

How so?

Turkey · December 06, 2015, 08:35:09 PM

Anonymous (User Deleted) · December 06, 2015, 08:52:39 PM

Quote from: #TurkeyLivesMatter on December 06, 2015, 08:35:09 PM

Why?

Why...?

Well, if you meant why it's relevant to anything (I'm asking for the sake of discussion), there's been a push by the US government to force Silicon Valley firms to create backdoors into their encryption schemes, for the sake of national security. The argument goes that the government can't access encrypted communications, unless they have a way in. Silicon Valley is largely opposed to this push, arguing that backdoors would make consumers vulnerable to criminals and other bad actors, and that backdoors simply defeat the purpose of encryption.

The debate shifted into high gear recently, after the media erroneously reported that the Paris bombers used encrypted communications, and at least one government official took that opportunity to say that the attackers 'likely' used encryption, because the government wasn't aware of the attack in advance.

Turkey · December 06, 2015, 09:00:30 PM

Quote from: Cup-O on December 06, 2015, 08:52:39 PM

The argument goes that the government can't access encrypted communications, unless they have a way in.

They have a way in legally through a warrant served to the company, who have access to their own encrypted data. I can't think of a single compelling reason why the government should be allowed access to any private data without a warrant.

Anonymous (User Deleted) · December 06, 2015, 09:21:48 PM

Quote from: #TurkeyLivesMatter on December 06, 2015, 09:00:30 PM

Quote from: Cup-O on December 06, 2015, 08:52:39 PM
The argument goes that the government can't access encrypted communications, unless they have a way in.

They have a way in legally through a warrant served to the company, who have access to their own encrypted data. I can't think of a single compelling reason why the government should be allowed access to any private data without a warrant.

Yeah, pretty much. And even if a bad guy were to use encryption, they'd probably give out information in so many other ways that would minimize the effectiveness of encryption. They're not going to 'going dark' without bending further backwards than most people realize.

There is at least one company that decided to shut down rather than reveal its customers' private keys.

The debate is also about encryption programs made by a company but used by consumers, such as Apple's FileVault hard drive encryption for Mac, or the messenger app Signal. As the Fifth Amendment protects an accused individual from having to reveal their encryption key, even under warrant, the government wants to work around that with backdoors instead.

challengerX · December 07, 2015, 05:59:15 AM

This user has been blacklisted from posting on the forums. Until the blacklist is lifted, all posts made by this user have been hidden and require a Sep7agon^® SecondClass Premium Membership to view.

Tsirist · December 07, 2015, 12:42:18 PM

Quote from: I slam Islam on December 07, 2015, 05:59:15 AM

Been reading about this and no, definitely not. The cons (pretty much giving up one of your constitutional rights) far outweigh the benefits.

It should go without saying that purposely putting vulnerabilities in encryption schemes is idiotic. It defies their very purpose, and it will in no way hamper the ability of hostile elements to communicate without our knowing considering the huge number of workarounds they have access to. It puts the public at greater risk as a side-effect. Whether or not it's a constitutional right is not even relevant in my opinion.

challengerX · December 07, 2015, 02:59:07 PM

This user has been blacklisted from posting on the forums. Until the blacklist is lifted, all posts made by this user have been hidden and require a Sep7agon^® SecondClass Premium Membership to view.

Tsirist · December 07, 2015, 07:46:50 PM

Quote from: I slam Islam on December 07, 2015, 02:59:07 PM

Quote from: Tsirist on December 07, 2015, 12:42:18 PM
Quote from: I slam Islam on December 07, 2015, 05:59:15 AM
Been reading about this and no, definitely not. The cons (pretty much giving up one of your constitutional rights) far outweigh the benefits.
It should go without saying that purposely putting vulnerabilities in encryption schemes is idiotic. It defies their very purpose, and it will in no way hamper the ability of hostile elements to communicate without our knowing considering the huge number of workarounds they have access to. It puts the public at greater risk as a side-effect. Whether or not it's a constitutional right is not even relevant in my opinion.
Well the problem with your little rant here is that they wouldn't be putting in "vulnerabilities", they'd be putting in a back door for authorities and intelligence agencies.

There are good uses for this, and it sounds like a good idea on paper. But the reality of all this is much more complicated.

Back doors are by definition vulnerabilities. If it can be programmatically utilized by a good party then it can be used the same way by others.

Source: undergraduate researcher in cybersecurity for two years before I got bored of it.

rC · December 07, 2015, 08:59:11 PM

Quote from: I slam Islam on December 07, 2015, 02:59:07 PM

Quote from: Tsirist on December 07, 2015, 12:42:18 PM
Quote from: I slam Islam on December 07, 2015, 05:59:15 AM
Been reading about this and no, definitely not. The cons (pretty much giving up one of your constitutional rights) far outweigh the benefits.
It should go without saying that purposely putting vulnerabilities in encryption schemes is idiotic. It defies their very purpose, and it will in no way hamper the ability of hostile elements to communicate without our knowing considering the huge number of workarounds they have access to. It puts the public at greater risk as a side-effect. Whether or not it's a constitutional right is not even relevant in my opinion.
Well the problem with your little rant here is that they wouldn't be putting in "vulnerabilities", they'd be putting in a back door for authorities and intelligence agencies.

There are good uses for this, and it sounds like a good idea on paper. But the reality of all this is much more complicated.

back doors are, by definition, vulnerabilities

challengerX · December 08, 2015, 06:09:58 AM

This user has been blacklisted from posting on the forums. Until the blacklist is lifted, all posts made by this user have been hidden and require a Sep7agon^® SecondClass Premium Membership to view.

Anonymous (User Deleted) · December 08, 2015, 06:48:40 AM

Quote from: I slam Islam on December 08, 2015, 06:09:58 AM

Quote from: rc on December 07, 2015, 08:59:11 PM
Quote from: I slam Islam on December 07, 2015, 02:59:07 PM
Quote from: Tsirist on December 07, 2015, 12:42:18 PM
Quote from: I slam Islam on December 07, 2015, 05:59:15 AM
Been reading about this and no, definitely not. The cons (pretty much giving up one of your constitutional rights) far outweigh the benefits.
It should go without saying that purposely putting vulnerabilities in encryption schemes is idiotic. It defies their very purpose, and it will in no way hamper the ability of hostile elements to communicate without our knowing considering the huge number of workarounds they have access to. It puts the public at greater risk as a side-effect. Whether or not it's a constitutional right is not even relevant in my opinion.
Well the problem with your little rant here is that they wouldn't be putting in "vulnerabilities", they'd be putting in a back door for authorities and intelligence agencies.

There are good uses for this, and it sounds like a good idea on paper. But the reality of all this is much more complicated.
back doors are, by definition, vulnerabilities
They're not making it vulnerable. They're making it so it can be cracked so authorities can access it.

It's not about making their encrypted shit vulnerable.

The entire point of a backdoor is to create a vulnerability where there otherwise wouldn't be one.

Quote

A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, or obtaining access to plaintext while attempting to remain undetected.

challengerX · December 08, 2015, 06:55:53 AM

This user has been blacklisted from posting on the forums. Until the blacklist is lifted, all posts made by this user have been hidden and require a Sep7agon^® SecondClass Premium Membership to view.

Anonymous (User Deleted) · December 08, 2015, 06:58:46 AM

Quote from: I slam Islam on December 08, 2015, 06:55:53 AM

Quote from: Cup-O on December 08, 2015, 06:48:40 AM
Quote from: I slam Islam on December 08, 2015, 06:09:58 AM
Quote from: rc on December 07, 2015, 08:59:11 PM
Quote from: I slam Islam on December 07, 2015, 02:59:07 PM
Quote from: Tsirist on December 07, 2015, 12:42:18 PM
Quote from: I slam Islam on December 07, 2015, 05:59:15 AM
Been reading about this and no, definitely not. The cons (pretty much giving up one of your constitutional rights) far outweigh the benefits.
It should go without saying that purposely putting vulnerabilities in encryption schemes is idiotic. It defies their very purpose, and it will in no way hamper the ability of hostile elements to communicate without our knowing considering the huge number of workarounds they have access to. It puts the public at greater risk as a side-effect. Whether or not it's a constitutional right is not even relevant in my opinion.
Well the problem with your little rant here is that they wouldn't be putting in "vulnerabilities", they'd be putting in a back door for authorities and intelligence agencies.

There are good uses for this, and it sounds like a good idea on paper. But the reality of all this is much more complicated.
back doors are, by definition, vulnerabilities
They're not making it vulnerable. They're making it so it can be cracked so authorities can access it.

It's not about making their encrypted shit vulnerable.
The entire point of a backdoor is to create a vulnerability where there otherwise wouldn't be one.

Quote
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, or obtaining access to plaintext while attempting to remain undetected.
Obviously it's technically a vulnerability.

My point is they're not making it encrypted then creating vulnerabilities, as if they're fucking retards.

Actually, that's exactly what they want to do.

challengerX · December 08, 2015, 07:35:58 PM

This user has been blacklisted from posting on the forums. Until the blacklist is lifted, all posts made by this user have been hidden and require a Sep7agon^® SecondClass Premium Membership to view.

Anonymous (User Deleted) · December 08, 2015, 07:55:37 PM

Quote from: I slam Islam on December 08, 2015, 07:35:58 PM

Quote from: Cup-O on December 08, 2015, 06:58:46 AM
Quote from: I slam Islam on December 08, 2015, 06:55:53 AM
Quote from: Cup-O on December 08, 2015, 06:48:40 AM
Quote from: I slam Islam on December 08, 2015, 06:09:58 AM
Quote from: rc on December 07, 2015, 08:59:11 PM
Quote from: I slam Islam on December 07, 2015, 02:59:07 PM
Quote from: Tsirist on December 07, 2015, 12:42:18 PM
Quote from: I slam Islam on December 07, 2015, 05:59:15 AM
Been reading about this and no, definitely not. The cons (pretty much giving up one of your constitutional rights) far outweigh the benefits.
It should go without saying that purposely putting vulnerabilities in encryption schemes is idiotic. It defies their very purpose, and it will in no way hamper the ability of hostile elements to communicate without our knowing considering the huge number of workarounds they have access to. It puts the public at greater risk as a side-effect. Whether or not it's a constitutional right is not even relevant in my opinion.
Well the problem with your little rant here is that they wouldn't be putting in "vulnerabilities", they'd be putting in a back door for authorities and intelligence agencies.

There are good uses for this, and it sounds like a good idea on paper. But the reality of all this is much more complicated.
back doors are, by definition, vulnerabilities
They're not making it vulnerable. They're making it so it can be cracked so authorities can access it.

It's not about making their encrypted shit vulnerable.
The entire point of a backdoor is to create a vulnerability where there otherwise wouldn't be one.

Quote
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing unauthorized remote access to a computer, or obtaining access to plaintext while attempting to remain undetected.
Obviously it's technically a vulnerability.

My point is they're not making it encrypted then creating vulnerabilities, as if they're fucking retards.
Actually, that's exactly what they want to do.
No it isn't.

It literally is.

Quote

Earlier this month, FBI general counsel James Baker said the FBI had given up on encryption back doors. “It’s tempting to try to engage in magical thinking and hope that the amazing technology sector we have in the United States can come up with some solution,” he admitted, calling the notion that back doors might be safe “magical thinking”.

Weinstein said that there was simply no way to make a backdoor “key” that only worked for the “good guys”.

“If there was a scientifically provable way to do this, we could have the discussion, but it doesn’t make sense to have the discussion when everybody who’s looked at this and is honest about it says that it would make us more vulnerable when those systems are subverted,” he said.

“Magical thinking is a really good term for this. They say, ‘Golly gee, if only!’ That if-only doesn’t exist.”

challengerX · December 08, 2015, 08:07:51 PM

This user has been blacklisted from posting on the forums. Until the blacklist is lifted, all posts made by this user have been hidden and require a Sep7agon^® SecondClass Premium Membership to view.

Ajax · December 10, 2015, 08:43:02 AM

I don't see why they wouldn't...

Anonymous (User Deleted) · December 10, 2015, 12:41:48 PM

Quote from: Ajax on December 10, 2015, 08:43:02 AM

I don't see why they wouldn't...

Here's an MIT paper explaining why it would be a bad idea.

Cadenza has moved on · December 12, 2015, 03:55:44 AM

Isn't this a no brainer? the entire purpose of encryption is to avoid being spied on, and having a built in method to be spied on defeats that purpose. Even if National security was a valid excuse (which it isn't given how little I trust my government and how little everyone else seems to trust there's) it still comes across as trying to close Pandora's box.