Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Don't they simultaneously also have to ban all forms of encryption without backdoors?


There is some value in just forcing a backdoor on manufacturers without a ban. Plenty of people only get the benefits of encryption because it is on by default.

However, to be truly effective, yes they would have to ban other forms on encryption - this obvious inference was totally ignored in all news I read or saw of the clipper chip in the 90s. A sad illustration of the prevalent shallowness in mainstream tech reporting.


The real problem with the clipper chips was the start of international communication - which meant the USA had to agree with Europe, Japan, China etc to share the keys.

Same thing here, if the US has a backdoor into https/ssh, then the Eu will also want one, and Russia, and China, and India and the middle east. How long is your online shopping going to be secure when Nigeria or Somalia has the official government backdoor into your bank login.

SO we can thank Amazon/Visa/Apple for quashing this one.


According to the nytimes article, the proposal will likely include the requirement that you MUST have a backdoor in your encryption scheme. That effectively bans schemes without backdoors.


So the theory is that the mafia guys they're trying to take down for extortion and murder will meekly submit to government mandated encryption? Sounds plausible to me!


I suppose if they make using non-backdoored encryption a felony, they can convict them of that, even if they don't know the contents of their communications.

Of course, if there is a back door in all encryption between, say, businesses or minority political groups or anyone else who has legitimate reason to encrypt stuff, 1) there's the chance (very likely) that others will discover the back door, and 2) the government (or some of their employees) will probably abuse it at some point.

See, the whole point of encryption is to make your communications SAFE and eliminate these sorts of unknowns. It's a legitimate need, and just because it can be misused doesn't mean it shouldn't exist.


That's a good point that I hadn't realized. If this were to pass, they can get you on using encryption without actually charging you with any other crime. That's scary.


In the UK they can imprison you for 5years for refusing to hand over the key.

You did log the key for that https session when you used amazon checkout didn't you?


I think the theory is that mafia guys will download stuff off the web, which presumably has backdoors they don't know about or understand, instead of hiring coders to write custom chat and email applications...

Not that this will ever pass as a law.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: