
Should All Locks Have Keys? Phones, Castles, Encryption, and You [video] - hugofirth
https://www.youtube.com/watch?v=VPBH1eW28mo
======
slg
This is a very good video that gives you insight into both sides of the
debate, but I'm not sure it will change many minds because the central idea of
the video isn't really supported by anything. The entire thing rests on on
argument, "There is no way to build a digital lock that only angels can open
and demons cannot." However, there is nothing in the video to back up why that
argument is true now and/or will continue to be true in the future. That is
where Clinton's whole "Manhattan Project of Encryption" idea comes from that
she mentioned a few months back.

It also makes the entire debate black and white which isn't the case in the
rest of our legal system. Nothing there is 100% accurate. There are guilty
people who get off and innocent people who are convicted. If we could devise a
lock that keeps out nearly all demons and lets in most angels, would that
satisfy both sides of the debate?

~~~
jasode
_> However, there is nothing in the video to back up why that argument is true
now and/or will continue to be true in the future. _

It seems obvious to me why it's trivially true but maybe you had something
else in mind.

Let's say you have an equation like this: x+3=10.

How do we make it so the answer of "x=7" is only given by angels but never by
demons? Cryptography is mathematics and for the entire period of its
existence, there's no math that only the good guys can perform but the bad
guys can't. _Math and numbers don 't have a concept of angels vs demons acting
on it._ Same idea as a physical key not knowing if the hand using it is a
legitimate police officer or a criminal.[1]

Also, the distinction of angels-vs-demons is not as simple mapping it to
government-vs-terrorists. _What if the actors in government are the demons?!?
"_ Examples are police officers using their computers to digitally stalk
people or CIA officers probing into citizen's private files that they're not
authorized for.

Clinton said, _" There must be some way. I don't know enough about the
technology,"_[2]

Ok, it seems like someone can just sit down with Clinton and outline the math
above. Or, if we really really wanted to play along with the " _there must be
a way_ " idea, I suppose we could postulate a math device that only performed
mathematics after scanning the users brain and determining that the neural
patterns constitute a "good guy" with lawful intentions. Well, what about all
the electronics and math unrelated to the biometric verification? Just bypass
it.

[1][https://www.google.com/search?q=tsa+keys+leaked](https://www.google.com/search?q=tsa+keys+leaked)

[2][http://arstechnica.com/tech-policy/2015/12/hillary-
clinton-w...](http://arstechnica.com/tech-policy/2015/12/hillary-clinton-
wants-manhattan-like-project-to-break-encryption/)

~~~
slg
I think the obvious response to your first argument is that encryption already
works on the angels vs demons system. Except with the current technology the
angels are the owner of the data and anyone with which they share the data.
Why does the mathematics work for that but you can't expand it to a larger
group of angels.

As I have said elsewhere in this thread, your second point isn't an argument
involving encryption. You are arguing that we can't trust the government.
While that might be true, that is an entirely different debate that is
relevant in a whole bunch of other areas and not specifically encryption.

~~~
jasode
_> but you can't expand it to a larger group of angels._

Your phrasing and labeling of "angels" is not the same as mine. We are
starting from different assumptions.

In my opinion, you've made a leap of logic and _a priori_ called the abstract
actors in the government, "angels".

I would weaken your sentence to say: _" but you can't expand it to a larger
group of 3rd-parties."_

It's critical that I call them 3rd-parties because it is _not yet known_ if
they will behave with angel or demon _intentions._ It's also impossible for
technology to determine that.

 _> You are arguing that we can't trust the government. While that might be
true, that is an entirely different debate_

I respect that you consider it a separate issue but I think that bad actors
(or sometimes incompetence without malice[1]) within the government is
_intertwined_ with what an "angel" is.

To not get bogged down on "angel", let's say we just consider if there's a way
for technology to create a backdoor that only works for the government but not
non-government. Again, the answer would be no.

[1]such as the leaks of SSN, mothers maiden name, etc from OPM backround
checks:
[https://www.google.com/search?q=opm+background+checks+leaked](https://www.google.com/search?q=opm+background+checks+leaked)

~~~
BookmarkSaver
There are ways to make perfectly secure (from a mathematical standpoint)
backdoors. Theoretically, there is no reason that every encryption couldn't
have a second key known to the government that doesn't weaken the encryption
by any significant standard.

The problem is about trusting the government, which can mean (at least) two
things. Either you don't trust them to use the key properly. Which is a valid
concern. Or you don't trust them to keep their official backdoor key secure.
Which is also valid, secure data is stolen all the time and we can't even be
sure that they'd notice or admit if it did get stolen.

Again, the technical challenge here is that in the real world keys can be
stolen. The "system" can be secure from non-government actors even if the
system comes installed with a backdoor that the government has access to. The
weakness isn't in the theoretical "system", it is in the fact that now instead
of one point of weakness (you yourself protecting your own key) there are two
real-world points of weakness (your key and the government's key). The
"system" is still impregnable to the same types of attacks, but now rather
than tricking you out of your key someone might be able to trick the
government out of theirs too.

~~~
slg
Now hypothetically, what if you divide the "government key" in half. Give half
of that key to the vendor controlling the encryption and half to the legal
system. As long as you don't restrict the company from speaking out about its
cooperation, that would seeming prevent abuse as well as minimize damage if
one key leaked.

