
Where Do Major Tech Companies Stand on Encryption? - DiabloD3
https://www.eff.org/deeplinks/2015/10/where-do-major-tech-companies-stand-encryption
======
Tloewald
Check out Dropbox's statement:

" _Governments_ should never install backdoors into online services or
compromise infrastructure to obtain user data."

In essence we want companies to state the following:

1) They won't cooperate with governments (or other third parties) _and have
never cooperated_ in adding backdoors.

2) They won't create, _and have never created_ their own backdoors. They will
not hold keys so that they can't be forced to surrender customer data.

3) They will not grant _and have never granted_ access to their servers.

Even Apple's statements allow for _past_ or _pre-existing_ back doors or
cooperation. Given a company may willingly or have been forced to cooperate in
the past, or may have had backdoors in the past, it should own up (either
specifically or as much as legally possible) and state that this has stopped.

~~~
eevilspock
Did you miss this in the article?

 _> In addition, Apple has never worked with any government agency from any
country to create a “back door” in any of our products or services. We have
also never allowed any government access to our servers. And we never will._

As for Dropbox, is Condoleezza Rice still on their board? [http://www.drop-
dropbox.com](http://www.drop-dropbox.com)

~~~
Tloewald
Apple's statement is not quite airtight. E.g. they could have implemented a
backdoor without government agency involvement; but it's by far the best
statement.

Condi Rice's presence on Dropbox's concern was why I went to check their
statement first.

------
hackuser
I think words are not meaningful for this issue; the measure is the actions
they take to promote legislation securing private data. Consider:

1) A 'backdoor' is only one of an infinite variety of exploits. Forswearing
backdoors doesn't mean they don't help government access data otherwise.

2) The companies themselves collect and utilize private data on a massive
scale. For most people, they are a much greater risk than government.

3) No matter what they say all of them will help government if the stakes are
high enough. Imagine another major war like WWII, with America's future on the
line and tens of millions of lives at risk and the whole country behind the
war effort. These companies would do whatever they could to support the effort
(and probably that would be the right thing to do). That's an extreme example,
but my point is that blanket assurances are not meaningful; what matters is
how they balance various priorities and respond to pressure.

Finally, talk is cheap; it costs them nothing and they do nothing. Let's see
them invest their resources and reputations in standards and legislation
protecting private data from everyone, government and business.

------
shaggyfrog
It's all in how one defines the terms, isn't it?

[https://twitter.com/csoghoian/status/606480315842830336](https://twitter.com/csoghoian/status/606480315842830336)

Equivocation is a powerful force.

------
z3t4
Show me some implementations already :P

Also check out mySQL's geo spatial functions.

