
How to Talk to Your Parents About Encryption - runesoerensen
https://blog.cloudflare.com/how-to-talk-to-your-parents-about-encryption/
======
doomrobo
This doesn't address one of the most polarizing points regarding encryption:
backdoors. The bank analogy kind of breaks down in this case, because the
federal government always has the power to freeze your assets at any bank in
the U.S. So how do you discuss the pros and cons of government-accessible
encryption backdoors in today's context of security and terrorism?

I really don't have a good answer to that and I genuinely wish I did. I would
love if somebody could share their thoughts and maybe present a strong
argument in simple words that I can share with friends and family whenever
this issue comes up.

Here is approach I took to this issue when speaking with my father. Opting for
a backdoored communication channel as opposed to end-to-end encryption is a
massive liability to the company that can end up costing them the trust of
their users in addition to monetary costs. Having end-to-end encryption means
that (assuming the actual encryption scheme is sound, and I'm aware that
that's a big if) it is literally impossible for any hacker, no matter how much
control they now have over the system in question, to retrieve the contents of
these messages. It might be theoretically possible for them to compromise
future interactions (and that's why incident response needs to be as swift as
possible), but at least the past is safe. Now imagine the liability a smaller
company is taking on when they decide to store all user data and hand the
government the keys. There is now a significantly greater possibility of
something going wrong. Maybe they accidentally cached the plaintext, maybe
they mess up the encryption, maybe the decryption key has been compromised.
The point is that it simply doesn't make sense from a capitalist point of view
to take on that kind of risk for no monetary benefit. That is at least one way
to see it, I think.

~~~
daxelrod
The compromise of the master key for TSA locks is a great example to give
people, because everyone is familiar with locks. It demonstrates that all it
takes is one person with access to the back door to screw up a little, and
then everyone is less secure.

[https://theintercept.com/2015/09/17/tsa-doesnt-really-
care-l...](https://theintercept.com/2015/09/17/tsa-doesnt-really-care-luggage-
locks-hacked/)

