
Scaring People into Supporting Backdoors - hsnewman
https://www.schneier.com/blog/archives/2019/12/scaring_people_.html
======
HarryHirsch
Why do people generally assume that law enforcement is clean? There are
sufficient examples of cops informing for drug gangs
([https://dfw.cbslocal.com/2013/07/29/during-steroid-
scandal-f...](https://dfw.cbslocal.com/2013/07/29/during-steroid-scandal-few-
arlington-police-officers-faced-drug-tests/)), and somewhere in Mexico a
blogger whose subject was gang atrocities was discovered and killed by cartel
members because the cartel had an inside man at the local telco
([https://www.theatlantic.com/international/archive/2011/11/me...](https://www.theatlantic.com/international/archive/2011/11/mexican-
drug-cartel-killed-another-blogger/335686/)).

~~~
shakezula
From an American perspective: it's because police are idolized and worshipped
on the nightly news just about every single day. Growing up, speaking ill of
the police was second only to speaking ill of God himself, and this isn't an
exaggeration. There are no cops in my family, but this reverence is still
held. My family is quite religious, and I wonder if that plays a factor (I
would suspect it does).

~~~
newnewpdro
It's just another form of tribalism, picking teams, and blindly supporting
your chosen team.

Religion is the same, pick a team and throw critical thinking out the window.

Supporting police vs. the criminals, there's an implicit dichotomy: who do you
support? if you're not with us, you're against us. You don't support the
criminal team, do you? Go blue! Blue lives matter!

Employment: which company is your team? You _must_ be employed, now go choose
one, and let your employer even define talking points for defending its poor
behavior at family gatherings. [0]

Politics: Red or Blue, pick one and always vote your color no matter what the
consequences.

Once people are engaging in teams, they're largely no longer thinking
critically about the substance anymore. It's no longer relevant, the priority
is being aligned with their peers.

It's quite dangerous, like mob mentality.

[0] [https://www.forbes.com/sites/krisholt/2019/12/02/facebook-
ma...](https://www.forbes.com/sites/krisholt/2019/12/02/facebook-made-a-
chatbot-to-help-workers-handle-relatives-awkward-questions-over-thanksgiving/)

~~~
a1369209993
"If I'm either with you or against you, then I'm against you. No matter who
you are, no matter what you stand for."

~~~
newnewpdro
Who are you quoting?

~~~
Porthos9K
The hero we don't deserve.

------
javajosh
I have a related question, which is if the government's argument is valid,
then why not extend it? Why not require cameras in every room of the home, so
that if abuse or molestation of a child occurs then child services can step
and remove the child, and the parents be prosecuted? You might also argue that
if you don't accede to this simple request, then you must have something to
hide.

~~~
kazagistar
Let's extend it with reason instead. Everyone has something to hide, but the
people with the most power can do the mosr dangerous things. We need power-
progressive surveilence: everyone with lots of power over the lives of others
should have their choices and lives be scrutinizable by those whose lives they
affect.

\- Random ordinary citizen? Leave me alone. \- Someone in a law enforcement
agency? Jail time if their mandatory badge came stop functionioning, with all
the footage being public data. A powerful politician? Billionaire CEO? Board
members of a massive international corporation? 24/7 livestreamed public
surveillance.

After all, the worst the average person can do is shoot some people, but those
who hold power can ruin the lives of millions with a word, and often do. They
shouldn't be allowed to get away with it, and if they don't like it, they can
simply step away from power.

I honestly believe this, but even if you don't, it's worth considering why
it's always a discussion of the powerful privately and secretly monitoring the
weakest in society, rather then the other way around. Almost like its purely a
reinforcement of the existing hierarchy.

~~~
tolstoshev
I make a similar argument about the age of transparency hurting the elite more
than it hurts common folk. If you make all my data public, I'll be at most
embarrassed. If you make the elite's data public, that includes the location
of dead bodies.

~~~
traderjane
You wouldn’t just be embarrassed. Job interviews, health insurance policies,
even the prices or discounts available to you may all come under rational
consideration.

------
Gys
> We are saying three things. One, that strong encryption is necessary for
> personal and national security. Two, that weakening encryption does more
> harm than good. And three, law enforcement has other avenues for criminal
> investigation than eavesdropping on communications and stored devices (this
> is just one example).

Also: law enforcement assumes criminals and others are stupid and cannot not
apply encryption and information hiding themselves. Plus creating your own
chat app is extremely easy, so why even rely on the big and obvious ones, just
DIY.

~~~
RankingMember
I mean, really, isn't this kind of a moot point from a dedicated criminal's
perspective? Does the government actually have any power? Sure, you'll catch
the idiots operating over a compromised channel, but it doesn't matter what
laws you pass wailing about "the children" and "criminals" if the criminals
are rolling their own or even just using PGP.

~~~
rando_null
It's not about criminals. It's just about control.

~~~
RankingMember
I think it's both. The government wants the power to see EVERYTHING because
EVERYONE is a potential criminal.

------
deogeo
> In fact, we were never able to view the contents of his phone

They were also never able to learn what was said in the van before the London
Bridge attack [1]. Are we okay with Renault providing a law-free space inside
their vehicles? All cars should be equipped with always-on microphones. But
don't worry! The audio will be encrypted, and only accessible with a warrant.

[1]
[https://en.wikipedia.org/wiki/2017_London_Bridge_attack](https://en.wikipedia.org/wiki/2017_London_Bridge_attack)

Edit: Just to make sure - this is satire, and the logical extension of
believing people shouldn't be allowed to keep any secrets.

Responding in edit due to posting limit (way to make sure downvoted comments
can't explain or defend themselves):

They can also record the person typing in their password, or recording the
screen with cameras, or hardware or software bugs once they have a password to
access the phone.

The analogy works perfectly, and while they may say the will not "treat an
encryption backdoor like a universal bug", that's exactly what it _is_.

~~~
SpicyLemonZest
This isn’t a fair response. If law enforcement knows that some specific person
is doing a crime, they can and do plant always-on microphones on their car.
The law enforcement concern is that they can’t do that at all in this context.
Even if you know for sure someone’s planning a serious crime, there’s no way
to spy on their E2E encrypted communications.

Most law enforcement agencies argue (with varying degrees of believability)
that they will not treat an encryption backdoor like a universal bug they can
just listen in on whenever.

~~~
pjkundert
Of course there is - exactly the same way as they do so with the car: get a
warrant, and surveil the target.

~~~
SpicyLemonZest
How would a warrant give them the ability to see what’s said in an encrypted
chat? You can’t instal a camera on someone’s shoulder like you can put a bug
in their car.

~~~
deogeo
What if they talk with someone while walking through a forest? Should that
also be forbidden, because it's difficult to spy on?

~~~
SpicyLemonZest
I’m not saying end to end encryption should be forbidden, just that it’s a
toxic argument to go “haha, stupid law enforcement doesn’t realize there are
already places that are hard to spy on!” Of course there are, nobody thinks
otherwise.

~~~
deogeo
So what makes E2E encryption different, that the same arguments don't apply to
other difficult-to-spy-on places? I think people should be made acutely aware
it's not an assault on encryption - it's an assault on their right to keep
secrets at all.

~~~
SpicyLemonZest
The difference is that, unlike forests and private spaces, (easy and consumer-
grade) E2E encryption is new. Law enforcement is concerned that adding this
new thing to society will change things for the worse. That's a reasonable
concern in general, even if we don't think it's true in this specific case.

You don't have a general right to keep secrets from law enforcement. With a
warrant, they can spy on you to try and get your secrets in ways that would
otherwise be scandalous or downright illegal. If you don't think law
enforcement should be allowed to steal people's secrets at all, fair enough,
but that's a very radical view and I don't think most people supporting E2E
encryption share it.

~~~
deogeo
Cameras and phone surveillance and miniature microphones are also new. When
technology encroaches upon privacy, "that's just the way things are!", but
when it protects it, "it's new and different and must be restricted!".

More to your point, I do think law enforcement should be allowed to spy on
people when necessary (by whatever definition of 'necessary'). But that's a
far cry from saying that people should be compelled to assist in the spying.

There's no warrant to compel someone to knowingly carry a bug.

------
morganw
It's time for a careful analysis by a qualified cryptographer of how key
escrow weakens the protections encryption is supposed to afford.

Schneier does conclude his post with a general "weakening encryption does more
harm than good", but the title still uses the term backdoor. No one who's
learned a bit about crypto (omitting Lindsey Graham here
[https://www.politico.com/news/2019/12/10/tech-companies-
bipa...](https://www.politico.com/news/2019/12/10/tech-companies-bipartisan-
congress-encryption-080704)) is advocating for a "master key," short key
lengths or backdoors that use obscurity to keep bad actors from exploiting
them.

Key escrow is real & already deployed in things like FileVault's Institutional
Recovery Key [https://support.apple.com/en-
us/HT202385](https://support.apple.com/en-us/HT202385)

All institutions don't use the same key and the vendor doesn't have to have a
copy.

[Microsoft offers companies a recovery mechanism too
[https://docs.microsoft.com/en-
us/windows/security/informatio...](https://docs.microsoft.com/en-
us/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-
plan)]

My guess to how key escrow weakens protections is through implementation
mistakes. Are there also mathematical weaknesses that effectively shorten the
key length making brute force more feasible??? Why is the discourse on the
anti-lawful-intercept side so imprecise?

~~~
TallGuyShort
Key escrow doesn't change the fundamental mathematics behind the key. It's
entirely an implementation detail / matter of trust. You're sharing what would
otherwise be a secret with a new party. If they are untrustworthy or get
compromised, it's no different than if you got compromised directly. But now
you have roughly 2x the exposure.

------
rubinelli
Law-enforcement agencies in the UK, to name one relatively liberal country,
had no qualms about using their anti-terrorism tools to track and arrest
minors during, after, and even before climate change protests. "Think of the
children," indeed.

~~~
shakezula
Every tool we give cops has to be measured in two ways:

\- What's the best case for this tool to be used? \- What's the worst case for
this tool to be used in?

and then the disparity between the two must be examined. In most cases, I
would say it's not worth giving many of these tools to cops.

------
ProfHewitt
How to implement highly-secure backdoors is explained in the following linked
article along with an analysis of potential pitfalls:

[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3425957](https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3425957)

------
jancsika
> In fact, we were never able to view the contents of his phone because of
> this gift to sex traffickers that came, not from God, but from Apple.

Thanks to the poor state of U.S. education, inscrutable nature of encryption,
and the failure of secure software developers to protect nearly anything at
all, this sentence remains unintelligible to most Americans.

~~~
RHSeeger
\- God is all knowing

\- God is all powerful

\- God created the universe

Given the above three, God created the universe knowing he was creating it in
a way that said sex traffickers would come into being, and that they would get
access to said phones/encryption.

It is literally impossible for the first three items to be true and the
consequence to be false. As such, "this gift to sex traffickers" did, indeed,
come for God (and Apple).

~~~
jjgreen
It depends on what you think omnipotence is; if you believe that it is
constrained by consistency (God cannot create a square circle) then it could
be the case that any world created would have some evil. Then a benign God
could create the "best possible world" in which bad things happen.

All academic anyway, there is no God.

~~~
RHSeeger
Even given that, He chose to create this world, with these people. Choosing
between 2 evils doesn't mean you chose evil, but it does mean you chose an
evil.

------
carapace
If encryption is a weapon then (in the USA) the First Amendment applies.

~~~
a1369209993
You're thinking of the _second_ amendment, I think.

~~~
carapace
OMG derp, yeah, thanks

