Do we trust Intel chips are free from gov backdoors? Or that Microsoft/FB arent in bed with the NSA? I would say the precedent has long since been set.
You're right, but this is the first time (I know of) that a government has explicitly required backdoors and forcing tech companies to download malware/spyware to their customers' devices. This new law brazenly makes encryption useless and sets a dangerous precedent.
There was an attempt to do this in the 90s in the US, but it failed. There's a paper titled "Keys Under Doormats" that outlines the debate of that era:
> Do we trust Intel chips are free from gov backdoors?
No. But there are people working hard on things like Power8-- which already exists-- and RISCV-- which don't include anything similar to Intel's ME.
Probably more to the point, Apple already designed and implemented a secure enclave that makes it much harder for them to turn over things to law enforcement like messaging content of its users. Signal similarly has a design that limits the amount of data it has to turn over.
Without a legal precedent that says you can't do such hardware/software designs, lots of companies do such designs. We've even seen a company fold rather than change their design on the request of the government to make it easier to spy on users.
Plus, if there is an Intel ME backdoor it is almost certainly only available directly to NSA-- not to FBI, not to the Treasury, definitely not to local law enforcement, and definitely not to other tech companies or politicians who have the sway to convince any of the above to give them access to some data they'd like to have.
A law that makes it possible for more government agencies to force a company to turn over data or serve up malware is a law for the worse. A law that makes it harder for companies to design secure protocols and systems in the first place is a law for the worse.
Or that Microsoft/FB arent in bed with the NSA? I would say the precedent has long since been set.
Well, Facebook isn't a very good example here. There were so many inputs/outputs into its user data that it's hard to imagine a type of inference that could not have been retrieved by an interested third party on any subset of its userbase.
If Facebook is supposed to be a metaphor for all modern general purpose computing software, your only serious conclusion is to stop using all modern general purpose computing software.
Actually we have yet to see any evidence that the government have forced Intel, Facebook, Amazon etc to insert backdoors. In fact the Snowden leaks kind of have evidence to the contrary - the NSA hacked Google's private network. They wouldn't need to bother if they had legally compelled them to add some kind of national security backdoor.
Not that this is any good, but at least in the US the state pays for the surveillance. Here the businesses have to foot the bill for who knows hoe many unending requests. If you thought it was hard to make a viable tech business in Australia before, well you can forget all about that now.
It's more like if Microsoft and FB were in bed with the NSA. And then they sent you the bill for your own surveillance. And if you didn't pay, then sent you to jail.
That's not necessarily true. For TCNs there is an explicit section that deals with compensating businesses, through an "Applicable costs negotiator". See s.317ZK(16).
And there is no criminal liability for non-compliance. "Just" very hefty civil fines.
If intel does have a backdoor, would you think they were compelled to include it against their will by government, or that they willfully included it for their own use?
