>*UK users would not be beholden to Apple for E2EE if their clients had legitima...

lll-o-lll · 2025-03-06T07:59:21 1741247961

> you can't backdoor encryption without making it insecure.

That’s not really true is it? If I have a building where every room has its own key, but there is also a “master key” that can open all doors; then it’s not “insecure”. You want to be pretty bl—dy careful with that master key, sure, but the idea isn’t crazy.

ziddoap · 2025-03-06T14:05:58 1741269958

It is absolutely a crazy idea.

Physical analogies don't really work in this situation because of the scale, and the payout.

A physical master key for a building has a few hundred thousand/a few million people that could potentially access it. The payout is low (i.e. the motivation is low on average)

An encryption backdoor to phones has a few billion people that could potentially access it. From anywhere in the world. The payout is huge (access to all iPhones).

Multiple entire governments would dedicate tens of millions of dollars and thousands of people to gain access to a ubiquitous backdoor on something like a phone. The same just isn't true with your building analogy -- they are completely different.

akimbostrawman · 2025-03-06T12:22:58 1741263778

Even the most secure masterkey can just be stolen.

https://en.m.wikipedia.org/wiki/EternalBlue

alwayslikethis · 2025-03-05T23:32:16 1741217536

You can have a service beyond the reach of UK law enforcement. Somehow piracy on the clearnet never really stopped with it being illegal in most countries.

ziddoap · 2025-03-06T01:28:29 1741224509

You're suggesting that Apple, a giant publicly traded company with known people that can be summoned to court and assets located in places that can be seized, should ignore lawful orders from a country they are operating in?

Can I ask you how you think that would play out?

>Somehow piracy on the clearnet never really stopped with it being illegal in most countries.

I'm sure you can spot the difference between a small group of people running a piracy site and a multinational company selling physical devices in physical stores.

wqaatwt · 2025-03-06T09:16:22 1741252582

> should ignore lawful orders from a country they are operating in?

By allowing users to install arbitrary software on their computers which is not directly controlled by them?

That certainly would be shocking and unheard of.

alwayslikethis · 2025-03-06T01:59:37 1741226377

I'm not talking about Apple here.

This is what you said:

> Any sufficiently popular alternative would be subject to the same issue: you can't backdoor encryption without making it insecure.

I'm just saying this is not true because you can have a company without any legal presence, thus susceptibility to law enforcement, in the UK. The legal issue will be shifted onto the user, but it's hard to go after millions of users compared to one big company.

The parallel with piracy is that they also tend to be operated from beyond the jurisdiction of countries enforcing the copyright.

ben_w · 2025-03-06T03:22:25 1741231345

That didn't work out for X in Brazil. The government of a sovereign nation can just require you to have a presence to do business there.

alwayslikethis · 2025-03-06T11:32:36 1741260756

That's mostly because of them using Musk's other business as leverage. A good company created explicitly to operate like this has no such vulnerability. The UK can try to stop them by trying to block the IPs or whatever, and the company is in turn free to try to circumvent it. The only issue is they may be banned from App store, which is a self-inflicted problem caused by Apple.

robertlagrant · 2025-03-06T10:47:38 1741258058

> you can have a company without any legal presence, thus susceptibility to law enforcement, in the UK

This is true, although you'd need to sideload to avoid things like "UK government bans this app from the UK app store".

tree_enjoyer · 2025-03-06T00:48:08 1741222088

If you're a company with offices, personnel, and assets in the UK, well your "service" may be beyond the reach, but the rest isn't.