Where my love of science began

That is the most ironic thing I have read this year. The recent ransomware attacks were only possible because a backdoor exploit used by the CIA was leaked to hackers. Now you want the providers of encryption software to provide a back door to allow government agencies to view encrypted messages. And of course there is NO chance of that falling into the wrong hands, now is there?

It’s just hilarious.

Let’s see if we can break this down a bit and remove the politics.

When a message is encrypted with my public key, I am the only one who can decrypt it. Not even the sender can do that. You need the private key, which I have stored on my device. This is where the ‘laws of mathematics’ come in. It simply cannot be done in any reasonable time frame, we are talking years, even with modern computers. Certainly not feasible or even worth trying.

The only way that Facebook would be able to allow government agencies to view these messages would be to provide a way to remotely access the private key on a device and use it to decrypt the message. To do that means providing a backdoor way of accessing the application and extracting the key. No sooner would they do that than someone will find a way to exploit it, of that you can be certain.

With regard to the above preventing terrorists from communicating, encryption has been around for a long time, well before it was added as an extension to things like Whatsapp. All a terrorist will need to do is to encrypt his message in the traditional way with whatever tool he chooses, he could even write one himself, and send that using the platform of his choice. Facebook and all others will be powerless to assist the government in reading those messages. It simply could not be done.

But the government has been a bit hazy on what it actually is they expect Facebook to do, so details are sketchy. I think they want the tech companies to come up with a solution. It remains to be seen if they will comply and if they do, how long it will be before whatever they come with is exploited. You cannot weaken the system just for the bad guys, it will affect all of us. I’m sure a lot of people will not care.

@silentC said in Where my love of science began:

You cannot weaken the system just for the bad guys, it will affect all of us. I’m sure a lot of people will not care.

It would be a bit like having a requirement to leave the keys to your house at the local fire station in case there is a fire… only it’s the keys to your bank account, and perhaps the deeds to the ranch as well.

It seems ironic that, at a time when governments are demanding more abilities and rights to know more of our secrets, they are doing more and more to hide what they are doing. Even information that should be in the public domain is made difficult to obtain, and governments resort to all sorts of strategies to keep things off the public record. Have a look at Brandis’ effort to keep his work diary secret, despite a succession of court orders to release it.

Encryption to play with
https://brandis.io

A more likely scenario about what the government might try and do
https://risky.biz/bannedmath/
Basically go after the endpoints, aka your phone/computer

If the NSA can’t keep their hacking tools secret, you think the oz gov will do better?

Thanks for those links, tqft, especially the second one.

@Shy-Ted said in Where my love of science began:

Thanks for those links, tqft, especially the second one.

Yep me too, the last paragraph of the second one pretty well sums up the situation, but I’m buggered if I can think of a solution that is not totally draconian.

@Termite said in Where my love of science began:

… but I’m buggered if I can think of a solution …

That’s because there is none.
It is a waste of time trying to bring in measures that allow certain systems to be hacked by the “good guys” (and hopefully not the “bad guys”), because the “other bad guys” you are trying to catch will simply move onto another platform/system that hasn’t yet been opened up to the “good guy” hackers.
The only way law enforcement can catch these “other bad guys” is by infiltration, or insider help.

Terrorists will just start using Nokia phones!

I don’t know, it all smacks of waving one hand while doing something unseen with the other to me…

@silentC said in Where my love of science began:

I don’t know, it all smacks of waving one hand while doing something unseen with the other to me…

Such cynicism in one so young.:astonished:

Looks like your connection to The Blokey Shed was lost, please wait while we try to reconnect.