February 3, 2016

Enforcing Governmental Decryption

By Cloud Syndicate

Governmental Decryption

Recent U.S. bills proposed in California and New York aim to implement a controversial governmental backdoor into mobile devices. The issue concerns forcing manufacturers to provide a mechanism for decrypting any device’s content, without the consent or presence of the owner of the device. But the police already have the right to take your phone and use it against you in the court of law. What good does it do for the manufacturers to be required to decrypt any encrypted content?

Backdoors for tyrannies

The fundamental argument against the governmental backdoor is that any backdoor will inevitably be exploited by other actors. To comply with the law, manufacturers and vendors create a technical means that can be exploited by anyone as an attack vector. Certainly that is one of the reasons for requiring a backdoor, as the usage pattern scenarios can be expanded rapidly from California and New York. Why would national security intelligence operators want to stay limited to these states? Instead, what they are aiming for is global coverage.

Indeed, the relevant mobile operating system providers are global, and implementing a backdoor will implement it globally, not just in one jurisdiction. The controversial bills include a financial instrument to enforce compliance from the operating system and device vendors—a $2500-per-device fine for any device sold in these areas that doesn’t comply. Surely any mobile device vendor will be more than happy to comply rather than let itself be driven bankrupt.

Good deeds uncovered

While the motivation for the governmental access has largely been justified by referring to petty crime and fighting terrorism, one can perhaps assume that the there is more to the story than just breaking up the encryption of a local drug dealer or global lone wolf. After all, the heaviest users of encryption are intelligence agencies, militaries, and corporations. Surely none of those would want their phone manufacturers to leave any kind of backdoor, even when a local cop had been issued with a search warrant.

Given that law enforcement agencies around the world have invested hugely in targeted spyware, most of them are already able to intrude on and invade any device they want to. Whatever encryption is in place, they can circumnavigate it by gaining access to the user device before any encryption happens, e.g. by mirroring the screen for remote inspection and often as not permanent storage.

Hence, the question should be more about whether or not governmental access should be institutionalized. It is currently happening, but do we want to increase its use further? And indeed, do we want to throw more oil on the fire of the struggles between historic nation-states, and within the circles of privatized global security providers?

By Kristo Helasvuo

Cloud Syndicate

Welcome to the 'Cloud Syndicate,' a curated community featuring short-term guest contributors, curated resources, and syndication partners covering diverse technology topics. Connect your technology article or news feed to our syndication network for broader visibility. Explore the intersections of cloud computing, Big Data, and AI through insightful articles and engaging podcasts. Stay ahead in the dynamic world of technology with our platform for thought leadership and industry news.

Join us as we delve into the latest trends and innovations.
Veljko

5 Recruiting Software Tools For Technology And Digital Companies

5 Recruiting Software Tools Finding the best candidate in the sea of thousands of developers [...]
Read more
David Dymko

Episode 17: Diving deep into Kubernetes

Working with virtual machines and or Kubernetes A conversation with David Dymko, Director of Engineering [...]
Read more
Steve Prentice

Episode 20: Why inbound telephone calls are still vital to your business

A conversation with David Anandraj, manager of Product Management for the ecommerce segment of BCM [...]
Read more
Randy

AI Learning and Career Paths: Preparing for the Jobs of Tomorrow

AI Learning and Career Paths The Massachusetts Institute of Technology (MIT) has long been at [...]
Read more
Nancy Zafrani

The Future of Relocation: AI-Powered Solutions

The Future of Relocation Artificial intelligence (AI) isn’t going anywhere — in fact, it seems [...]
Read more
Bright Data

10 Leading Proxy Services: Enhancing Your Online Security and Privacy

10 Leading Proxy Services In the realm of digital technology, proxies emerge as critical tools, [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.