*Any* Backdoor in to Encrypted Devices Will Not Work!
TechCrunch reported today that US attorney general William Barr says Americans should accept security risks of encryption backdoors and this idea is a very, very bad one. There is NO FUCKING WAY that I will allow my devices to have a backdoor in them … ever … and please note: this is NOT about me maintaining my social media, email or chat privacy. This is about protecting MY data and MY personal and client accounts.
If the U.S. Department of Homeland Security, Medicaid, Army, Office of Personnel Management, Department of Defense — and companies with their business and reputations at stake — can’t keep hackers out of their systems, how will the government protect a backdoor?
Check out this list of breaches on Wikipedia which starts out with this in the opening paragraphs, and scroll down to see how many companies and governmental organizations have been breached:
It is estimated that in the first half of 2018 alone, about 4.5 billion records were exposed as a result of data breaches. In 2019, a collection of 2.7 billion identity records, consisting of 774 million unique email addresses and 21 million unique passwords, was posted on the web for sale.
If a backdoor is legislated to be put in our smartphones, tablets and computers, I can absolutely guarantee that it will get out in to “the wild” and be used by blackhat hackers, regardless of what NON-TECHIES like Barr and Trump spout off about in rallies or articles.
Like CGPGrey has said, “There’s no way to build a digital lock that only angels can open and demons cannot. Anyone saying otherwise is either ignorant of the mathematics or less of an angel than they appear.” I submit that most leaders are not only ignorant of both the math and why it is not technically feasible to put a backdoor in to encryption, they only care that we can keep governmental (and hacker!) prying eyes out of our most sensitive information.
One glance at my iPhone shows that there are numerous apps that could destroy me financially and potentially provide access to my LastPass password manager … allowing subsequent access to nearly 2,000 passwords for clients and every website I’ve signed in to in the past. For example these apps being compromised:
- Charles Schwab with access to my entire portfolio
- Wells Fargo with access to my wife and my accounts
- My Bitcoin wallet
- My Apple Wallet with multiple credit cards and Apple Store cards with money in them
- Signal communication app — which protects our communications when my wife, kids or myself are traveling overseas
- My LastPass app with connections to my password vault…
- …and too many more.
I could go on and on but let me have John Oliver amusingly inform you about the realities of having the government put a backdoor in and defeat encryption: