this post was submitted on 31 Jan 2025
38 points (80.6% liked)

Technology

61227 readers
5047 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
38
What are the potential risks and benefits of implementing encryption backdoors for law enforcement? (ace-usa.org)
submitted 12 hours ago by [email protected] to c/[email protected]
15 comments fedilink hide all child comments
 

Are there any real-world examples where encryption backdoors have been successfully used without compromising cybersecurity? How do different governments and tech companies approach this issue, and what are the implications for global digital security?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 28 points 12 hours ago (1 children)

Are there any real-world examples where encryption backdoors have been successfully used without compromising cybersecurity?

No. Adding a backdoor to cybersecurity is fundamentally introducing a vulnerability that can be exploited by an attacker.

A backdoor in your IT security is like a hidden button to bypass the lock on the impenetrable front door of your impenetrable house. Sure, it makes the police serving a warrant easier, but now there's a button that anyone can push to bypass your door.

What you will find are instances with no apparent violations. Just like setting all the nuclear weapons to have the exact same easily remembered activation code didn't actually lead to a nuclear exchange.

[–] [email protected] 1 points 2 hours ago* (last edited 2 hours ago) (1 children)

What you *will* find are instances with no apparent violations. Just like setting all the nuclear weapons to have the exact same easily remembered activation code didn't actually lead to a nuclear exchange.

This isn't a great example. Not even a backdoor. That's an example of weak security, at the final stage behind multiple layers of extremely strong security. If an adversary had got to the point where they were at an ICBM bunker console, and the only thing stopping them was a 4 digit code, it was already basically game over.

The backdoors our corporate oligarchs want have zero safeguards, and once discovered grant any attacker the keys to the entire kingdom, remotely. It's more like the only security being the 4 digit code. It fundamentally weakens the security of everyone, and every system we rely on, to the extent any attempt to do it should be considered a direct act of war against us — as treasonous sabotage, that only our worst enemies would attempt.

[–] [email protected] 1 points 12 minutes ago

I see you understood the point made by the example.

For nuclear weapons specifically, the activation code was supposed to be a command and control measure to prevent unauthorized use. Having it both be an easily remembered code and one widely known made that whole system meaningless theatre.