Comment on Apple pulls data protection tool after UK government security row
davesmith@feddit.uk 1 week agoThe question is do you want serious criminals including financial criminals, and whatever authoritarian government shows up at some point and starts tearing up the already increasingly authoritarian UK rule book (hi America) to have access to all communications? Do you want to protect stuff like online shopping? What about https, that protects the sniffing of data in transit across the internet, so a huge chunk of online privacy?
You don’t get one without the other.
It must be said that personal privacy is a cornerstone of a civilised society. You either ahve that or you don’t.
SleafordMod@feddit.uk 1 week ago
I don’t want end-to-end encryption entirely outlawed. But for the biggest platforms from massive corporations, maybe those corporations could keep their encryption keys stored with high security somewhere, so they can decrypt particular messages if a court warrant is issued.
People who are uneasy about that could go to a more privacy-focused platform like Signal. Some criminals would do that too, but at least something would be done to catch criminals on the popular platforms.
davesmith@feddit.uk 1 week ago
I understand where you are coming from, but the encryption is not secure if somebody else holds your password.
SleafordMod@feddit.uk 1 week ago
Fair points. Also I guess practically big companies like Apple would never allow a situation where their encryption is compromised while encryption on smaller platforms like Signal isn’t. Apple etc would spend billions lobbying so such a situation never happens.
davesmith@feddit.uk 1 week ago
I saw it called “end to end encrypted icloud backup” in the news. I guess it is that, in that it is encrypted at rest on apple’s servers, then between those servers and the end-user’s device. But that is a bit different to what signal does. Signal doesn’t store anything at rest on any servers they own as far as the experts I rely on for information on this (and who signal allow to audit them) say.
It seems to be the case that as long as apple offer any products at all to the UK market, the UK government have the right to ask, in secret, for apple to provide encryption backdoors into their products for all of apple’s customers whatever the nationality. It seems likely that the UK will share this information with five eyes countries’, allowing those countries to circumvent their own legal processes.
It isn’t clear if that has happened or is going to happen but it seems likely that they will, if they can get away with it without it becoming public knowledge. Which has pissed off, for instance, US information security professionals who like iphones whose data now can’t be considered secure.
It might be the case that apple has had to withdraw this particular product from the UK for public relations purposes because somebody whitleblew. But as long as apple wants to sell products in the UK it seems the snoopers charter allows the snoopers to request backdoor access to their products globally.
The Chinese have done the same. People here call them totalitarian for doing so.