Comment on Apple pulls data protection tool after UK government security row
SleafordMod@feddit.uk 1 week agoI don’t want end-to-end encryption entirely outlawed. But for the biggest platforms from massive corporations, maybe those corporations could keep their encryption keys stored with high security somewhere, so they can decrypt particular messages if a court warrant is issued.
People who are uneasy about that could go to a more privacy-focused platform like Signal. Some criminals would do that too, but at least something would be done to catch criminals on the popular platforms.
davesmith@feddit.uk 1 week ago
I understand where you are coming from, but the encryption is not secure if somebody else holds your password.
SleafordMod@feddit.uk 1 week ago
Fair points. Also I guess practically big companies like Apple would never allow a situation where their encryption is compromised while encryption on smaller platforms like Signal isn’t. Apple etc would spend billions lobbying so such a situation never happens.
davesmith@feddit.uk 1 week ago
I saw it called “end to end encrypted icloud backup” in the news. I guess it is that, in that it is encrypted at rest on apple’s servers, then between those servers and the end-user’s device. But that is a bit different to what signal does. Signal doesn’t store anything at rest on any servers they own as far as the experts I rely on for information on this (and who signal allow to audit them) say.
It seems to be the case that as long as apple offer any products at all to the UK market, the UK government have the right to ask, in secret, for apple to provide encryption backdoors into their products for all of apple’s customers whatever the nationality. It seems likely that the UK will share this information with five eyes countries’, allowing those countries to circumvent their own legal processes.
It isn’t clear if that has happened or is going to happen but it seems likely that they will, if they can get away with it without it becoming public knowledge. Which has pissed off, for instance, US information security professionals who like iphones whose data now can’t be considered secure.
It might be the case that apple has had to withdraw this particular product from the UK for public relations purposes because somebody whitleblew. But as long as apple wants to sell products in the UK it seems the snoopers charter allows the snoopers to request backdoor access to their products globally.
The Chinese have done the same. People here call them totalitarian for doing so.
SleafordMod@feddit.uk 1 week ago
I would probably argue that China is a little different to the UK, given that China is a one-party state.
Yeah maybe the UK government shouldn’t be able to spy on Apple messages sent anywhere in the world. But maybe UK agencies like GCHQ should be able to get the messages of specific individuals who threaten the UK, with a court warrant, like how law enforcement has been able to bug the phones of criminals with a court warrant.
I dunno. Maybe I should educate myself more on encryption and how it all works.