Mandating Encryption Backdoors

 

This very second, you are reading this news article on a device with an encrypted password/passcode that you would have to enter every time you want to use your device.

But how do you feel if someone or some group out there has the power to go through your Facebook, Twitter, Instagram, Snapchat, etc. and just about all your devices despite what you acknowledged at first that all of them are safely secured and that “no one will know, what I do”?

That’s what this is all about, as there are more and more entities involved in government work, which are now supporting full encryption, there are some governments who don’t want that, and insist on a backdoor legislation (which means a sneaky way into your accounts and devices despite the encryption)

It’s true, without backdoors this does pose limits on the law enforcement and surveillance agencies, but know that they are not quiet willing to give up our security just to make their work easier for certain areas of the government.

 

 

 

How important is Encryption?

Encryption is essential for everyone’s security, and the more we undermine this, the more damage is done than help.

The European Union for Network and Information Security (ENISA) just released a few days ago a report detailing the importance of encryption.

You should take a look.

 

 

There is a legitimate need to protect communications among individuals and between individuals and public and private organisations. Cryptography provides the electronic equivalent of letter cover, seal or rubber stamp and signature. In the light of terror attacks and organised crime, law enforcement and intelligence services have requested to create means to circumvent these protection measures. While their aims are legitimate, limiting the use of cryptographic tools will create vulnerabilities that can in turn be used by terrorists and criminals, and lower trust in electronic services, which will eventually damage industry and civil society in the EU.

 

 

 

 

So what’s the problem?

You see one door leads to another and the more they mandate backdoors, the more doors are the customers sent through in search elsewhere for secure computer equipment and services, and the aftermath of all this is, is just going hurt the countries in the long run where these are implemented.

Not only that, the backdoors themselves have their own backdoors (I know, it can be mindfucking).

The bad news to the bad news is that, that means they can exploit that too, and this leads to hundreds of millions of device users being affected negatively while very few criminals, on the other hand, will suffer adverse effects.

If you’re thinking why on earth are the criminals not affected by this, here’s why.

You see the way backdoors work, is that it has two sides and when it is exploited by either ‘side’, the criminals on one side will be able to protect themselves from the unwanted intrusion.

Since if you’re going to break a few laws, why not break one that forbids you from owning or operating devices with non-backdoor encryption right?

 

Technology is changing at a very fast pace. It is questionable if solutions such as backdoors will be effective given that criminals can develop their own encryption technologies.

 

 

 

 

The Domino Effect

Now the bad news, to the bad news, to the bad news is that (I promise I’ll stop here), as ENISA points out, it’s not just the exploitation by criminals that’s the problem, it’s also the exploitation by the government agencies such as the FBI, which may use these backdoors to collect and intercept more than what they are legally authorized to do of.

They are such nosey bastards.

 

Judicial oversight may not be a perfect solution as different interpretations of the legislation may occur.

 

 

 

 

How the Government agencies can exploit you

The abuse of authority and power that agencies like the FBI does, is something that is concerning and has been the problem that started the prominence of support for full encryption.

If you haven’t read how the FBI can now hack you legally anywhere, everywhere around the world, then what you need to know is that whenever a search warrant is issued by the courts, the government agencies go over the line and abuse it.

Instead of searching where they are ordered and legally to, they instead go against what they are authorized and search 8,700 computers in 120 countries worldwide instead.

 

 

 

The Way it is Different between the U.S. and the European Union

In the U.S., it has caused the FBI to gain a lot of backlash for not respecting their judicial order, and multiple federal districts have resulted in contradictory opinions on identical legal arguments.

For the European Union, this issue gets much worse, as it is a union consisting of multiple nations with multiple courts all with their own individual laws.

There are currently attempts in the EU to unify the laws and practices on technical/legal issues, but yet again, we are talking about here the biggest alliance in the world and it goes without saying that, mandating these backdoors will certainly cause a chaos, and deciding what and what is not abusive will indefinitely cause some rift among the nations.

The same thing goes for a unified European stance on encryption backdoors, which both of us know; it is not like all the nations will front up agree to this change either.

ENISA concluded their statement that technological advancements do pose a legitimate challenge towards law enforcement/national security efforts, and that backdoors are certainly no way to solve the problem.

If you have a solution to what the EU is currently facing, comment down below. I’ll make sure to give you full credit for it.

 

 

 

What is the solution?

The way the US courts handle these kind of situations is just by passing down the problem they face over to the Congress, when there is no solution within their power to be found.

Whilst again, that is not how things work with the EU, whereby the ENISA suggests that legislative measures are instead the wrong approach.

 

Other procedural approaches should be explored that focus on the power of the judicial process to find solutions.

 

Truth be told, the ENISA is not uncovering what the solution really is, and in fact it could just be that they really don’t know what to do on how the EU courts might be able to address government agencies’ complaints about encryption.

But I feel that, as it suggests, that the solution that the EU might come up with is kind of something like an All Writs Ordering.

This may be the way around the problem being locked out of devices and computers, and they can follow what the blanket court orders that compel assistance from service providers and manufacturers under the threat of whatever the court can come up with.

Yet again, this solution has its own flaws, despite the fact that it can lessen the damage to security than the mandated backdoors approach.

But know that a court-ordered backdoor is still a backdoor, and judicial oversight won’t be enough to fully prevent the government from abusing these “one time only’ purposefully-infused security holes.

There’s no denying that it’s a never-ending labyrinth, my friend.

 

 

 

Further Reading

 

ENISA Report 

 

References

 

Follow me on Snapchat, and I’ll keep you updated with what’s going on every now and then. 🙂

Mandating Encryption Backdoors