[tptacek]

That's true, but the state does have the power to outlaw commercial devices that provide default-unbreakable encryption. People who really want encryption will get it anyways, but it's the default state that animates the "going dark" concern.

What's important to public policy is what Apple and Google, and whatever their analogues in 2030 might be choose to do, and how they're regulated.

[Zigurd]

Secure endpoint software has to be non-commercial in that it has to be open source or otherwise trust-able by the public. Because it can't be proprietary, it would be hard to sell under any circumstances. The major portals could create this software, or they could just provide documented interfaces.

To provide default-unbreakable encryption requires a combination of commercial services that enhance the UX of using strong encryption, like web-of-trust features in communications software that make it impractical to MITM communications and key exchange, and non-commercial software that secures communications payload.

So any effective ban would ban not only an Apple proprietary system that was secure, but also those non-commercial components that are a necessary part of a truly secure communications system. That's where the overreach happens.

[tptacek]

I guess I'm not okay with the ban on crypto that Apple and Google sell either, and I think that's the ban that matters more to laypeople.