[DanielBMarkham]

If it happens, it'll become precedent, then all countries will want to do it.

The next logical step is to outlaw phones and devices that are incapable of breaking into. Then they'll make it so you need a license to employ cryptography.

It sounds crazy, but where we are right now would have sounded just as crazy 15 years ago.

[masklinn]

> The next logical step is to outlaw phones and devices that are incapable of breaking into. Then they'll make it so you need a license to employ cryptography.

Welcome to the 90s: https://en.wikipedia.org/wiki/Export_of_cryptography_from_th... [0]

> It sounds crazy, but where we are right now would have sounded just as crazy 15 years ago.

Hardly. 15 years ago, the US were just barely past their encryption export ban, and we had yet to deal with the (still ongoing) fallout from it.

[0] although back then the US only tried to backdoor or ban strong encryption for the international market, not for the domestic one, for simplicity reasons the domestic versions of exported products often used "export-grade" (shit) encryption

[DanielBMarkham]

I read the "we're back to the 90s again" articles. I think I would be careful not to overstate the case. I coded in the 90s. I did light crypto in the 90s. This isn't the 90s.

The world was so different then that the analogy wears thin. It was mostly client-server, the web was just taking off, and vast cloud server farms weren't even on the horizon. As you noted, the laws back then weren't for creating crypto -- it was for exporting it. At least in the states, we saw a healthy market for all sorts of new crypto tech: DES, AES, and RSA started in the 90s. (RSA became public in the 90s).

Note that I'm talking from the viewpoint of the average developer making applications. The business side, the international side, and the exporting mess? Yes, it's very similar. My comment was about changes Joe Dev is seeing now. The 90s was "write it, but only sell it locally", the 2020s are likely to be "don't write it unless you have permission", which is a completely different can of worms.

Agreed that the development community as a whole is still recovering from the 90s. The damage we're doing right now will take as long or longer to recover from, if we ever do.

[ohyeshedid]

The only thing I think that directly ties back to the Zimmermann case would be the public nature of this fight.

..but since we're referencing the 90's: If the feds succeed in gaining the IOS source and signing keys I would say it's more like Phiple Troenix 2.0.

[masklinn]

> Note that I'm talking from the viewpoint of the average developer making applications. The business side, the international side, and the exporting mess? Yes, it's very similar. My comment was about changes Joe Dev is seeing now. The 90s was "write it, but only sell it locally", the 2020s are likely to be "don't write it unless you have permission", which is a completely different can of worms.

I'm not from the US, so there may be a difference if you're a solely a domestic US developer, but from outside the US the distinction is pretty much entirely academic.

[mobiuscog]

>Then they'll make it so you need a license to employ cryptography.

You already need one to export certain goods / to certain countries.

[FroshKiller]

Big difference between "need" and "are required to have"!