[askvictor]

> Forcing firms not to implement end-to-end encryption is forcing firms to implement flaws in their encryption software.

Which is why they're not pursuing it presumably.

[amboar]

> Given the difficulty of cracking end-to-end encrypted messages during transmission, one option would be to improve warrant-based access to communications at the sender or receiver ends, Senator Brandis said.

> "At one point or more of that process, access to the encrypted communication is essential for intelligence and law enforcement," he said.

> "If there are encryption keys then those encryption keys have to be put at the disposal of the authorities."

The last part of the quote muddies the water a bit. Maybe they are interested in cooperation from companies with control of endpoint software (Apple, Google, Microsoft) to extract the keys?

[wzdd]

Just because it's in your operating system rather than your apps doesn't mean it's any less of a backdoor.

[amboar]

Right, is a different back door, but at least it's not broken crypto. Not that I'm for compromised endpoints either.

[natch]

Building your crypto system with an ability to spit out the keys on demand to any podunk FBI Director or podunk US President, not to mention any podunk sheriff, means you have built broken crypto.

[type0]

> "If there are encryption keys then those encryption keys have to be put at the disposal of the authorities."

And if each user has their own set of keys? Will every user get a visit from security agencies asking to turn those over to the government?

[natch]

If there is a way to extract the keys then the keys will be extracted by rogue actors.