[anf]

That sounds like a good endorsement. Those of use who are competent and honest have been pretty tired of the FUD and downright lies around the benefits of single-user encryption.

Specifically, if admin master keys are so dangerous, why does Google, Microsoft, and every other tech company have one into the employee's hard drives?

[rebuilder]

Because the problem corporations face is pretty much the reverse of the problem at issue here. In a corporation, the only entity being protected is the corporation itself. Master keys exist to provide access to all of a corp's devices, even if employees forget their passcodes etc. The entity controlling the master keys is the entity being protected, and while having those keys compromised would not be great, the loss of data from not having master keys is a much bigger threat.

OTOH, for citizens, a master key with access to their private data is a problem. The data owner is not the owner of the master key in this context and therefore the very existence of such a key is much more problematic even if the key is never leaked to unauthorized parties.

[Arubis]

Because they own those hard drives. Their employees do not.

[anf]

That's totally irrelevant to the point that two-user encryption is fundamentally insecure, made insistently by even those who should really know better: https://www.schneier.com/blog/archives/2015/09/tsa_master_ke...

[thedufer]

The claim made by that article isn't nearly as strong as what you're saying it claims. Two-user encryption obviously can be made secure.

But when one of the keys that can decrypt something is shared by every message using that protocol, it is fragile - a leak breaks everything using that protocol. This is what that article actually says, and seems to also be correct.

A related point is that two-user encryption is insecure when one of the parties has no stake in the contents staying private, which is the case when the government can decrypt your data.

[anf]

Two-user encryption obviously can be made secure.

I think we're done here.

Your splitting of the hair on "secure but fragile" depends on the assertion that the US government has no interest in maintaining the security of conversations of all US devices? That's inane and insane, respectively.

[yarrel]

It is fundamentally insecure, as that article establishes.

Do you have an argument to the contrary?

[anf]

If it is "fundamentally" insecure, why do Google and Apple and Microsoft and all the other tech companies use it on their employee laptops?