A country that's going to mandate backdoors/access to such communications, are going to outlaw communication methods they can't backdoor.
Say Apple makes a federated end-to-end encrypted messenger app, the government will still go to Apple and say "let us read all the messages, otherwise you can't sell your devices". THAT is the problem, and it can't be solved by more technology and shouting "BLOCKCHAIN!"
If a largish group of users could create end-to-end encryption not with a single company but with "readily available materials", then stopping it could be harder.
So it's a combination of state dictate and the practical ability of users to defy that. This isn't saying I'm optimistic, I'm rather pessimistic on any ability of a wide home-grown encrypted-messaging milieu to appear - if few are aiming for this, those few can easily be picked-off. But I don't think we should just give up on any part of this.
Possession of encryption software could be treated the same as possession of drugs. On the next stop and search you would only had to handover your phone. If police password will not work it will be confiscated. If encryption software is found you go in the dock. It is the future. Society accepted ridiculous laws to jail people for having a plant, they'll accept jailing for programs. Only terrorists, thieves and adulterers encrypt their messages ;-)
The War on Drugs is considered a failure and in parts of the world like NSW, Australia made prostituion legal in 1979 in both cases because criminalising things most people use generally doesn't work and all you do is randomly jail people for doing the exact same thing as a large proportion of the population.
I fail to see the point, without encryption, there's no modern web, no e-commerce, no smartphones, absolutely everything relies on it like water. Unless you want to go back to pre-2000's technology of course.
The difference being that there's way too much necessary legitimate use of cryptography to stop now, and as the traffic is encrypted, you can't tell what traffic isn't legitimate. Plus steganography and plenty of places accessible on the net that aren't the United States.
This isn't meatspace, the dynamics are quite different.
Possession of encryption software could be treated the same as possession of drugs.
Well, then clearly it would quickly become ubiquitous. I mean, if a war on encryption that was just like the war on drugs were to be launched, why my local stream bed might "place burned passwords here" on the tin-can that currently reads "used needles here." (put there by the other homeless people).
There's a difference between running a Tor exit node and encrypting a personal conversation.
At least in the US, if a US citizen is part of a potentially incriminating conversation, the government's going to have a hard time forcing a court to force the citizen to decrypt the conversation.
Lawyers, correct me if I'm wrong, but it seems like a conversation wouldn't be subject to the vagaries of "combination to a safe"-production loopholes.
Its not laws since the US government and probably others have already shown with the NSA and the like that they have no respect whatsoever for the existing laws and nobody actually seemed to care one bit about that.
The issue is the government wanting to strip the encryption going forward. In other words, even the most decentralized & encrypted app can still have NSA_RemoteConn.Log(dat) written into it's source code
Stripping encryption is one thing, sure. But for the backdoor, you'd have to have the clients phone nsaserv.spy/writeremoteconnlog then or sure, write some record on the client's device. You can't "tap" encrypted communications unless you can figure out how to factor integers then you'd get a Field's medal.
Or, ofc, get people to adopt insecure protocols. That we know (or have good suspicion) they've tried.
This actually feels more like what I would expect police work to be like given the situation.
They most certainly do not have cause to demand access to swaths of comms no matter whose comms they're after and most assuredly when that access actually entails enabling access to all of the comms.
I posit there is no authority that should be able to demand this as a matter of the right to human existence. Law, order, society and government should not have ultimate authority on private communications no matter what the tech is capable of. We, as humans in a modern world, can speak and if desired do so in private. This is our right as individuals and if encryption helps us accomplish and enforce that right then so be it.
If they have probable cause then they need to beat feet or beat heads but either way they need to get to work. And by work I do not mean trying to impose a different reality than the one that we currently have - where math is fact, compute is cheap and source is open.
What's it going to be? 100 go free or six lines from everyone?
set up the device to wipe itself after $x number of incorrect attempts. keep giving the wrong password after every whack from the wrench. then you have plausible deniability. "how can i possibly think straight when you keep hitting me with that wrench?" just need to make $x a value small enough that you can survive the wrench.
No good, it is already standard for forensic teams to clone and checksum a hardrive before attempting to look through files. The clone is sent to evidence and any password attempts will be made on a copy. The "original" copy will be kept safe and any number of passwords can be used against nth iteration of copying the clone.
Isn't this the purpose of the secure enclave on iPhones? Taking the drive away from the secure enclave makes the drive useless and the enclave only allows a few password attempts.
This is exactly this. It also allows a weak password (4 digits PIN) to de ok. The enclave which holds the actual encryption keyd will refuse to hand them over if the right trigger is hit (too many attempts, too high a rate,...)
A country that's going to mandate backdoors/access to such communications, are going to outlaw communication methods they can't backdoor.
Say Apple makes a federated end-to-end encrypted messenger app, the government will still go to Apple and say "let us read all the messages, otherwise you can't sell your devices". THAT is the problem, and it can't be solved by more technology and shouting "BLOCKCHAIN!"