[umvi]

Well, periodically reissue keys then regardless of if you think they've been compromised. Or don't store the private key in a database, store on physical media in a vault that is airgapped and hard to access. Make the read-only-ability of the storage chip more difficult and onerous with each generation like paper currency security.

My point it that you could make it so difficult to break E2E for even the most elite hackers that the only realistic way to do it is with a warrant.

[the_watcher]

Not if you're sponsored by a hostile actor with functionally limitless resources. E2E isn't just about stopping legitimate law enforcement from conducting investigations.

[umvi]

> Not if you're sponsored by a hostile actor with functionally limitless resources

Like who? Russia? China?

Here's how they can compromise my device:

1. Locate me within the USA (easy)

2. Send a spy onto US soil to find me and steal my phone (hard)

3. Send another spy to work for Apple (easy)

4. Spy needs to break into Apple's vault and retrieve airgapped media containing my device's private key without a warrant (super hard)

5. Send both back to the motherland and use scanning electron microscope to complete the process (easy)

You really think that is viable? Seems extremely far fetched to me. Can you provide a more realistic scenario?

[kelnos]

The more realistic scenario is already possible today, and doesn't need to involve so much technical mumbo-jumbo: at step #2, instead of stealing your phone, they kidnap you, and torture you until you give up your password. Done, and no need for steps 3-5.

(And I suspect, for a sufficiently-motivated state-level actor, that actually falls under "easy", or at most "medium".)

[umvi]

Right, so why are we so worried about this? If the government is malevolent they will just kidnap and torture you like the PRC.