[nixpulvis]

Can you explain how this actually solves the main problems? I can see this form of encryption catching unsophisticated "bad hombres". Unsophisticated here meaning, either ignorant of weaknesses in the technology they use, or aware, but unable to improve upon it. The most motivated adversaries will make use of other schemes.

Worse, for secrets we actually care about (nuclear codes?) we must still research proper encryption schemes since backdoors are admissions of weakness in a security protocol fundamentally as far as I've come to understand.

> We are confident that there are technical solutions that will allow lawful access to encrypted data and communications by law enforcement without materially weakening the security provided by encryption. Such encryption regimes already exist. For example, providers design their products to allow access for software updates using centrally managed security keys. We know of no instance where encryption has been defeated by compromise of those provider-maintained keys. Providers have been able to protect them.

This quote from the article seems to contradict itself. First it claims "... without materially weakening the security provided by encryption" then goes on to state "We know of no instance where encryption has been defeated by compromise of those provider-maintained keys" implying that there is a possibility of this kind of breach.

This whole thing seems like an oligarch's attempt to spy on it's people pretty plainly to me. Where is the liberty and freedom in this?

[JudgeWapner]

> Can you explain how this actually solves the main problems?

a lot of weight rests on those two words: "main problems". The main problems for the government are that criminal investigations are being impeded. By banning certain forms of encryption, they can criminally charge a suspect for merely refusing to decrypt data. And you can bet that the penalties will be stackable, allowing the government to use its discretion and perhaps charging someone with separate counts for each file he refuses (or is unable ...) to decrypt. I'm NAL, but I've also heard of the "forgone conclusion" doctrine, which somehow allows the constitution to fly out the window and allows the gov to imprison someone indefinitely until they decrypt the files. So, sadly, this ban does solve the main problems at considerable expense to citizens' liberties.

Conjecturing further:

- citizens would be allowed to encrypt, but they'd be required to keep a set of the keys used or else they could risk prosecution.

- There could be a government cloud server where you "securely" upload whatever keys you use (or, realistically, probably outsourced to companies like equifax which would then charge you a fee to do so),

- existing cloud providers would be required to detect when clients were using encryption-looking libraries/subroutines and store a copy of the keys into some registry.

- this could ultimately lead to "whitelist-only" software libraries, so that you cannot run anything on the cloud without building it with their dev environment so they can be sure you're not secretly encrypting things.

- going even further, this could lead to deep packet inspection that simply detects encrypted transactions and queries them against the gov key registry to "make sure" they are properly decryptable. Any failures to decrypt could trigger an investigation.

[nixpulvis]

Ah yes, but then doesn't the problem boil down to proving that a random value is in fact an encrypted secret?

You arrest me, scan my file system and find something named "plan.txt" which is just a bunch of gibberish... what do you do?

EDIT: I'll argue that the "main problem" is that as long as real encryption schemes exist, this is impractical to enforce.

[JudgeWapner]

In theory, yes that's a big part of the problem. In practice, however, once the gov charges you, you're effectively guilty-until-proven-innocent because your court-appointed public defender is likely not going to be trained or equipped to provide a logical defense, much less hire an expert witness in computer forensics. Plus the gov will approach you with a plea "deal" : you can plead guilty to one charge of illegal encrypted data, pay $20k and 2 years' probation, or else risk going to the slammer for decades on the stacked charges with a maximum sentence of 3 years per file, times the 10 files they were "unable to decrypt" on your system.

> arrest me, scan my file system and find something named "plan.txt" which is just a bunch of gibberish... what do you do?

well, start by scanning every executable binary on your system. If they find a custom-rolled program that doesn't impregnate the encrypted files with known headers (for contrast, openssl ads the prefix "Salted_" to any file it encrypts) they can allege that you're using a clandestine encryption scheme and that "plan.txt" is one of the files. So again, the burden of proof would be on you to explain what that file was for, which can come at tremendous legal cost.

[nixpulvis]

Exactly, thanks for spelling it all out. Back to your original point then. Banning specific types of property is one thing, but this isn't that. It's banning all forms of property, and as you say, whitelisting acceptable ones. This seems extremely dubious, and unconstitutional (just guessing).

As someone who likes to be free to use the computers I own, this scares the shit out of me.