> Secret police worked when criminals were put away with parallel reconstruction, for instance.
It wasn't the secret police which worked. It was the parallel construction.
> “You can’t stop math.” Not true, strictly anyway.
You can't stop math.
> Backdoors are an antiquated way of implementing exceptional access. The proper way is to provide third party access that is truly exceptional (living up to the name), and not based on flaws that a malicious actor or rogue nation can break.
This statement is a fantasy. There is no way to provide third party access that is "truly exceptional" that a malicious actor or rogue nation can't break.
> Instead of E2EE, how about building E2E2EE. Doesn’t need to be measurably weaker.
Anything weaker than E2EE is measurably weaker than E2EE. E2E2EE is measurably weaker than E2E2EE.
You can stop math. Legally stop fb from using E2EE. You’ve stopped math. You haven’t stopped some people from using it. But you’ve prevented common people from having default usage of that math.
Disagree. Don’t use key escrow. Find a better way. Two parties or three parties; three doesn’t have to be significantly more susceptible than two
Apologies on the wording. Significantly weaker, not measurably. My mistake.
> You can stop math. Legally stop fb from using E2EE. You’ve stopped math. You haven’t stopped some people from using it. But you’ve prevented common people from having default usage of that math.
No, you haven't "stopped math". You've enacted a law and stopped Facebook from using end-to-end encryption.
Math is universal. Math is something that should never be outlawed. Math is a fundamental right, an irrevocable truth based solely in fact. You can sooner stop alcoholism by outlawing alcohol than you can stop encryption by outlawing math. The idea of outlawing math would put us hundreds of years behind today; to enact a truth based on the church's "do this because I tell you it's true" instead of "understand this for yourself, I cannot tell you what is true". Outlawing math is dangerous and I cannot believe you are trying to make such an argument in good faith.
> Find a better way.
I do not believe there is a better way. You don't understand the math behind it. Instead of even trying to understand the math which is already widely understood by many, you instead want to make that math illegal and create your own. You don't even want to spend the mental effort to do that much: you demand others to do it for you.
> Two parties or three parties; three doesn’t have to be significantly more susceptible than two
This is factually false. The third party is a moving party which changes every moment. You can not meet that and still be "secure". It is antithetical to the very notion of encryption.
Semantics aside, if FB isn’t allowed to use the math behind E2EE, they’ve effectively been stopped from using math. Just trying to avoid getting into the weeds.
Similarly to you questioning my faith in the matter, you’re ignoring my argument, ostensibly not in good faith, either. I’m suggesting to build a better mousetrap. It may not be perfect but might help maintain and improve civility in society.
Alcoholism and alcohol aren’t really a great analogy.
I understand math better than you may realize. You said that you don’t believe there’s a better way. You’ve effectively conceded that the existing key escrow solutions with the known risks are the best that can be done. I’m suggesting to do better. Find a better compromise.
Three party access in current incarnations may have flaws but the statement isn’t factually false. It’s simply undiscovered.
The part about tech geniuses being able to solve a problem that can't be solved without violating principles of mathematics.
You probably don't think you said that though, because you missed the point yourself. It's a common mistake. You're in good company, plenty of smart politicians and national leaders have the same misconception. It's often stated in terms like "if we could put a man on the moon, all the smart people in Silicon Valley should be able to put their heads together and figure this out." But it doesn't work that way.
Aside from being wrong, which in itself doesn't deserve a downvote, it's also poorly thought out and a seductive yet destructive line of thinking, which arguably does deserve one.
I’m suggesting to rethink the problem fundamentally. Minimize abuses of an exceptional access system. The problem with purely technical folks is often an inability to socially transcend from their techno libertarian ideals
And my statement wasn’t entirely wrong. You can legally prevent large entities from using strong E2EE thus “stopping” the math to some degree - or minimize/isolate the usage of those munitions.
It might be more accurate to say “you can’t stop everyone from trying to use the known math”. And this is likely an acceptable compromise to LE. Reduce the entropy.
Still not clear what I’ve said that’s false.
And, as per another comment, you can claim that the problem isn’t solvable when a compromise aims to minimize the abuses not necessarily eliminate them (although that would also be acceptable).
As it’s possible this will be legally required it makes sense to work towards a compromise instead of arguing on principles that may be strictly true (3>2, how to trust the 3rd wheel, for instance)
Any (yes any) exceptional access aka backdoor scheme will be a magnet for bad actors. So here's a rethinking for you: rethink the notion that privacy needs to be subject to compromise.
It wasn't the secret police which worked. It was the parallel construction.
> “You can’t stop math.” Not true, strictly anyway.
You can't stop math.
> Backdoors are an antiquated way of implementing exceptional access. The proper way is to provide third party access that is truly exceptional (living up to the name), and not based on flaws that a malicious actor or rogue nation can break.
This statement is a fantasy. There is no way to provide third party access that is "truly exceptional" that a malicious actor or rogue nation can't break.
> Instead of E2EE, how about building E2E2EE. Doesn’t need to be measurably weaker.
Anything weaker than E2EE is measurably weaker than E2EE. E2E2EE is measurably weaker than E2E2EE.