Hacker News new | ask | show | jobs
by inglor_cz 425 days ago
Which governments are the good ones?

Is Indian government a good one, or Hungary's, or Turkish, German, or British, or the US? In the last case (well, in all cases), does "goodness" of a government depend on the current incumbent? What if a previously "good" government turns into an atrocious one?

See also: the detailed Dutch census, which was mostly harmless, until it fell into hands of the Nazis in 1940 and helped them to identify and exterminate almost all Jews in the country.
1 comments
wulfstan 425 days ago
Every system of authority carries with it the risk of abuse; but we still accept legitimate authorities carrying out breaches of personal privacy for the sake of law enforcement - the warrant system being the obvious one. That's part of the compromise we make in society.

Good governments ensure that a breach of personal privacy has to travel through a legitimate process with an independent judiciary to limit the risk.

link
inglor_cz 425 days ago
Do you think that this can be done without introducing massive security weaknesses into systems that cannot have them?

Also, there is a question if you believe the authorities that without decrypting data, they can't investigate crimes.

Imagine an analogical assertion that without torturing suspects, law enforcement is stymied. Someone might assert that, but we still say no, for all sorts of fundamental reasons. Same with American Miranda rights and others.

Myself, I don't believe in that assertion at all. Most crimes leave a massive real world trace that cannot be encrypted. The ones that don't, maybe should not be crimes in the first place.

link
wulfstan 425 days ago
> Do you think that this can be done without introducing massive security weaknesses into systems that cannot have them?

Yes, I do - or rather, that is the point of the discussion. We currently allow central authorities to indicate our permission to do or be something in the root certificate system. Why can't something similar be designed to allow controlled decryption?

> Also, there is a question if you believe the authorities that without decrypting data, they can't investigate crimes.

Clearly there are circumstances in which being able to decrypt the data of a criminal would assist in prosecuting crime. See EncroChat for an example of how this has worked.

> Imagine an analogical assertion that without torturing suspects, law enforcement is stymied. Someone might assert that, but we still say no, for all sorts of fundamental reasons. Same with American Miranda rights and others.

Yes. Clearly there are reasonable limits that need to be applied before we can allow controlled decryption of data. I am not arguing for issuance of a master key. See my original post.

> Myself, I don't believe in that assertion at all. Most crimes leave a massive real world trace that cannot be encrypted. The ones that don't, maybe should not be crimes in the first place.

Some do, and some don't. Things like e.g. cryptocurrency heists have profound effects, and are propping up North Korea. Those are definitely crimes...

link