[sgc]

Can somebody explain to me how backdooring every app does not lead to the real risk of an entire population's bank accounts being emptied, or similar more hidden but widespread attacks that absolutely cripple any country doing this? Almost immediately, enemy State actors will have almost as complete access as the government passing the law; blackmail will become trivial; they could just subtly weaken adversaries nonstop over the years for a more patient return, etc? It just seems ridiculously dangerous. How is having a single point of failure (or handful of points of failure) for an entire country or continent defensible simply from the perspective of opsec?

[zer00eyz]

> Can somebody explain to me how backdooring every app does not lead to the real risk of an entire population's bank accounts being emptied, or similar more hidden but widespread attacks that absolutely cripple any country doing this?

We already had this debate once before: https://en.wikipedia.org/wiki/Clipper_chip

The answer is that it is a bad idea.

This also recently came up when huntress exposed what it could do with its tool: https://news.ycombinator.com/item?id=45183589 and then failed to understand why this might be a bad thing.

Or you know crowdstrike getting rolled in a supply chain attack: https://www.ox.security/blog/npm-2-0-hack-40-npm-packages-hi...

The government wants a back door to spy on its citizens, not realizing that any back door you build is rife to be exploited by anyone.

[boltzmann-brain]

Maybe it's a good idea for the ones pushing this because that is the intended state.

Don't forget, Russia has trillions of dollars for bribes.

[Gud]

Russias GDP is on par with South Korea’s.

Hate to be that guy, but source?

[u8080]

But i.e. 3x Belgium GDP. Anyway, how's GDP is even relevant here?

[Gud]

I am saying it is ridiculous to say that Russia can pay trillions of dollars in bribes.

[kakacik]

Trillions is a ridiculous claim. Billions $ easily, budgets of GRU and FSB during last 11 years of war against the west have ballooned.

The situation is, people don't need billion dollar bribes. In my backwardish central european country they caught one government official who was physically handing over state secret material to a russian spy, straight from their embassy, for 500 euros a pop. There is a a video record with good audio from that, the conversation is really absurd yet real. You just need to find one gambling or alcohol addict, or some other failures and press few buttons.

Also, for russia undermining literally whole western world is mission with priority #1 for last 20 years. Eastern european countries who intimately know how bad russian terror actually is were warning about this repeatedly whole western world, to be very effectively ignored and laughed at by western leaders till SHTF.

Sure, those were not plans for F-35 or new aircraft carrier but people take surprisingly little to get corrupted, some even do it for free for ideological purposes.

[boltzmann-brain]

They willingly settled for $1B with the FCC over Uzbekistan. Over Uzbekistan. It has to be insignificant money for them, otherwise... they would have simply not paid.

https://www.rferl.org/a/russia-s-mts-to-pay-850-million-to-s...

[hearsathought]

> Russias GDP is on par with South Korea’s.

Doesn't that show you what a silly measure GDP (nominal ) is? Do you think south korea could carry out a multi-year war against US/NATO under international sanctions? South korea would collapse immediately under international sanctions. South korea wouldn't be able to feed its own population let alone fund a war under international sanctions. Also using GDP( PPP ), russia's economy is 2X+ larger than south korea.

> Hate to be that guy, but source?

There obviously isn't any. Nobody has trillions for bribes. Trillions is war money, not bribe money.

[wmf]

Why haven't those things already happened? Many messaging apps including SMS and Telegram are centralized without E2E.

[dugite-code]

This was literally headline news last year for SMS https://www.npr.org/2024/12/17/nx-s1-5223490/text-messaging-...