[xnull]

> Apple ... can't decrypt data encrypted with the passcode ... today or ever before.

The passcode of 12 bits...

Apple can and will provide ciphertexts, will hand over copies of the large amounts of data customers are encouraged and sometimes forced to upload.

> This whole thread has been about whether they have the keys to decrypt encrypted data on the device. They don't.

From the top of the post: "CALEA, the Stored Communications Act and Section 215 of the Patriot Act all compel corporations (via the Department of Commerce) to build DATA AND key escrow services into their products."

What you're saying is that they don't provide key escrow specifically (while wholly ignoring data escrow). What I'm saying is that by design the crypto doesn't matter in practice and the system had been (still is) architected to allow for data intercept.

When you argue the 'no key escrow!' case you are implicitly condoning 'they won't hand over your data!'.

Not true. It was the case and _still is_ the case that Apple and its manufacturers will give access to your private communications, metadata and data.

We've focused on Apple but Google is not different.

[lern_too_spel]

Look up what "condoning" means. It does not mean what you think it means.

> The passcode of 12 bits...

Even the weakest passcode option is more than 13 bits, but neither Apple nor Google restricts you to such short passcodes.

> [CALEA nonsense]

How many times do people have to tell you that CALEA doesn't apply in this case? Don't you find it suspicious that Apple and Google are essentially claiming to be flouting your imaginary version of CALEA, and nobody has called them on it except you?

> Google is no different.

Exactly. They don't provide the government with decryption keys either.

It's been fun, but you'll have to argue about imaginary laws, black helicopters, chemtrails, and ice bullets with your fellow conspiracy theorists. If you won't trust primary sources and common sense, there's nothing more I can do.

[xnull2guest]

> Look up what "condoning" means. It does not mean what you think it means.

Whoops typo. Care to respond to the spirit of the argument, rather than its letter?

> Even the weakest passcode option is more than 13 bits, but neither Apple nor Google restricts you to such short passcodes.

Care to break down the entropy of user supplied passcodes? Does it surpass 80 bits? No. 12, 13, 14, 24, 50? At that complexity it's all the same to law enforcement.

> > [CALEA nonsense]

Nah, I was quoting the top of the thread and capitalizing "DATA AND key escrow" in response to "This whole thread has been about whether they have the keys to decrypt encrypted data on the device. They don't." It hasn't been wholly about whether they have the keys, but whether they can get the data. Keys are one way to do this. Brute forceable keys are another. Data backups are another. Broken crypto is another. Etc.

The thread has not been about whether they have the keys - but whether they work with law enforcement to create systems can be subverted, either by creating ineffective crypto, crypto with low entropy or controlled keys, key escrow or direct data escrow.

The other point was to remind you that the topic is about more than CALEA, but in fact other laws (and interpretations thereof). You're the one who has tried to make the focus about CALEA in isolation.

> > Google is no different.

> Exactly. They don't provide the government with decryption keys either.

Right, but they do provide _data escrow_ and mechanisms to defeat in place on-device crypto (such as access to data backups stored in the cloud).

> It's been fun, but you'll have to argue about imaginary laws, black helicopters, chemtrails, and ice bullets with your fellow conspiracy theorists. If you won't trust primary sources and common sense, there's nothing more I can do.

Straw men. All of it.

I directly quoted (this is just one example) from primary sources the policies in place today that provide data escrow. I also discussed the backdoorable design of the Secure Enclave using primary documents.

Common sense is something every man thinks he has a monopoly on. It is for neither of us to decide if the other has it (for I would be prone to say the same).

I'm sorry to hear that you are done contributing - there's so much left in the thread that was never challenged. I found the conversation very valuable as it has provided (at least me) a good opportunity to dig up additional sources and has provided a stage for dissemination of information to broader eyes.

I'm very glad that the discussion is in public record, and that other HN readers can access this information, do their own research, and decide for themselves.

See you around the next Snowden thread! ;)