←back to thread

286 points 2OEH8eoCRo0 | 8 comments | | HN request time: 0.001s | source | bottom
Show context
basilgohar ◴[] No.42132069[source]
> and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders

Is this legal speak for saying, "They're using our backdoors without our permission."?

replies(9): >>42132086 #>>42132150 #>>42132199 #>>42132267 #>>42132292 #>>42132511 #>>42132544 #>>42132558 #>>42133159 #
1. CarpaDorada ◴[] No.42132511[source]
No it is not, because these are not backdoors, the entities legally own the data users have provided them and the courts require them to share the data for investigative purposes. When the FBI pressed Apple to break its encryption, it would not had been a backdoor, but simply a different product that Apple would've offered. A backdoor would be a secret exploit that circumvents encryption, or other security methods.
replies(1): >>42132664 #
2. greycol ◴[] No.42132664[source]
You've probably conflated the saying "going through the backdoor" with the noun backdoor, which is an understandable mistake to make.

Conflating the two is even easier when the backdoor is morally questionable i.e. When someone purposefully installs a wooden backdoor on a bankvault and says it's so that we don't need to go through the whole rigmarole of opening the main vault-door. Yes it allows them to do their job of checking what's in safety deposit boxes easier but the door itself is an evil.

replies(2): >>42132725 #>>42132758 #
3. CarpaDorada ◴[] No.42132725[source]
"Using our backdoors" is what was said, not "going through the backdoor". Backdoors have a very specific meaning in computer security. US law enforcement is not using backdoors to access the data of US companies.
4. grayfaced ◴[] No.42132758[source]
A backdoor bypasses legitimate access mechanisms. Whether it is a backdoor or not depends fully on whether you believe lawful intercept is a legitimate access mechanism. And I think the law is on the side of it being not a backdoor.
replies(2): >>42133102 #>>42133469 #
5. greycol ◴[] No.42133102{3}[source]
We've had multiple bills proposed by multiple countries for government mandated backdoors. Multiple articles refer to how these bills would create backdoors, multiple computer security experts say the bills would create backdoors in the software. Under your definition of the word they'd all be using the word incorrectly because logically no bill could create a legal backdoor by definition.

It's seems there's a semantic schism on "the point in software where security is weak enough (either purposefully or unkowingly) for 3rd party access by a 3rd party" and "the point in software where security is purposefully weakened for 3rd party access by the legal requirement of a 3rd party" there's definitely a distinction but I generally conflate the two, perhaps incorrectly, under the word backdoor.

If you've got another more appropos word for this purposeful and legal weakining of security for non primary user/provider access I'd love to know it because sadly I feel I'd use it fairly often in the coming years.

replies(1): >>42133288 #
6. CarpaDorada ◴[] No.42133288{4}[source]
These articles use the word "backdoor" for effect, for example <https://www.schneier.com/blog/archives/2021/08/apple-adds-a-...>. The bills you refer to by multiple countries simply want their own in-house wiretapping apparatus, because they don't want to be dependent on the US. Specifically, I'm thinking of EU's "chat control". Ironically those who oppose it are unwittingly doing the bidding for a more powerful US. The internet is fully wiretapped and there is no end in sight.
replies(1): >>42133484 #
7. Lvl999Noob ◴[] No.42133469{3}[source]
A backdoor in the technical sense (which is the real topic of this whole conversation) is one that bypasses the known way of entry. For an "End to end encrypted" communication channel, a backdoor allows someone to view the communication without being on either of the "ends".

The problem is not whether the backdoor was legally mandated or not, and whether legal authorities are misusing them or not, the problem is that it exists. And the existence by itself is enough to let someone ignore any legal mandates and view the comms.

8. greycol ◴[] No.42133484{5}[source]
No they use the word backdoor because there is no better word for these pathwatys/purposefully created weak spots in access to the software. Seriously please give me one that emphasises the security detriment to the 1st party user and i'll happily use it instead.

I'll also add that ironically those who don't oppose these bills are unwittingly doing the bidding of strategic adversaries as demonstrated quite adequately by the PRC here.