UK Effort to Keep Apple Encryption Fight Secret Is Blocked

There must be a healthy middle ground between mass untouchable criminal communication networks on the one hand, and full panopticon 24x7 for every civilian on the other. Or I don't know, maybe there isn't. But at least the debate should be public.

Either there are ways of intercepting information or there aren't. If there aren't then even criminals can keep their conversations secret. If there are then even criminals can intercept your conversations.

The math doesn’t math when it comes to encryption. It’s Pandora’s box. Once backdoors are created encryption may as well not even be enabled.

Through history and experience from other countries, there is a lot of data that let us correlate criminality with other variables that people would let the Government control (quality of children education, access to jobs, housing, healthcare, safety networks, punishments to deter crimes, etc).

The fact that the Government prefers to spy everyone with the excuse of stopping crime instead of improving any of those variables (specially housing) makes me think that the people in charge are either stupid in the best case or criminals in the worst.

Well - maybe. But take for example how Microsoft is doing bitlocker encryption on every Win11 system - by default, without prompting the user, your system drive gets encrypted automatically and the encryption key gets saved to your microsoft account.

Yes I hate that they do that without prompting, but in theory that solution offers that balance that OP talks about - if there are no backdoors in Bitlocker(let's assume that there aren't), then your encrypted data is perfectly secure. But if a judge issues a warrant for your data, then Microsoft can provide them with a key to unlock your device.

To me, that's an acceptable compromise - it means that someone stealing my laptop won't get my data, but if a warrant is produced then bitlocker drives can be unlocked for a criminal investigation.

Couldn't Apple create a solution where all your communication is end to end encrypted with a key that they just have a copy of? No backdoors necessary.

As others point out, the technology by its nature tends to exclude the middle. This has some very disruptive effects.

Similar to electronic cash schemes vs physical cash. There's a limit to how much crime you can do with physical cash before the bulk becomes a problem, but the same doesn't apply to electronic schemes.

In the olden days, when law enforcement wanted to intercept a letter, they would locate the sender, nab the letter before it got whisked away, and read it. (If the letter was sealed, they would copy the seal, so they could convincingly re-seal the letter after reading.) Law enforcement wasn't able to do this with whispered conversations, nor easily identify disguised people without following or arresting them. Things still got done.

I don't understand why computer-mediated communication means we have to choose between a panopticon, or the end of law enforcement. It seems to me that good old-fashioned detective work is still perfectly possible. Sure, there are cyber-enabled crimes, and new classes of cyber-dependent crimes, but each of those is a crime because of an interaction with the physical, human world. Those interactions haven't gone away, and are still amenable to investigation. (At a basic level: how do you know a crime has happened in the first place?)

> Couldn't Apple create a solution where all your communication is end to end encrypted with a key that they just have a copy of? No backdoors necessary.

But that is a backdoor!

Especially, it's a backdoor that's inside a foreign country and subject to their intelligence services! It might be valid for a hypothetical autochthonous UKphone, but having a system where the US can secretly crack all UK comms is .. not ideal.

Given the tendency of UK ministers to use Whatsapp for private government communications, should we allow the US to have a backdoor into all of that via Meta? (in practice, they tend to leak to newspapers themselves, but it's the principle)

With encryption backdoors only regular people lose their privacy. Criminals move to something else. But hey, maybe you will get your wishes in the EU soon (the rest of the world will follow):

"European Commission pushes for encryption ‘backdoors’" https://brusselssignal.eu/2025/04/european-commission-pushes...

Yes, detective work is possible. So are technological extensions to it. For example investigators being allowed (maybe requiring a warrant, or other appropriate controls) to crack the devices for people under investigation.

In fact, things like forcing Apple to backdoor its encryption will not be effective against any but stupid criminals (I admit many criminals are stupid, but the stupid ones are not the most dangerous ones). Once it is known that this can be done, smart criminals will just use other means of communication.

The aim of this is not to help investigate serious crime, it is mass surveillance to deal with things like what the British government has called "legal but harmful speech", or things like "non-crime hate incidents" or minor offences that would not justify putting money into investigations, or civil matters.

I have in mind the way the Regulation of Investigatory Powers act was used to catch people doing things such as not picking up their dog's poo or lying about where they lived to get their kids into a better school.

It really is.

> then Microsoft can provide them with a key to unlock your device.

This is a quote from parent. That renders the key and encryption itself pretty useless if it has been given to someone other than you.

There is ChatControl, too, in EU.

>>But that is a backdoor!

...is it? That's a weird definition if I've ever heard one - backdoor to me is a normally hidden functionality that can be triggered if you know the secret, so for example adding a secret universal key that unlocks every drive - that would be a backdoor. And that's a dangerous one, because if it leaks out then all criminals of the world can now decrypt your drives.

With the way MS does it, Bitlocker could be the most secure encryption on the planet, unbreakable by any quantum computer, and yet if they have a copy of the key then the law enforcement can obtain it if needed - that's not a backdoor, not any more than giving your parents copy of your house key is an exploit on your home security.

>>but having a system where the US can secretly crack all UK comms is .. not ideal.

No, of course not, I agree with you there.

>>Given the tendency of UK ministers to use Whatsapp for private government communications, should we allow the US to have a backdoor into all of that via Meta?

Well, they shouldn't be using WhatsApp in the first place, given that they don't control the underlying technology. A backdoor might already exist and they wouldn't even know about it.

The only healthy "middle-ground" with secure communication is fully secure, non-negotiable. The fact that some criminal enterprises can use it and aren't trivially exposed to random searches/fishing trips isn't worth abandoning that principle. Normal effective human policing, collecting physical and digital forensic evidence (once through the secure pipe), whistleblowers etc are all sufficient by themselves, but are expensive and require officers not to be lazy. And politicians hoping to trawl for 'thought crimes' and politically expedient criminalisation of free speech becomes much harder and more expensive if secrets are secure, again: just as it should be.

> untouchable

Surveillance of even just one participant in these communication networks will give the police access to everything they see. And technology massively helps police in this surveillance - hidden microphones (or a laser reading vibrations off a window), cameras, and telescopic lenses and drones can reveal the contents of a screen, the password being typed, every word said out loud. The device can even be fitted with a hardware backdoor, or sabotaged, and its replacement intercepted and backdoored, as the NSA did.

But it can't be done en-masse, against every citizen.

That mere encryption makes communication immune from surveillance, or that there is anything remotely approaching the "going dark" problem, is a naked lie by the surveillance state to scare us into giving away even the tiny scraps of privacy we have left. The truth is law enforcement has far greater abilities to surveil even people trying to hide (to say nothing of the data they get from people sharing their thoughts and social networks on Facebook, or carrying phones with them that let the phone company triangulate them at any moment) than at any point in history. In light of that, we should be talking about further limiting their authority, not increasing it.

Yes, the "Law Enforcement Working Party" is having a meeting today.

Either things are encrypted or they are not. Things can't be encrypted for some and unencrypted for others.

Well, I disagree that it's useless - my front door still keeps my home secure even though my sister has a copy of the key.

I want my devices to be secure from thieves who might steal them, and I want my communications to be secure from someone intercepting internet traffic at various locations I might visit - that is still achieved in that scenario, even if MS/Apple hold the copy of the key. That doesn't make the encryption useless - just ineffective if your attack vector is defending yourself against state-level actors.

The problem is that the cats out of the bag when it comes to encryption.

Let’s just say we can wave a magic wand and make every phone manufacturer include a way that allows only lawful decryption with court orders and the like.

What stops the criminals spinning up their own service that doesn’t? Sure you could make such services illegal, but when has something being illegal stopped criminals from doing it?

All backdoors do is weaken security for everyone else while those who really want secure communications/ storage for their ill gotten gains will still find a way.

Refusing to decrypt is already a crime in the UK (iirc up to 2 years, 5 if the underlying suspicion is terror related).

Fighting encryption in my opinion is like treating the symptoms not the root cause of the problem.

Yeah, your sister. Now go ahead and give it to a stranger.

Once your key is in the hand of a third party, you lost control of that data, and you have to trust them that they will not give it out to someone else (they will), and you have to trust them to keep it safe, and you have to trust them to [...].

My private key is mine, and mine only, or supposed to be.

I'd like my communications to be secure from the British Government, in case they decide they don't like the protest I decided to join.

We can see in the USA how quickly things can change. Laws must account for a possible Reform government, for example.

Giving your parents a house key _is_ an exploit on your home security.

There's now an additional two people with access, with the risk of the key being stolen from them, them losing it etc.

The problem is that in the past you could rely on laws protecting privacy. You send a letter to someone, and it was illegal to open it. You couldn't eavesdrop on a phone call without breaking the law.

You could thus have a judicial system allowing the invasion of that privacy.

Reasonable people don't have a problem with the court system issuing say 200 wiretaps a year when provided with appropriate levels of evidence on a specific person. People don't have a problem with searching reasonable suspects either.

Even when you ignored the law you couldn't do it at scale. The CIA might plant an illegal wiretap, but that will cost them significant resources, they can't do it to a thousand people for a year, let alone indefinitely to a billion people.

Thus it was limited. The police have always been able to assign 50 people in performing a tail on a suspect. That doesn't scale.

Today though you can scale up. If you spoke on a phone, 99.999% of the time nobody will have heard it, despite it being in the clear, you can track people by following their phone signals. Everyone is tracked all the time, and you just need the warrant to pull the tracking detail - including data from before the warrant.

The next step is using that data and feeding it into AI. Currently the bottleneck is analysis - you can track a billion people. but you can only look at 1,000 of them. Feed that into an AI engine and you can analyse everyone.

With wiretapping, today if you send something without end-to-end encryption, your message is read, possibly modified, by trillion dollar companies designed to extract value from your message, so you need end-to-end encryption.

The problem society has is that judges can't then authorise wiretapping, which society agreed was a reasonable action 30 years ago, and 300 years ago. Even in the US with the optional constitutional amendments, allows for

> Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized

End to end encryption removes this possibility, there's no middle ground, because you either have

* fully encrpyted and thus immune to warrants

* encryption with backdoor and thus leakable and thus used against you (by corporations or foreign security agencies)

The problem is the scale that modern technology allows, and that means we need new understandings on what's possible. But public debate doesn't do that, it's still routed in the "nothing to hide".

>> Now go ahead and give it to a stranger.

Well, maybe a better example then - I have a secure storage deposit with a bank. I'm 100% sure it's secure from opportunistic criminals and no one, including the government, knows what's inside it, however, the bank still holds a master key for that deposit box in case it's compelled to open it for law enforcement.

>>My private key is mine, and mine only, or supposed to be.

Again, OP was talking about balance - how do we make sure that people's private communications are safe from criminals, but at the same time allow law enforcement to look at them if needed. To which my answer is - that's how. That's doesn't make encryption "useless", it's just that this model doesn't fit your specific usecase.

That said, just having the list of who talks to whom is incredibly powerful:

https://kieranhealy.org/blog/archives/2013/06/09/using-metad...

Unfortunately, I don't see there is any healthy middle ground with even existing tech, let alone future tech.

--

From the perspective of tech, secrets are mandatory and impossible:

Mandatory for the functioning of identification, of logging in with a secure password that remains secure. The modern world would just stop functioning if passwords were not secure, if online orders or banking could be intercepted by criminals, and there's no way to limit encryption to "just the people who need it", because that's approximately everyone on approximately all economically relevant websites.

Impossible, because surveillance tech is already powerful, and also improving so fast. Drones with telephoto lenses to watch you type your password, or duplicate every key on your physical keyring. WIFI used as wall-penetrating radar. Laser microphones to hear your conversation. Side-channel attacks from Van Eck phreaking onwards. The attacks are increasingly affordable, I have to assume at this point that organised crime uses them.

(For future tech, I think we're only a few years from "smart dust" that's actually dust-sized).

--

From politics, it's no better:

We all know about our own secrets, the importance of keeping them. Many of us are familiar with the lessons of history, where governments use secret police to engage in covert ops against a political, ideological, or social opponents and dissidents — even the term "secret police" is a shorthand for authoritarian and totalitarian regimes. And the CIA and FBI (and some US state entities like the Mississippi State Sovereignty Commission[0]).

But.

Internationally, between governments, these forces battle each other. The CIA needed to be secretive and have the power to snoop, to be able to intercept the KGB agents trying to influence things.

As the MSSC (which I only learned about while writing this comment) shows, one polity's idea of unwanted political interference is another polity's idea of natural justice. (Indeed, the whole cold war has been described as a "friendly debate over which economic system is good and which one is an evil virus of Satan"[1]).

To a government, there's no important difference between outsiders who want change because they themselves are the barbarians at the gate and those who want change because they're a fifth column. States group together everything that might be a threat from unarmed students fatally shot by an Ohio National Guardsman for daring to protest against the draft, to whoever it was that shot up some power transformers a few years back[3], to MS-13, in the same way your immune system goes against all things that might cause illness regardless of if that's a common cold, COVID, or an infection that tries to pretend to be pancreatic cells and thereby triggers type-1 diabetes.

You, personally you, (and me) need some kind of intelligence agency that goes around and infiltrates all the groups that think we shouldn't be able to do ${insert liberty here}. For me, that includes freedom to be bi, freedom to not be a Christian, and freedom to not be a Muslim — there's people in this world today who want to end each of these things, and in the past also people who wanted to ban left-handed writing (another freedom relevant to me).

"Freedom to swing your fist ends at someone else's nose" and all that. But paradox of tolerance, how do you stop someone else who wants everyone to be free to swing a fist into ${outgroup}'s noses, how do you stop them rising to power? Who watches the watchers?

There's more freedoms that I'd like to have and don't, freedoms that other people would be horrified by. People in power in many places would not want me to be able to organise to become free in those ways, they would see it as a threat. One of the freedoms that I want and which powerful people see as a threat was my preference for the EU over the UK, especially with regard to the Human Rights Act and associated courts (but also, I'm not a royalist), where some commentators during the Brexit wanted to leave the human rights courts as part of Brexit, and the only thing I could do to remain confident about it in light of the uncertainty was to leave the UK myself — many in positions of power in the UK, were talking about people like me who like the EU in such terms, calling us "Quislings" and similar.

--

I think this is a U-shaped problem: the only two stable conditions are (1) a horrifyingly omnipresent surveillance state that enforces whatever social norms it happened to coalesce out of, or (2) a nearly anarchic system, in an economy that's either post-money or hard-cash-only (no digital), where nobody even has the capability to organise groups because everyone can see the attempt immediately.

[0] TIL, and WTF, "a permanent authority for maintenance of racial segregation with a full staff and funds for its operations to come out of tax money": https://en.wikipedia.org/wiki/Mississippi_State_Sovereignty_...

[1] 18 minutes into "history of the entire world, i guess": https://www.youtube.com/watch?v=xuCn8ux2gbs

[2] https://en.wikipedia.org/wiki/Fifth_column

[3] https://en.wikipedia.org/wiki/Moore_County_substation_attack

> the bank still holds a master key for that deposit box in case it's compelled to open it for law enforcement.

.. so they can steal it.

https://www.forbes.com/sites/instituteforjustice/2023/12/11/...

No, that's delegation. It's a useful feature to be able to give out multiple keys and an even more useful one if you can revoke them.

> But it can't be done en-masse, against every citizen.

Why not, the parts aren't particularly expensive?

Unless the MTBF is really short, like "single digit months", I recon London's Metropolitan Police could have every window in the city under laser microphone for less than their annual budget.

> But it can't be done en-masse, against every citizen.

Boy, oh boy.

While I can't detail what I have seen back in 2004, if you have seen what I saw, you'd not do that comment. Even without breaking the encryption, you can collect a great deal of information.

This is why "mere metadata collection" opened the gates of hell (of a backlash) in the US.

There's a reason that facebook paid $20b for whatsapp even without using the message contents

The problem is that weakening encryption in public services only hurts law abiding citizens.

The criminals per definition don't care what they use, as long as it's unbreakable, so in the event that strong encryption is outlawed, they'll just switch to illegal encryption, or any other form of secret communication.

If you implement a backdoor in iMessage, criminals will stop using that, and switch to Signal (they probably already have long before this), or setup private message services, or anything in between.

Governments falsely claim that they've always had the right to pry in your private data, but while they've always had the option (provided proper paperwork from courts) to tap your phone and read your mail, they've never been able to simply dig through everything you ever wrote at any point in time. All the so called privileges they had were reactive, going forward in time after they had proven in a court that you should be the target for investigation. If they purposely weaken encryption, they will have unrestricted access to everything you've ever said or written.

Worst case, Weakening encryption for the average user only leads to "minority report" style arrests, where you can be arrested for "thoughtcrime" for something you're written and never published, but because it's no longer a secret, "anybody" can read and interpret on it.

You are assuming that criminals are not lazy like the rest of us.

And maybe they are even more lazy than average people because that's why they became criminals in the first place.

Excellent example of why your stuff (be it messages or valuables) are not safe if anyone else has the key.

> But it can't be done en-masse, against every citizen.

I took that to be in reference to using "shoe leather" to conduct surveillance / investigations rather than today's ability to "simply" query a database for such information.

For example, back in the day (get off my lawn) if a crime happened in say a park in the middle of the night, then police would have to conduct door to door questioning to see who saw what and who in the area around the time, this required boots on the ground eating up man hours, something that doesn't scale up.

These days they can ask Google for a list of all the phones in the area at the time and will either have names/addresses tied to the Google accounts associated with that data or have enough data to then query the cell operators for that information.

They clearly meant should/must not.

Oh they're (probably) lazy like everybody else, with the difference being that they have something to hide that will potentially put them in jail.

I'm not too worried about your average "small scale" criminal suddenly becoming a criminal mastermind, but organized crime will certainly adopt safer ways of communicating, and those are the people you want to catch with electronic surveillance.

The small scale criminals usually leaves plenty of other clues that will allow the police to capture them.

No, it makes the encryption useless. Because whatever technical method the government has to break encryption will leak. Once those 4096 bits or whatever leak, nobody has encryption at all.

It’s like high schools that mandate use of a particular model of lock for students’ lockers because there’s a master key staff can use to open lockers. Do you know how many students have copies of that master key? Essentially anyone who wants one.

The myth here is that a magic key that invalidates encryption can ever be controlled. It cannot.

There are other stable conditions: law is not the only possible system of justice. Is it in the best interests for everyone if the law steps in every time one person punches another? Law is helpful when things can't be resolved at an interpersonal level: there are situations where a single punch should be prosecuted, so we can't just make punching legal; but equally, if too many things are illegal, selective policing becomes possible, and that's an abuse we really don't want.

Institutions like the criminal justice system are tools. Some can wield the institutions skilfully (e.g. https://www.loweringthebar.net/2006/07/judge_tells_con.html, https://www.bbc.co.uk/news/av/uk-38021839/speeding-drivers-q...), but often, it's a blunt instrument.

In theory, yes. In practice, doubtful. A system is only as strong as its weakest link.

If all of this surveillance made the UK a safe place maybe you could argue it’s worth it. But it doesn’t. Phones are getting snatched, you’ll never see it again. Cars are being stolen in broad daylight. Burglars are getting months in jail. It’s pointless filing a police report for any reason other than for your insurance.

I live in Japan at the moment and the difference is night and day. There are unattended shops here. People feel comfortable leaving their belongings in public. It feels like a massive weight off my shoulders not having to worry and watch constantly.

>this required boots on the ground eating up man hours, something that doesn't scale up.

Good. Police efficiency has it's own risks.

>my front door still keeps my home secure even though my sister has a copy of the key.

Someone has to physically come to your house to access your front door. Computers and other computer equipment is accessible by anyone anywhere. A Russian hacker outfit can attempt to access your phone from Vladivostok in a way they can't with your front door.

Sticking with front door analogy, what if there were a master key that could open up all door locks that the police held. What if that key was leaked and now you knew that multiple gangs and criminals had the key and were breaking into houses. Would you feel secure with your front door then? Data breaches happen and a company with the keys to everyone's computer front door is a huge target. I don't trust my bitlocker key to Microsoft. There is no such thing as a magical backdoor that only good guys can use but is secure against everyone else. A backdoor is a vulnerability that puts everyone using it at risk.

>With the way MS does it, Bitlocker could be the most secure encryption on the planet, unbreakable by any quantum computer, and yet if they have a copy of the key then the law enforcement can obtain it if needed - that's not a backdoor, not any more than giving your parents copy of your house key is an exploit on your home security.

It is more like the local lock company keeps the name, address, and the key bittings for every home in town. What happens when they are robbed and now your address and how to make a key for your lock are in the hands of some criminals in your area?

>>Sticking with front door analogy, what if there were a master key that could open up all door locks that the police held.

That's exactly what I said I don't want Apple/Google/MS to have - a master key that opens all locks is unacceptable imho.

>> What if that key was leaked and now you knew that multiple gangs and criminals had the key and were breaking into houses.

I'm sure I used this exact analogy in another comment, that's why no one should have a master key.

>>I don't trust my bitlocker key to Microsoft.

And neither do I - but overall on balance I think this is a good thing. I do like that my mum's laptop is automatically encrypted, if it gets stolen her data is safe, and if she forgets her password there is some pathway to recovering it. I like that. It's nice convenience for "regular" people. I don't do it myself because I have an alternative backup of my encryption keys. And yes, I do like that if someone is under criminal investigation that the key can be obtained from MS when a valid warrant is produced. I see that as a good thing personally.

>> There is no such thing as a magical backdoor that only good guys can use but is secure against everyone else.

Well, good thing it's not a backdoor then.

>>A backdoor is a vulnerability that puts everyone using it at risk.

Again, MS having a copy of your bitlocker key is not a backdoor.

I am very explicitly arguing that master keys shouldn't exist, for the exact reasons you mentioned.

>> Because whatever technical method the government has to break encryption will leak.

The government cannot break encryption(at least I hope they can't!)

>>The myth here is that a magic key that invalidates encryption can ever be controlled.

It's the same key you have.

>>What happens when they are robbed and now your address and how to make a key for your lock are in the hands of some criminals in your area?

I'd hope that Microsoft's key storage is harder to break into than a random local lock company. And there is no need for theoreticals - all my locks are key coded and the manufacturer can make more keys for them if I ask them. They also have my address since they know where they shipped the locks. And yet, I'm not worried about this - I suspect a wannabe robber will just break my windows with a brick not infiltrate the manufacturer's production facility to make a clone of my key.

I think "justice" is one of those words where people all think they're in agreement about it being good, but when you ask them what it means then suddenly they're all wildly divergent.

And that's the problem.

"Swinging one's fist" is more of a quote than an example here; for an example, consider that everyone agrees "murder is wrong", but we don't agree about abortion, euthanasia, deaths by police action, the death penalty, accidental civilian casualties during war, war crimes, or population liabilities if a large number of each people produce a small quantity of toxin that causes a statistically significant change in the life expectancy of the area. People protest these things, and some attempt crimes to force change on these topics.

Some say it's acceptable to use lethal force to prevent a homicide. Is it acceptable for anti-pollution protestors to vandalise gasoline supplies to reduce NOx emissions? Was it acceptable 20 years ago when we didn't have any obvious rapid path to electrification of road traffic, given that our economies are dependent on road transport?

A while before the 9/11 attacks, I saw a chain-email demanding action against the Taliban for their mis-treatment of women. When Afghanistan was invaded, I saw people upset about that, too (though in different ways, e.g. because the invading forces accidentally killed people by dropping food on their heads or bombing weddings because of the celebratory machine gun fire). Nobody was a fan of Saddam Hussein, but the second Iraq war was even more heavily criticised, despite UK/US leadership insisting Iraq had WMDs.

The boundaries here seem clean, crime vs. justice, peace vs. war, protest vs. terrorism, self defence vs. attack, but the closer I look the more I see these things as continuums.

That is obviously 100% correct, I just find it interesting that we all expect our data storage to be in this completely unbreakable vault that no one can get to even with a valid court warrant, but there is no such expectation for physical spaces. Even the most secure Swiss bank will have to open their vault when the police turn up with a valid warrant.

The world is deep and hard to categorise, people disagree on the nature of justice, and many (all?) people mistake their moral heuristics for moral truth. But there's one thing that everybody agrees on: "justice is obeying the law" is wrong. https://existentialcomics.com/comic/196 (Or https://plato.stanford.edu/entries/legal-obligation/, if you're one of those boring types who wants factual understanding.)

>healthy middle ground

I think it's worthwhile to point that if you're using "panopticon" in the literal sense (rather than shorthand for "boy that feels too far to me") then any surveillance that relies on 3rd parties [1] and gag orders to avoid making the target aware is, in fact, already the full panopticon scenario.

In that case the bounds on your middle ground make what is between obvious: information is obtained by warrants served directly to one or more participants in the communication.

[1] In the "3rd party doctrine" sense

Sure the government can break encryption. By, for instance, mandating multi-key schemes with escrow.

You may be thinking in terms of math “break”. I’m talking in terms of functionality break.

These types of organizations learn to build their own submarines to transport drugs all over the world undetected. I think they can manage a fork of Signal/Session with any backdoors removed.

Indeed.

With sufficient motivation (money is a great motivator), everything is possible, especially if not doing X will remove said money, and/or put you in jail.

It's not even like they need to fork Signal/Session, they could get by with GPG encrypting a gist and uploading that, sharing the link in signal or wherever.

As I initially wrote, weakening encryption only harms law abiding citizens, as everybody criminal probably faces much worse charges than breaking encryption laws.