[Cryptography] eliminating manufacturer's ability to backdoor users

[Jerry Leichter]

> And this is helpful to your typical - or even highly atypical - buyer of an iPhone - how?
> 
> What if the British government makes iPhone-style encryption illegal like they seem to be suggesting they will?
> 
> While I entirely agree with what you're saying, anyone who buys a third party hardware device entirely trusts the manufacturer has not included backdoors.
> 
> I am suggesting a model where there is a separation of responsibilities between providers in the various stack which is resistant against both legislation and actual backdoors.
If you think *any* technological model is resistant to legislation, you're kidding yourself.  Sure, for small groups of individuals communicating among themselves with privately developed hardware and code - sure.  (Though they'll probably screw up the OpSec anyway.  It's really, really hard to get the right, consistently, every time, forever.)

But for stuff actually being sold?  Legislation may not prevent you from building this it, but it sure will prevent you from gaining much of a market, or making any money.  (Well, I suppose you can go the same route as drug dealers.  But secure phones aren't as addictive as the stuff they sell, so what you can make that way seems rather limited.)
                                                        -- Jerry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160222/54303e40/attachment.html>