[Cryptography] Justice Dept. Revives Push to Mandate a Way to Unlock Phones
Natanael
natanael.l at gmail.com
Sun Mar 25 20:40:06 EDT 2018
Den mån 26 mars 2018 01:12Erik <erik at erikgranger.name> skrev:
> What are some possible technological responses that can be utilized to
> protect against this sort of legislation? I'm curious what people here
> would do if some legislation of this sort were written into law.
>
The legal equivalent of the nuclear option is something like the clipper
chip / access via TPM:s or equivalent circuitry, demanding full access to
observe everything that happens, perhaps remotely. Perhaps even banning
non-approved hardware from accessing the phone network.
That would mean devices would ship essentially irrevocably compromised. You
would need to physically tamper with the CPU, probably breaking it, to
remove it. You can't really achieve meaningful security otherwise.
For anything less, where they only got access if they have physical access
to your device: just only use apps with encrypted communication and
storage. Use strong passwords. If they decrypt your device they still don't
know the keys to for example your Signal database or your OpenKeychain
keys.
You could otherwise repurpose other clean hardware, like using an RPi (with
the necessary accessories) as phone. Much less fancy and usable, sure, but
it would be the safest option.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180326/518ac743/attachment.html>
More information about the cryptography
mailing list