Monday, 3 August 2015
#CryptoWars - why back doors in iMessages are stupid
Obviously that is a tad convoluted, and you might expect the phone to be able to work out keys to use automatically, but it raises serious questions.
With end to end encryption any "back door" has to be added by the sender. This means that if, say, someone in China texts someone in America, the sending phone has to add the necessary "back door" keys at the start. Now, US may be able to bully Apple in to adding their keys, perhaps by making US laws, but what if Chinese made laws saying Apple was not allowed to do that when on Chinese soil?
Even if you changed it to be a server based solution, what country wants to entrust all message intercepts on such a popular platform to the control and whims of a foreign country - we need end to end encryption to protect us, and countries need to insist on it to protect their citizens.
As I also ask at the end of the video - is this only down to the country you are in, or is the sender's (and recipient's) nationality a factor too? How would Apple know that?
But then whose keys are included at the sending end, in what circumstances, and by what legal jurisdiction?