Back door keys

One of the big issues with a "back door" for authorities to use is that these common keys have to be simultaneously kept secure, and made available to a wide range of people in authority.

No, for a change I am not actually talking about "back doors" in encryption, which is for what David Cameron and Theresa May seem to be asking.

No, in this case I am talking about the TSA master keys for TSA approved luggage locks so that they can inspect baggage. There are several pictures floating around the Internet now, with high enough resolution to allow copies to be easily made.

This is a very clear example of the problem with any sort of "back door", and don't be fooled that for encryption systems the "keys" could be kept securely in one place - the "access" to make use of those keys will be wanted one way or another by every police force and authority entitled to use them under RIPA or similar legislation. Bribing someone with official access won't be any harder than photographing physical keys.

Back doors undermine security - full stop.

No comments:

Post a Comment

Comments are moderated purely to filter out obvious spam, but it means they may not show immediately.

ISO8601 is wasted

Why did we even bother? Why create ISO8601? A new API, new this year, as an industry standard, has JSON fields like this "nextAccessTim...