Security threats Toolkit
Story: Government to force handover of encryption keys
Posted by: Anonymous (Friday 19 May 2006, 10:33 PM)
Hmm... and what, exactly, does this "order to seize" actually do to protect people from terrorism? Does it prevent terrorists from cloning citizens' phones and using them to communicate with other terrorists? Or criminals for that matter?
Does this actually safeguard ANYONE?
What prevents people from just generating thousands upon thousands of keys? Perhaps millions of keys?
Officer: I need to access your protected data... please give me your key.
Individual: Sure. Here is a hard drive filled with all of the keys I use. Not sure which goes where, but here are my keys. (300GB hard drive with over a hundred million keys)
Imagine that data is encrypted 1-3 times by each key(100-300 million times encrypted) and even one key is wrong/missing? What then? How long would it take to access the data?
Worse... what prevents criminals and terrorists from deliberately generating such overly encrypted data with mind numbingly large numbers of keys? Just downright bog down the workflow of data decryption.
This kind of "blind reasoning" or "panic reasoning" is hurtful to the local economy and over time, erodes faith in the governing body's ability to think rationally and plan for the country's safety.
This kind of thing will discourage businesses from:
- travelling there
- setting up shop there
- accepting customers from there or who travel there
Imagine the headache when even 1% of your customer base requests a new key to be generated because their existing one got seized and they no longer feel their information is safe?
What if this happened on a daily basis?
The other question is whether the police officers are qualified to handle the keys themselves? Are they trained and certified as people who are capable of handling encrypted keys?
If I was a company, I would immediately move my business out of that region. It is a legal liability to me and my customers to have personal keys revealed.
So does this give the police the power to take peoples' passwords to online accounts as well? To corporate accounts? In the event "terrorist" or "criminal" data is stored there?
Do the people making these laws even think about the consequences!?
Full Talkback thread
Story: Government to force handover of encryption keys
-
The governments viewpoint that the threat of a fe... Anonymous -
Master keys? What master keys? Is the author tal... Anonymous
-
More unenforcable laws. Just what we need. As encr... A Hacker
-
nemo tenetur sine detergere ? João Nadal
-
Stupidy rules. So law enforcement can demand... Arthur B. -
The world is going bonkers over terrorist threats.... Nitin Mehra
-
Seize knives! They can be used to kill people!
Ban... Anonymous
-
It's quite big invasion in our privacy ... But han... Anonymous
-
1984 Anonymous
-
Hmm, beggers belief.
If the goverment think they... Drunken
-
This is how it works -
Police enter Bank demanding... Anonymous
-
There is a major difference between being forced t... Anonymous
-
Hmm... and what, exactly, does this "order to seiz... Anonymous -
I find it hard to believe that by continually erod... Anonymous
-
Personally I think we need to go bug the oppositio... Jamie White
-
hahaahahaha.. What a bounce of idiots who think th... shad-99
