Do you think banning end-to-end encryption is plausible? Think again. - GitHub - davidchisnall/banning-e2ee-is-stupid: Do you think banning end-to-end encryption is plausible? Think again.
Various lawmakers in different countries are proposing to require messaging services to provide a mechanism for law enforcement to decrypt end-to-end encrypted messages. This kind of legislation fundamentally misunderstands how easy it is for bad people to build their own end-to-end encryption layers on top of other messaging systems.
Requiring Signal, WhatsApp, and so on to introduce vulnerabilities into their products does not make life much harder for criminals. Criminals can easily build or buy an extra layer of encryption on top and exchange messages that can’t be decrypted.
It does make everyone else less safe. If a backdoor exists and is usable by authorised people, it will eventually be exploited and used by malicious people.
This repository contains a trivial demonstration of this. 👉
Various lawmakers in different countries are proposing to require messaging services to provide a mechanism for law enforcement to decrypt end-to-end encrypted messages. This kind of legislation fundamentally misunderstands how easy it is for bad people to build their own end-to-end encryption layers on top of other messaging systems.
Requiring Signal, WhatsApp, and so on to introduce vulnerabilities into their products does not make life much harder for criminals. Criminals can easily build or buy an extra layer of encryption on top and exchange messages that can’t be decrypted.
It does make everyone else less safe. If a backdoor exists and is usable by authorised people, it will eventually be exploited and used by malicious people.
This repository contains a trivial demonstration of this. 👉
This is all the evidence one should need that these laws are about control, not safety.
It’s the age old political weapon of saying “but think of the children” before doing something horrible.