Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Security Pros Look at Encryption Backdoors (helpnetsecurity.com)

Posted by msmash on from the what-they-think dept.

An anonymous reader shares a report: The majority of IT security professionals believe encryption backdoors are ineffective and potentially dangerous, with 91 percent saying cybercriminals could take advantage of government-mandated encryption backdoors. 72 percent of the respondents do not believe encryption backdoors would make their nations safer from terrorists, according to a Venafi survey of 296 IT security pros, conducted at Black Hat USA 2017. Only 19 percent believe the technology industry is doing enough to protect the public from the dangers of encryption backdoors. 81 percent feel governments should not be able to force technology companies to give them access to encrypted user data. 86 percent believe consumers don't understand issues around encryption backdoors.

3 of 52 comments (clear)

  1. Explain It Like Government Explains It by Anonymous Coward · · Score: 4, Insightful

    86 percent believe consumers don't understand issues around encryption backdoors.

    Maybe we should start explaining it in the same way that governments try to justify access.

    Government claims to need backdoors to keep us safe from terrorists? Maybe we should ask "how is giving terrorists access to our financial information, medical information, power grids, etc, keeping us safe from said terrorists?" Keep it in the public eye that backdoors give terrorists access to our information just as easily as it gives "the good guys" access to it.

  2. How to describe backdoors by peragrin · · Score: 5, Insightful

    How to describe encryption backdoors to idiots and non technical people.

    Ask them to pull out their house key. Now have them go make 10,000 copies of that key and label each key with their name address and door location. Have them include their normal working hours.

    Now they are to pass out those keys to every police officer, fire department, medical service group in their area just in case the government needs to get in their house in an emergency.

    Now ask them a question how likely would it be that 1 out of 10,000 would get lost or misplaced and end up in the wrong hands?

    100% of the people I have explained it to that way suddenly change their minds. Though it is still a small sample size. Once a generic key has been created and passed around you might as well not have a key

    --
    i thought once I was found, but it was only a dream.
  3. Re:On that basis ... by pr0fessor · · Score: 3, Insightful

    Making something Illegal isn't going to stop a criminal or terrorist. The result is that they will simply use an alternate method without a back door and eventually find the back door placed in the encryption methods by law. This will only make e-commerce less secure.

    What if we hide the back door? It's to late for that and it wouldn't work anyway hackers will find the back door and they will use it, finding and creating back doors is their bread and butter.