Backdoor Disasters
Mar 10,
2016
Last week I explained why government-imposed backdoors cause more problems than they solve, and government-imposed weaknesses from the 1990s are still causing SSL/TLS security problems. Let’s see some of the other ways backdoors have spectacularly failed. This is nothing new The problem of insider abuse goes back to an era when letters and telegrams were […]
What Could Possibly Go Wrong With Backdoors?
Mar 8,
2016
What could possibly go wrong with back doors? Pretty much everything imaginable. You must have seen about the debate between the FBI and Apple over providing a backdoor for the Apple iPhone 5C model. I strongly agree with Michael Hayden, former head of both the Central Intelligence Agency and the National Security Agency. In an […]
Why Giving Government Easy Backdoor Access to Encrypted Data is a Bad Idea
Jul 30,
2015
A friend used to run a server room at a medium-sized company. The main door had a heavy pushbutton combination lock – it looked secure. The back door, however, was left open as the room got too hot when it was closed. Everyone went in and out the back door. The locked door was simply […]
Back Doors Always Become Open Doors
Oct 6,
2014
We know back doors get built into systems because sooner or later they’re abused in ways that often grab our attention. Keep in mind that any “password recovery” system accomplishes something that would not be possible within a system that really protects confidentiality. There is a tradeoff between confidentiality and availability. The stronger the protection […]
Smart Phone and Tablet Problems Can Let Your Cloud Data Slip Out the Back Door
Apr 7,
2014
When you put your data “out in the cloud”, you will want to get it back eventually. Maybe even interact with it frequently. You lost direct control and even the visibility of the control of your data when you moved it to the cloud. Just how much you lose depends on the cloud service model, […]