Right, it's just a thought experiment. It will never happen, but if the USG committed to only using a lawful key escrow system, it might move the 0day market as billions of dollars fall out of it. Maybe that would have some benefits, but the economics seem complicated. 
-
-
So let me answer your first question with a question: if Western governments mandate key escrow, will the government of UAE be able to use it under the UAE’s legal regime? If yes, then I *am* objectively uncomfortable with key escrow. If no, hello lucrative 0day market.
-
Let's avoid the slippery slope argument (i.e. if one government has key escrow, then they all must) for the purposes of discussion. Do you agree that fixing vulnerabilities is a good thing, or should they be hoarded so that key escrow isn't necessary?
- 9 more replies
New conversation -
-
-
i might be in the minority with this controversial opinion, but i would be in favour of eradicating the 0day market if it were an option — however, it is *tolerable* in comparison to key escrow systems because it's a law of nature and doesn't itself increase attack surface

-
interesting thanks, but the counter argument is that while it doesn't *increase* attack surface - a policy change (perhaps tweaking VEP, or something) can get vulnerabilities fixed that are being abused by adversaries. That is a positive thing, right?
- 31 more replies
New conversation -
-
-
No, ultimately the governments of the world need to accept the reality that they’re going to go blind to people’s interpersonal communications.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.