Yes. The high-end criminals will absolutely adapt to using encryption tools that are opaque to key escrow (see the recent arrests around PhantomSecure) and the government will go back to using 0days on them. Key escrow is for the dumb criminals.
I know how 0days work, the question is whether it's acceptable to encourage increasing the adoption of exploitation in exchange for dropping attempts at building key escrow. I have a problem with that.
-
-
There is a difference between “encouraging zero day adoption” and the false premise that key escrow would eliminate or even reduce zero day hoarding.
-
Nobody wants to hoard 0day, because your enemies can use them against you. They do so because they balance that risk against the value of that additional capability, if that capability reduces in value, the calculus changes. Explain to me how that won't reduce hoarding?
- 27 more replies
New conversation -
-
-
but no one is encouraging an increase in the adoption of exploitation — it will happen whether or not we want it to, and it will happen whether or not we build a key escrow system.
-
Multiple people are arguing that, how else should I interpret this?https://twitter.com/qwertyoruiopz/status/1205941285162536960 …
- 1 more reply
New conversation -
-
-
Actually I think it’s totally acceptable from a lobbying perspective. They aren’t going away without something that looks like an answer. And answers that have them upping the defense budget sell well. At least you can fight 0day development on tech terms.
-
Proposal that gives some influential senators ammunition to demand several billion annually for cyber warriors back in their districts gets the deal done to ditch backdoors? Take it. They love pork like that.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
