A great piece on the insanity of cryptographic backdoors and kill-switches – intentionally leaving weaknesses, or forcing users into opaque systems where they no longer have full control will only lead to exploitation and a net loss. Thus, we can begin to see the incredible opportunity in closed-source software and walled gardens for control and reconnaissance by malicious actors.
“What about browser-based apps? It’s possible to build a secure data store or messaging app that loads entirely over the web, from the user interface to the cryptography library, and gets saved on the user’s device. The requisite web standards are already in place. This is not a good engineering design, to be clear—it should only be a last resort—but it is possible. And it circumvents the Android cryptography library, Google Play restrictions, and the app kill switch.”