You Can’t Backdoor a Platform

A great piece on the insanity of cryptographic backdoors and kill-switches – intentionally leaving weaknesses, or forcing users into opaque systems where they no longer have full control will only lead to exploitation and a net loss. Thus, we can begin to see the incredible opportunity in closed-source software and walled gardens for control and reconnaissance by malicious actors.

“What about browser-based apps? It’s possible to build a secure data store or messaging app that loads entirely over the web, from the user interface to the cryptography library, and gets saved on the user’s device. The requisite web standards are already in place. This is not a good engineering design, to be clear—it should only be a last resort—but it is possible. And it circumvents the Android cryptography library, Google Play restrictions, and the app kill switch.”

Read More

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s