The speech of backwards in encrypted services makes the rounds after the round Reports arose that the British government is trying to force Apple to open up ICLOUDS End-to-end-backup offer (E2EE) device offer (E2EE). The officials leaned against Apple to create a “back door” on duty with which state actors can clearly access.
Great Britain had extensive powers to limit the use of strong encryption by the technology companies 2016 update for state surveillance powers. After reporting through the Washington PostIn the British officials, the Investigatory Powers Act (IPA) asked the demand on Apple. You are looking for “flat -rate” access to data that is protected by the iCloud Advanced Data Protection (ADP) service (ADP) to protect third -party access, including Apple itself.
The technical architecture of Apple’s ADP service was designed in this way End-to-end encryption (E2EE) – To allow Apple to promise that it has “zero knowledge” about the data of its users.
A Back door is a term that is typically used to describe a secret vulnerability that was inserted into the code to avoid security measures or to undermine in other ways to enable third parties. In the iCloud case, the order enables British secret services or law enforcement authorities to access the encrypted data from the users.
While the British government regularly refuses to confirm or deny reports published in the IPA Could have global effects If the iPhone manufacturer is forced to weaken safety protection for all users, including those outside the United Kingdom.
As soon as susceptibility to the software, there is also the provision of ransomware.
This could explain why the prevailing phrasing, which is used in state -controlled attempts to gain access to E2EE, is this visual abstraction of a back door. To a question vulnerability to be intentionally To add to code, the compromises make it clearer.
To use an example: When it comes to physical doors – in buildings, walls or the like – it is never guaranteed that only the owner or the key owner of the property is only used.
As soon as an opening is available, it creates a potential for access – for example, someone can get a copy of the key or even force itself to break the door down.
Conclusion: There is no perfectly selective door that exists so that only a specific person can be run through. If someone can enter, it logically follows that someone else may also be able to use the door.
The same access risk principle applies to weaknesses that have added software (or indeed hardware).
The concept of Nobus (“Nobody except us”) Hinter doors have been weakened by security services in the past. This specific type of back door is usually based on an assessment of their technical skills in order to take advantage of a certain susceptibility to security that is superior to everyone else-an apparently more safe back door, which can only be accessed exclusively by their own agents.
But inherently technological skills and skills are a movable performance. The assessment of the technical skills of unknowns is hardly a precise science. The “Nobus” concept is on already questionable assumptions; Every third -party access creates the risk of opening new attacking attacks, such as:
It is not surprising that many security experts Nobus reject as a fundamentally incorrect idea. Simply put, every access creates a risk. Therefore, the urging for Hinterntoors is against strong security.
Regardless of these clear and current security concerns, however, The governments continue to urge back doors. So we have to talk about them again and again.
The term “backdoor” also implies that such inquiries can be secret than public-as well as hinters, no entry points for the public. In Apple’s iCloud case, an inquiry for compromise encryption under the British IPA – by a “technical ability information” or TCN – cannot be legally announced by the recipient. The intention of the law is that such back doors of design are secret. (The course of details of a TCN to the press is a mechanism for dealing with an information block. However, it is important to note that Apple does not yet have to make public comments on these reports.)
According to the right group, the Electronic Frontier FoundationThe term “backdoor” dates from the 1980s when backdoor (and “trapdoor”) was used to refer to secret accounts and/or passwords that have been created so that someone enables unknown access to a system. Over the years, however, the word has been used to characterize a wide range of experiments, to encrypt, bypass, or to impair the data security enabled by encryption.
While the hinters are back in the news, it is important that data access to the mucosal of iCloud backups from Apple is due to the requirements of data.
In the nineties, for example, the US National Security Agency (NSA) developed encrypted hardware for the processing of language and data news that had baked a backdoor in them – with the aim of intercepting the security services encrypted communication. As was known, the “Clipper chip” used a system with a key loyal – which means that a encryption key was created and stored by government agencies to facilitate access to the encrypted data if the state authorities wanted.
The attempt by the NSA to enlarge chips with baked backstores failed due to a lack of adoption after a security and privacy. Although the Clipper chip is attributed to the fact that the efforts of the cryptologists to develop and spread strong encryption software are built up in order to secure data against the government’s over -control.
The Clipper chip is also a good example of where an attempt to take access to the system was publicly carried out. It is worth noting that back doors don’t always have to be secret. (In the iCloud case Great Britain, the state agents wanted to be clearly accessible without Apple users know this.)
Add to governments that often use emotional propaganda for claims to access data in order to impair the support of the public and/or pressure on service providers in order to adhere to them – for example, due to the argumented access to E2EE, to adhere to child abuse or Fighting terrorism, or terrorism, or prevent another hideous crime.
However, back doors can have a way to return to bite their creators. For example, China-supported hacker found last autumn -Mearing access to data from users of US telcos and ISPS thanks to a 30-year federal law that had prescribed backdoor access (even if in this case from non-E2E access points to systems.
Governments also have to worry that foreign back doors create risks for their own citizens and national security.
Over the years, several cases of Chinese hardware and software have been suspected that Hinterntoors had been dominated over the years. Some countries led to concerns about the potential back door risks, including Great BritainTo remove or limit steps to remove or limit the use of Chinese technology products such as components in recent years. Fears of backstores can also be a strong motivator.
