> This is an endemic risk to smartphones, but binary transparency makes this detectable.
> That said, at minimum, the developer should control their own signing keys.
So, don’t ship on the Play Store unless you’re grandfathered?
> If the developers for an app do not live in a liberal democracy with a robust legal system, they probably cannot tell their government, “No,” if they’re instructed to backdoor the app and cut a release (stealth be damned).
Or when the laws of said democracy make it illegal for them to say “no” (see: Australia, possibly the US per Lavabit, realistically every country in Europe if the government is willing to claim a grave enough threat per the German hoster of Jabber.ru attempting a MITM against them).
Authoritarian jurisdictions with a modus operandi of compelling their businesses and citizens by force are thus much riskier than Western democracies, even flawed ones. I at least expect it's a lot harder to say no to demands to break your promises that come with credible threats of torturing your family.
I'll also say that it's quite hard to make a messaging app without the servers that run the service having a great deal of power in the protocol. Many types of flaws or bugs in a client or protocol go from "theoretical problem" to "major issue" in the presence of a malicious server.
So if end-to-end security is a goal, you must pay attention to not only the protocol/algorithms and client codebase. The software publisher's risks are important (E.g., Zoom has a lot of risk from a China-centric development team). As are those of the hosting provider (if different from the publisher).
And also less obvious risks, like the mobile OS, mobile keyboard app, or AI assistant that are processing your communications even though they're sent between clients with E2EE.
Reflections on Trusting Trust is still a great read for folks curious about these issues.
I think you misinterpreted the most important nuance in this post. The rest of your comment is about jurisdiction in the context of who develops the client software.
The blog post is talking about jurisdiction in the context of where ciphertext is stored, and only calls that mostly irrelevant. The outro even acknowledges that when jurisdiction does matter at all, it's about the security of the software running on the end machine. (The topic at hand is end to end encryption, after all!)
So, no, this isn't a dangerous view. I don't think we even disagree at all.
mcherm•1h ago
some_furry•36m ago
This is a contradiction. If you have such a capability, then your encryption isn't sufficiently reliable. If it is sufficiently reliable, then this law cannot take effect.
If, for example, Australia wanted to compel me to backdoor something for their investigative purposes, there's nothing they can do. I live in America.
If I hosted ciphertext in Australia, the most they can hope is to terminate the service in their country. This is an availability concern, but the failure mode isn't "the government sees your nudes".
> (perhaps with a court order or a "National Security Letter")
National Security Letters don't do what you think they do. There are widespread misconceptions about their allowed scope, but they only allow the government to request "subscriber information" from a service provider. That doesn't include "we compel you to backdoor your app, and here's an automatic gag order". If they try to use non-NSL measures to accomplish this compulsion, talk to a lawyer not a cryptographer.
adrian_b•32m ago
In my opinion, as someone who has been born and raised in a country occupied by external invaders, who had installed there a fake communist "democracy" and fake justice, the most fundamental human right is the right to refuse to answer to a question, regardless who asks the question.
If in a country such a refuse is sufficient for severe punishments, without the need of any other proof that the one refusing to answer has done anything wrong, then, regardless if such a refuse to answer is labeled "obstruction of justice", "contempt of court" or whatever, in that country any claims that human rights were respected are false.
It is a shame for the United Nations that this most important human right is not included in their declaration.
In order to be able to oppose an abusive government, the right to refuse to answer a question is much more important than the right to possess weapons (which will always be inferior to those of law enforcement and military, so they are not a solution).
some_furry•30m ago
The only way they would be able to acquire the key would be to push a backdoored update to the app. Reproducible builds (which implies open source to be meaningful) and binary transparency make that incompatible with gag orders, by design.