Skip to main content

Once again, for the people in the back: we don't build back doors because there is no way to build a back door that only good guys can walk through, motherfuckers.

wsj.com/tech/cybersecurity/u-s…

in reply to evacide

klausfiend
klausfiend
This seems like a massive own-goal for the US intel community.
in reply to klausfiend

evacide
evacide
@klausfiend If you are interested in more like this, I recommend "Spyfail" by the esteemed IC historian James Bamford.
@klausfiend
in reply to evacide

0xC0DEC0DE07E8
0xC0DEC0DE07E8
brain tried to coerce this into the form of “we don’t do this because it’s easy…” and I couldn’t square it because you (specifically and especially) are obviously not making an excuse for backdooring software.
in reply to evacide

Infoseepage #StopGazaGenocide
Infoseepage #StopGazaGenocide
And the argument of "Trust us, we're on the side of the angels" never got very far with me to begin with...
in reply to evacide

Ben
Ben
I recently had to explain to an Eng leader that when I was saying “not possible”, I did not mean, “we can do it if we’re clever enough”.
in reply to evacide

minimantis
minimantis
Trying to create a back door for 'good guys' is like saying you’ll only let the nice sharks in the pool.
in reply to evacide

Brian Strouselhousen
Brian Strouselhousen
So clearly the answer is to use AI to encrypt it, then put it on the blockchain, and store a secret in an NFT that is then stored in a smart contract which is then stored in a offline (cold) wallet available only to the good guys. Sounds reasonable, right?
in reply to evacide

Doerk
Doerk
And even if it would be possible, who can say that the “good guys” would only use it for good things. There are more than enough examples showing that the good guys are not always as good as they are supposed to be.
in reply to evacide

Eric the Cerise
Eric the Cerise
FWIW, I remain unconvinced that the people calling for back doors *are* the good guys.
in reply to Eric the Cerise

evacide
evacide
@ErictheCerise Oh they are not, but the people who insist that backdoors will be fine all believe they are the good guys or they are making them for the good guys.
@Eric the Cerise
in reply to evacide

Matt Blaze
Matt Blaze
My vocabulary is no longer rich enough to discuss this topic without getting very sweary.
in reply to evacide

JacobRPG+ 🫘
JacobRPG+ 🫘
have we tried asking our adversaries not to use our backdoors?
in reply to evacide

kcarruthers
kcarruthers
sheesh it’s so tiring doing this again and again 🙄
in reply to evacide

Jonathan Lamothe
Jonathan Lamothe
@evacide ...and don't even get me started on the definition of "good guys".
@evacide
in reply to evacide

Urzl
Urzl
But the sign clearly said "Employees Only" and we never anticipated the kind of lunatic who'd ignore that kind of warning!
in reply to evacide

slash
slash

Apple came pretty close, though. Their M1 backdoor appeared less than 1 year after the FBI dropped their All Writs case. And it required a magic key to start the exploit chain, which they figured no one could find. Until Kaspersky did.

To their credit, they had the disabling code ready to go, so when it was discovered they claimed "bug" and pushed the "off" button.

in reply to evacide

Adlangx
Adlangx

I like the use of motherfucker there...wait a second. 😂

Yeah, a "backdoor" is just a vulnerability.

in reply to evacide

Chaucerburnt
Chaucerburnt
how are we still having this conversation in 2024? 🙁
in reply to evacide

DaveHowe
DaveHowe
- my usual comment is that good-guy-only backdoors are like good-guy-only holes in body armour.
in reply to evacide

craignicol
craignicol
it's simple, just make someone pinky promise that they're not going to use the backdoor for evil. Everyone knows bad guys don't pinky promise.
in reply to evacide

craignicol
craignicol
we'll just put the backdoor in the same vault they kept the CSS DVD key. Sorted.

This website uses cookies. If you continue browsing this website, you agree to the usage of cookies.