• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

US Senators Introduce Bill to Backdoor Encryption

June 24, 2020 By Marc Laliberte

Dome of the U.S. Capitol by night

Three Republican Senators today introduced the Lawful Access to Encrypted Data Act, in their latest attack on the security and privacy of everyday citizens. The press release for the bill describes it as a way to “bolster national security interests” by “ending the use of ‘warrant-proof’ encrypted technology by terrorists and other bad actors to conceal illicit behavior.” At a high level, the bill will require tech companies and device manufacturers to assist law enforcement with accessing encrypted data and develop prizes and grants for companies who can “create a lawful access solution in an encrypted environment.”

This isn’t the first-time lawmakers have used terrorism and cyber criminals as a boogeymen in an attempt to hamstring encryption technology. Earlier this year, the US Senate introduced the EARN-IT act, which isn’t explicitly an anti-encryption bill, but could enable the government to require internet services to backdoor their encryption or risk losing Section 230 protections.

There is no such thing as a “secure” backdoor for encryption. More accurately, backdoored encryption is fake encryption. By forcing companies to intentionally build weaknesses in their products, they are opening up ALL users to the threat of cyber adversaries and abuse by law enforcement. This bill would do little to catch actual terrorists and cyber criminals since, should it pass, they would just switch to using products and services that are manufactured and developed outside the judicial reach of the United States. The sponsors of the bill and similar bills have proven they either don’t understand or don’t care about how encryption protects American citizens.

Simply put, this bill makes us all less safe, not more.

Share This:

Related

Filed Under: Editorial Articles Tagged With: Infosec news, security

Comments

  1. Jonathan Sparks says

    June 24, 2020 at 11:20 am

    Sounds like they are being influenced by parties who would benefit from it.

    Reply
    • Marc Laliberte says

      June 24, 2020 at 11:30 am

      I agree

      Reply
  2. Larry B says

    June 24, 2020 at 11:44 am

    Imagine the catastrophic situation when a Zero-day is detected and cyber criminals gain access to many credit cards or other information through the backdoors they already use

    These back-door to encryption will become a coveted target and may lead up to some serious backpedaling.

    Especially when Credit Cards leak through the back door (crashing economy), kidnapping, or what ever encrypted data a cyber criminal can find to help their cause.

    Sure sounds like a great plan guys!

    Reply
    • Marc Laliberte says

      June 24, 2020 at 1:13 pm

      It just isn’t possible to design a backdoor that is 100% safe from cyber criminals. All it takes is a source code leak or law enforcement losing a key and poof, the encryption is completely broken.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • CISA Warns of Weaponized RMM Software
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Report Roundup
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use