The national intelligence services of the United States, the United Kingdom, Australia, Canada, and New Zealand have joined forces to support legislation requiring makers of encryption software to incorporate defects into their products so as to allow surveillance agencies (such as law-enforcement and espionage operations) to seize and decrypt communications between users of the software.
“Statement of Principles on Access to Evidence and Encryption”
Department of Home Affairs, Australian Government, August 29, 2018
The Governments of the Five Eyes encourage information and communications technology service providers to voluntarily establish lawful access solutions to their products and services they operate in our countries. …
Should governments continue to encounter impediments to lawful access to information necessary to aid the protection of the citizens of our countries, we may pursue technological, enforcement, legislative or other measures to achieve lawful access solutions.
Of course, in the United States, any government access to private communications is unlawful, indeed unconstitutional, unless it is supported by a warrant, endorsed by a judge of the relevant jurisdiction, “upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” Unfortunately, in this context, ‘lawful’ is simply a stylistic variant of ‘government’, not referring to any actual law. The threat to resort to system cracking if backdoor entries to encryption systems aren't provided reinforces this obvious indifference to the rights of citizens and subjects.
“Five-Eyes Intelligence Services Choose Surveillance over Security”
Bruce Schneier, Schneier on Security, September 6, 2018
To put it bluntly, this is reckless and shortsighted. I've repeatedly written about why this can't be done technically, and why trying results in insecurity. But there's a greater principle at first: we need to decide, as nations and as society, to put defense first. We need a “defense dominant” strategy for securing the Internet and everything attached to it.
This is important. Our national security depends on the security of our technologies. Demanding that technology companies add backdoors to computers and communication systems puts us all at risk. We need to understand that these systems are too critical to our society and — now that they can affect the world in a direct physical manner — affect our lives and property as well.
Cory Doctorow, Boing Boing, September 5, 2018
It is impossible to overstate how bonkers the idea of sabotaging cryptography is to people who understand information security. If you want to secure your sensitive data either at rest — on your hard drive, in the cloud, on that phone you left on the train last week and never saw again — or on the wire, when you're sending it to your doctor or your bank or to your work colleagues, you have to use good cryptography. Use deliberately compromised cryptography, that has a back door that only the “good guys” are supposed to have the keys to, and you have effectively no security. You might as well skywrite it as encrypt it with pre-broken, sabotaged encryption. …
Cryptography [is] the basis for all trust and security in the 21st century.
“Ten Years Later, Cory Doctorow's Little Brother Remains Inevitable”
Cory Doctorow, Tor.com, April 26, 2018
We only know how to make one computer (the computer that runs every program) and one internet (the internet that carries any data), and we specifically don't know how to make computers that can run all the programs except for the one that freaks you out … and we don't know how to make an internet that carries all messages except the ones you don't like. …
This is a reality that policymakers, law-enforcement, and the general public [have] spectacularly failed to come to grips with. …
Computers create real problems: harassment, commercial surveillance, state surveillance, corporate malfeasance, malware attacks on embedded systems, and casino tricks to “maximize engagement” at the expense of pleasure and satisfaction. … We can't solve those problems by engaging with computers as we want them to be — only by engaging with them as they truly are.