Phones shouldn't have an expectation of privacy if they're over analog lines as you have no control over the content once it leaves you. I, personally, think that they're both overreach but, legally, I think it's the difference between someone listening to a conversation you're having in a public park vs. one that you're having in your bedroom at home. If someone can hear me in a public park, that's on me as I clearly didn't put thought into how accessible I was. If someone can hear me in my bedroom, though, then I have to question the integrity of my home.
Encryption was specifically created to guarantee the integrity of an A->B interaction. If we're compelled to break that, then the whole system is no longer able to be trusted and its integrity is shot.
Of course not phones! I mean, "The President's Analyst" ;)
But from a professional, and WWII hero:
> 17. The greatest material curse to the profession, despite all its advantages, is undoubtedly the telephone. It is a constant source of temptation to slackness. And even if you do not use it carelessly yourself, the other fellow, very often will, so in any case, warn him. Always act on the principle that every conversation is listened to, that a call may always give the enemy a line. Naturally, always unplug during confidential conversations. Even better is it to have no phone in your room, or else have it in a box or cupboard.
Maybe not naive but I think never trusting your own home is just a recipe for paranoia. You have no reason not to trust your home unless some actor had reason to do so from the onset. It's not a trivial matter to bug someone's home or bedroom without their detection unless you have free and clear access.
Edit: Just now realizing that you meant we shouldn't trust encryption and phones, not our home. Whoops. Leaving my response for posterity and lulz.
Spies meet in person because they're people of interest. They take the job knowing that nothing they do is ever really done in secret.
If Apple includes an additional public key in the list of keys that can decrypt an iMessage, how are you now exposed to every other malicious actor on the internet?
There are things handset makers could do that would allow law enforcement access to a device without compromising the security of every person using that device. For example, they could add a connector to the logic board that grants access to the keys after a fuse is blown. It would only work on devices that law enforcement have in their possession and once they blow the fuse, the device is otherwise useless so you don't have to worry about using a device that's been compromised. It could even be designed so that the extracted key is encrypted and can only be decrypted by Apple after they receive physical possession of the phone and a court order.
A scheme like this would individual phones that law enforcement have in their possession to be accessed. It wouldn't allow mass decryption and so normal users are still protected. That seems like a reasonable compromise to me.
This would ruin the physical security of lost devices wherein the attacker is willing to ruin the device. This is worse than key escrow because it ruins the physical security all all devices everywhere.
At least with key escrow we could laughably pretend that the government would keep their master keys secure. You are suggesting that all portable devices ship with security that can be defeated with a screw driver and hoping nefarious people don't react by installing actual security in software.
> This would ruin the physical security of lost devices wherein the attacker is willing to ruin the device.
Only if they could also secure Apple's cooperation. That's what I was addressing when I said "the extracted key is encrypted and can only be decrypted by Apple".
Once apple has the keys to the kingdom what is stopping the government making apple give the government such keys ensuring that no warrant is required.
What is stopping users from using software that is ACTUALLY secure.
> what is stopping the government making apple give the government such keys ensuring that no warrant is required
The same thing that's stopping them from silently requiring Apple to include backdoors into every device today.
> What is stopping users from using software that is ACTUALLY secure.
It's the same as with a regular phone line. Users are free to speak in code or use an analog scrambler. Just because a particular interception technique isn't perfect doesn't mean it wouldn't be valuable to law enforcement.
No, both depend on how careful the eavesdropper is about safeguarding their special access. Both could be secure (as secure as planned, anyway) but both add some extra risk.
There are practical differences, sure, but it’s all the same principle.
One cannot automate physical wiretaps on hundreds of millions of people from Nigeria and steal their data or sabotage their infrastructure via access to their phone lines.
