‘Exceptional Access’: legal frameworks, technology & trust

Open sesame!

Legal frameworks are hard

Technology problems are easy

Earning (and keeping) trust is hard

We implicitly place a lot of trust in application developers & platform operators

Governments & law enforcement

Mythbusting

“They want to break encryption”

“WhatsApp, Signal (etc) would be rendered insecure”

  • “writing decent code so security isn’t undermined by trivial vulnerabilities
  • making sure there’s appropriate independent vetting of critical code before it’s added to the product
  • protecting development networks so they know what’s really in the product and that it hasn’t been covertly modified by some external malfeasant
  • protecting critical security artefacts like code signing keys”

“This is a backdoor for anyone else to abuse”

“This is mass surveillance”

So, where does this put us?

Legal frameworks

Technology

Trust

--

--

--

The thin blue line between technology and everything else. joelgsamuel.com

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

INT 4.0 Mapping Early Bird Program

I Fell for a NFT Scam

Kryptomon — Version 1 Begins

Year in Review: 2020 laid the groundwork for zero knowledge proofs

Analysis on the recharge “false notification” vulnerability of EOS DApp

Major release, including MetaMask wallet connect, Notifications, Twitter username claiming and more!

OSCP Day 1/100 — Intro/Installation

How To Control Your Network Access

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Joel Samuel

Joel Samuel

The thin blue line between technology and everything else. joelgsamuel.com

More from Medium

LoRaWAN® recognized as an International Standard — Parley Labs

58 — Securing DNS with Peter Lowe of DNSFilter

Monitor events with ELK Stack : Foward Log with Rsyslog and Syslog-ng.

The epitome of evasion! A custom shellcode