TSA Master Keys, Threat Models, and Encryption

Submitted by Blake on Mon, 10/19/2015 - 21:33

This is the perfect illustration of why security that has backdoors for law enforcement isn’t actually security. Once there is an intentionally created hole in your security strategy, you should assume that anyone that you are attempting to prevent accessing your luggage/email/passwords will ALSO have access to your intentionally created security hole. This is the same concept that Cory Doctorow uses in his condemnation of DRM (you can’t lock something up with a key and then give the key to the person you are trying to prevent accessing your thing) as well as the argument against giving backdoor access keys for encryption algorithms to governmental agencies. It is simply impossible to have security, whether that term is used for physical objects, communication, storage of information, or anything else, and also to have holes intentionally added to the system for the benefit of “the good guys”. Once the key exists, anyone can make their own copy of it.

From TSA Master Keys, Threat Models, and Encryption | Pattern Recognition