Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

no one said it was a backdoor, though. you have to have a key to encrypt stuff, and it was that key which got leaked, somehow. a backdoor is a way around the use of a key to see secret messages, or an alternate key which allows you to view messages without compromising the key which encrypts messages in normal operation.

could have been a backdoor, sure, could have been something else. could have been carelessness. could have been blackmail. could have been a rogue employee. could have been malware, spear fishing, or any one of a hundred other things.

did I miss something or are you premature in blaming this on a backdoor?



If Microsoft can’t manage to hold onto these critical encryption keys, why do you think that <insert nation state x> will?

When your data is stolen because you were working in Cancun and the Mexican CIA was compromised, will you ever even know?

The point isn’t blaming a back door, it’s just pointing out that the more stakeholder that possess a key, the higher the probability of a compromise.


They didn't say it was an intentional backdoor. But if it were, the result would be the same.

It's hard to secure encryption keys. If you had a backdoor based on a key that you had to keep secret, leaks like these can happen. If Microsoft (or anyone) can't keep their encryption keys secure, they'd be equally unable to keep a backdoor key secure for the same reason.


But an encryption back door is either a second key that someone else holds or it is some piece of information the public should not know about.

Either way, when the details about the back door leak, the system ceases to retain the properties of secure encryption.


> no one said it was a backdoor, though.

That includes the comment you are replying to.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: