> The first potential solution called for providers to add a physical, encrypted port to their devices. Companies would maintain a separate set of keys to unlock devices, using that port only if law enforcement had physical access to a device and obtained a court order to compel the company’s assistance.
Soldering gun and that port is a toast.
> The second approach would exploit companies’ automatic software updates. Under a court order, the company could insert spyware onto targeted customers’ phones or tablets — essentially hacking the device. However, the memo warned, this could “call into question the trustworthiness of established software update channels” and might lead some users to opt out of updates, which would eventually leave their devices less secure.
It could be done even today. And I would not be surprised if we haven't already some FISA mandated app updates.
> A third idea described splitting up encryption keys, a possibility floated by National Security Agency director Michael S. Rogers earlier this year. That would require companies to create a way to unlock encrypted content, but divide the key into several pieces — to be combined only under court order. Exactly how this would work remains unclear, but the memo warned that such a system would be “complex to implement and maintain.”
So straight backdoor. While workable for apple, not really suitable for android. And we have the golden key as the mother lode of all cyber criminal activity in the world.
> Under the final approach, which officials called a “forced backup,” companies under court order would be required to upload data stored on an encrypted device to an unencrypted location.
Adava Decrypta or any other magical spell?
If companies hold any way to decrypt the content, then it is not encrypted. if they don't, what is expected from them is magic.
Soldering gun and that port is a toast.
> The second approach would exploit companies’ automatic software updates. Under a court order, the company could insert spyware onto targeted customers’ phones or tablets — essentially hacking the device. However, the memo warned, this could “call into question the trustworthiness of established software update channels” and might lead some users to opt out of updates, which would eventually leave their devices less secure.
It could be done even today. And I would not be surprised if we haven't already some FISA mandated app updates.
> A third idea described splitting up encryption keys, a possibility floated by National Security Agency director Michael S. Rogers earlier this year. That would require companies to create a way to unlock encrypted content, but divide the key into several pieces — to be combined only under court order. Exactly how this would work remains unclear, but the memo warned that such a system would be “complex to implement and maintain.”
So straight backdoor. While workable for apple, not really suitable for android. And we have the golden key as the mother lode of all cyber criminal activity in the world.
> Under the final approach, which officials called a “forced backup,” companies under court order would be required to upload data stored on an encrypted device to an unencrypted location.
Adava Decrypta or any other magical spell?
If companies hold any way to decrypt the content, then it is not encrypted. if they don't, what is expected from them is magic.