Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think that the people who want to use encryption should use their own software for encryption, which is separate from the cloud service. (This alone might not do, because you also need to implement other security, but it will be one thing to do.)


You are suggesting people be able to insert an encryption module into other services?

Or that everyone has to constantly manage a non-default set of tools, and deal with all the interoperability issues of all the mish-mashes of choices others make?

Or, ...?

Personally, I cannot see a safe online world that doesn't have hard privacy.

Why not give people easy ways to report "very bad behavior" online, to authorities that build up a reputation of responding responsibly. Including bounties for the most egregious stuff.

Then every recipient of anything rotten becomes a honeypot for the criminals.

Breaking everyone's privacy is going to attract every nefarious and security conscious actor in the world to the buffet. Every state actor, "good" or "bad" is going to want to have access to everything that can theoretically be accessed. Worst possible kind of honeypot.


Remember software can be banned or regulated via export control.


Exactly. Just like the pirate bay.


That ban seems to be incredibly toothless considering a simple DNS/IP change can bypass it.


And this whole situation just reinforces the fact that relying on a provider's encryption means trusting that they won't be forced to weaken it later


at least Apple should provide a way of inserting a module to encrypt decrypt files. and say, we just store the bytes user provide us.


This is the issue. If you encrypt your own, then the software will not be able to use it as it's not a file it expects. So all of the software that you want to use your encrypted files will need to have this type of module.

At that point, I feel like we've opened pandora's box. If every single app had to be able to decrypt/encrypt with your personal key, we just know someone will roll their own and fuck it up for everyone else.


It depends on where you put that module.

In NT you can have modules that sit between various operations on the file system. It’s how AV works without having to hook into every single application that reads and writes from storage.

There’s no technical reason why this kind of approach couldn’t be applied by Apple for encryption. But it would require relinquishing some control over their platform, so it would never happen.


Microsoft gets that excuse, because it lets you run anything at all on your computer. Apple doesn't, because it only lets you run things approved by Apple. Instead of "why did you make this encryption system we can't break into? Trillion dollar fine!" it'd be "why did you let XYZ Corp install this encryption system we can't break into? Trillion dollar fine!"




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: