Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

When fighting a security incident, he was hit by Victoria's secret halt.

May 28, 2025

GameStop bought $500 million in Bitcoin

May 28, 2025

Odyssey's new AI model streams 3D interactive worlds

May 28, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    Odyssey's new AI model streams 3D interactive worlds

    May 28, 2025

    Google Photos debuts a redesigned editor using new AI tools

    May 28, 2025

    Family Safety App Life360 adds lost tile trackers a few years after the acquisition

    May 28, 2025

    Context wins $11 million to build an AI-powered office suite

    May 28, 2025

    Discord explores virtual rewards for advertising products preparing for potential IPOs

    May 28, 2025
  • Crypto

    GameStop bought $500 million in Bitcoin

    May 28, 2025

    Vote for the session you want to watch in 2025

    May 26, 2025

    Save $900 + 90% from 2 tickets to destroy 2025 in the last 24 hours

    May 25, 2025

    Only 3 days left to save up to $900 to destroy the 2025 pass

    May 23, 2025

    Starting from up to $900 from Ticep, 90% off +1 in 2025

    May 22, 2025
  • Security

    When fighting a security incident, he was hit by Victoria's secret halt.

    May 28, 2025

    Data broker giant LexisNexis says more than 364,000 personal information has been violated

    May 28, 2025

    Naukri has published the recruiter's email address, researchers say

    May 24, 2025

    Apple CEO reportedly urged the Texas governor to abandon the online child safety bill

    May 23, 2025

    Artemis Seaford and Ion Stoica cover the ethical crisis in their sessions: AI

    May 23, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    Confuse your 2025 agenda: Vote for your favorite session

    May 28, 2025

    Competing with incumbents with linear Christina Cordoba in the session: ai

    May 28, 2025

    We are planning a $100 billion VC fund to invest in startups in Europe and Asia

    May 28, 2025

    Ali Partovi and Russell Kaplan join StrictlyVc Menlo Park

    May 27, 2025

    Rocket Lab Backer's first publication raises $25 million to fund New Zealand's Deep High-Tech Moonshot

    May 27, 2025
TechBrunchTechBrunch

What is an encryption backdoor?

TechBrunchBy TechBrunchFebruary 15, 20256 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


The backdoor talk in encrypted services has been coming back to the round after reports revealed that the UK government is trying to force Apple to provide Icloud end-to-end encryption (E2EE) device backups Masu. Officials were said to be leaning against Apple to create a “backdoor” on a service that would allow state officials to access clear data.

Since passing the 2016 update to state surveillance authority, the UK has had the drastic powers to restrict the use of strong encryption by technology companies. According to a report by the Washington Post, UK officials seek Apple's demand for “blanket” access to data that Icloud Advanced Data Protection (ADP) services are designed to protect from third parties. We use the Investigation Authority Act (IPA) to do so. Party access including Apple itself.

Apple's technical architecture of ADP services is designed so that even the tech giants don't hold encryption keys – thanks to the use of end-to-end encryption (E2EE) – Apple has “zero knowledge” I'll make sure I promise that I'm there. of user data.

Backdoor is a term that is normally deployed to describe secret vulnerabilities inserted into code to enable third parties, bypass security measures or otherwise undermine them. For iCloud, this order will allow UK intelligence agents or law enforcement to access your encrypted data.

The UK government routinely refuses to report notifications issued under the IPA, but security experts weaken the security protections that iPhone manufacturers offer to all users, including those with whom they are located. It warned that such secret orders could have global impact if they were forced to do so. Outside of the UK.

The presence of software vulnerabilities presents a risk that could be exploited by other types of agents. It can also be to deploy hackers or other bad actors who want to access for the creepy purpose of stolen identity theft or trying to get and sell sensitive data, or ransomware.

This may explain why the main phrase used mainly on state-driven attempts to access E2EE is this visual abstraction of the backdoor. Requesting vulnerabilities that are intentionally added to your code makes the trade-offs more clear.

To use an example: With regard to physical doors, in a building, wall, etc., it is never guaranteed that only the property owner or key holder will use that entry point exclusively.

The presence of openings creates access possibilities. For example, someone could get a copy of the key, or even break the door and push his way.

Conclusion: There are no completely selective entrances and exits that exist to allow only certain people to pass. It logically continues that if someone else can enter, someone else might be able to use the door.

The same access risk principle applies to vulnerabilities added to software (or in fact hardware).

The concept of backdoors in Nobody Bry Us has been awakened by security services in the past. This particular type of backdoor is based on an assessment of its technical capabilities to exploit certain vulnerabilities that are usually superior to everything else. Essentially, it's an ostensibly more secure backdoor that only your own agents can access exclusively.

However, in its very nature, technology skills and abilities are a moving feat. Evaluating other unknown technical capabilities is not an accurate science either. The concept of “nobus” is already in a questionable assumption. Third-party access creates the risk of opening fresh vectors for attacks, such as social engineering techniques aimed at targeting people with “authorized” access.

Naturally, many security experts have dismissed Novas as a fundamentally flawed idea. Simply put, access creates risk. Therefore, promoting backdoors is to counter strong security.

But regardless of these clear and current security concerns, the government continues to seek backdoors. So that's why we have to talk about them.

The term “backdoor” also means that such requests can be secret rather than public, just as backdoors are not public entry points. In the case of Apple's iCloud, requests to compromise encryption made under the UK IPA cannot be legally disclosed by the recipient via a “technical competency notification” or TCN. The intent of the law is that such background is a design secret. (It is important to note that leaking TCN details to the press is one mechanism to avoid information blocking, but Apple has not yet published these reports.)

According to rights groups, the Electronic Frontier Foundation was created to allow unknown access to the system, with the term “backdoor” dating back to the 1980s, with backdoors (and “trapdoors”) being used. You have referenced your private account and/or password. However, for many years, the term has been used to label a wide range of attempts to break down, avoid, or compromise effective data security through encryption.

The backdoor is back in the news again, but it's important to note that data access requests go back decades, thanks to the UK chasing Apple's encrypted iCloud backups.

For example, returning to the 1990s, the US National Security Agency (NSA) has a backdoor burned voice message and data with the aim of allowing encrypted services to intercept encrypted communications. We have developed encrypted hardware to process messages. “Clipper Tip” used the Key Escrow system as is known. That is, encryption keys were created and stored to facilitate access to encrypted data if desired by national authorities.

The NSA's attempt to pack tips at baked-in-backdoors failed to have a lack of adoption after a backlash of security and privacy. The Clipper chip is believed to help dismantle cryptographers' efforts to develop and spread strong cryptographic software to protect data against government control.

Clipper chips are also a good example of where attempts to mandate system access have been made public. It is worth noting that backdoors do not necessarily have to be a secret. (In the case of the UK iCloud, the state agents clearly wanted Apple users to gain access without knowing it.)

Additionally, the government has been working to drum public support and pressure service providers to follow data, including claiming that access to E2E is necessary to combat child abuse and terrorism. frequently deploy requests to access. or prevent other heinous crimes.

However, backdoors have a way to come back to bite the creator. For example, China-backed hackers were behind a compromise on federally mandated wiretapping systems last fall. In that case, non-E2EE data (without any data) is highlighting the risk of intentionally burning blanket access points into the system.

Governments should also worry about foreign backdoors creating risks for their citizens and national security.

There have been multiple instances that Chinese hardware and software suspected of having a background for many years. Due to concerns about potential backdoor risk, some countries, including the UK, have taken steps to remove or limit the use of Chinese technology products, such as components used in critical communications infrastructure in recent years. It's now. Fear of backdoors can also be a powerful motivation.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

When fighting a security incident, he was hit by Victoria's secret halt.

May 28, 2025

Data broker giant LexisNexis says more than 364,000 personal information has been violated

May 28, 2025

Naukri has published the recruiter's email address, researchers say

May 24, 2025

Apple CEO reportedly urged the Texas governor to abandon the online child safety bill

May 23, 2025

Artemis Seaford and Ion Stoica cover the ethical crisis in their sessions: AI

May 23, 2025

Mysterious hacking group Careto was run by the Spanish government, sources say

May 23, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

When fighting a security incident, he was hit by Victoria's secret halt.

May 28, 2025

GameStop bought $500 million in Bitcoin

May 28, 2025

Odyssey's new AI model streams 3D interactive worlds

May 28, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.