Linked: The Myth of Consumer-Grade Security
Bruce is right on here:
“In his keynote address at the International Conference on Cybersecurity, Attorney General William Barr argued that companies should weaken encryption systems to gain access to consumer devices for criminal investigations. Barr repeated a common fallacy about a difference between military-grade encryption and consumer encryption: “After all, we are not talking about protecting the nation’s nuclear launch codes. Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations. We are talking about consumer products and services such as messaging, smart phones, e-mail, and voice and data applications.”
The thing is, that distinction between military and consumer products largely doesn’t exist. All of those “consumer products” Barr wants access to are used by government officials — heads of state, legislators, judges, military commanders and everyone else — worldwide. They’re used by election officials, police at all levels, nuclear power plant operators, CEOs and human rights activists. They’re critical to national security as well as personal security.”
In the age of BYOD, there is no difference between consumer tech and business tech, or government tech, etc. If you run a business, your “private” business information is on consumer devices. If you work in the government, the same.
And that’s why allowing a backdoor into “just” consumer devices is such a bad idea.
https://www.schneier.com/blog/archives/2019/08/the_myth_of_con.html
