Why Government Mandated Backdoors put us all at Risk

Published Jun 23, 2017 by Xiph

In a previous blog “CITIZENS NOT SUSPECTS” I emphasised the security vulnerabilities surrounding metadata, and how the government wanted major telecommunication companies, such as Telstra to keep all their metadata so law enforcement could access it on demand. I also mentioned how I felt it couldn’t get any worse; however, I was wrong.

Why Government Mandated Backdoors put us all at Risk

In a previous blog “CITIZENS NOT SUSPECTS” I emphasised the security vulnerabilities surrounding metadata, and how the government wanted major telecommunication companies, such as Telstra to keep all their metadata so law enforcement could access it on demand. I also mentioned how I felt it couldn’t get any worse; however, I was wrong.

The term “backdoor” is commonly used by Coders and people who understand coding or you could refer to the academic term “exceptional access mechanisms”. It’s a way to bypass security measures such as encryption without actually having to know any of the access details, in easy to understand terms it’s the same as locking your front door and leaving your back door wide open, allowing anyone who looks to walk in.

The real question is who is actually at risk and who will it impact the most? the answer to that is fairly simple, all of us. Everyone from the casual internet user through to big corporations will be affected by this if it does ever pass, any data online that has some sort of security measure will become vulnerable to anyone who has the knowledge and skill to access it. Businesses private data such as clients credit card details will also be at threat and never truly be safe.

This would also have a strong affect on Encryption and Tech businesses, if you had highly sensitive data that you wanted to protect would you buy from a country that allows backdoors into their encryption software, or would you buy from a different country who didn’t have a vulnerability such as a backdoor in their encryption software?

In fact, HTTPS:// connection, this is a form of encryption, most people would use encryption in their normal everyday lives and not even realise.

The reason this was proposed was because law enforcement agencies primarily in the US, were arguing that it was needed so they could hunt down the “bad guys”, US law enforcement also continued to say that this wouldn’t have any impact on the general public’s privacy, if you weren’t a criminal then you’d be okay, let’s face facts, the government doesn’t exactly have the best track record on not misusing information like this (citizens not suspects), so how can we trust them now?

At the point of me writing this blog and informing you of this information, this hasn’t been passed as of yet, this doesn’t mean it won’t become a reality. It was initially proposed 22 years ago and was shut down then, it was proposed again, still with no success but as technology develops, law enforcement and the government find new ways to gather major amounts of data, once that happens we can only assume they will make their third proposal, the third attempt could get approved faster than the other two got shut down.


Posted in: Security