> The messaging company can embed the police's encryption key in the app but not have possession of the corresponding decryption key.

Once three people have access to a secret, it isn’t secret anymore. Once hundreds of thousands of police officers have access to the private key, it will leak, and everyone will be able to read these messages.

> it will leak, and everyone will be able to read these messages.

Again, do you see how this is not a technical argument? It might be a good argument. But its not an argument about the math or the computer science. "We can't trust the police" is a social argument, not a technical argument. A math or CS degree will not help you understand this argument.

Anyway, why would the decryption key be in the hands of "hundreds of thousands of police officers"? Especially when the decryption key itself is useless without access to the encrypted messages themselves. If this were implemented, its much more likely that the police would build themselves a web portal or something through which they could access people's WhatsApp messaging logs. The crypto could all be handled on the data portal backend.

A much stronger argument against this sort of thing is the governmental slippery slope argument. If the UK police gains capabilities like this, you bet every other country will (reasonably) demand similar access. Apple / Meta would have to decide which police / security departments to work with, and thats a very complex problem. Who do you trust? Hungary? Bulgaria? Russia? Iran? Egypt? China? Brazil? Where, exactly, is the line? And should access be revoked after a coup, like in Niger?

Its much easier to just refuse all governmental cooperation. It protects your brand. And makes it much simpler to justify refusing access to police departments who you don't trust.

"This security scheme wouldn't work because of these social factors" _is_ a technical argument. Security is very specifically about making sure the right people have access to a resource and the wrong people don't. Social aspects are inherent in this. Therefore, in the context of security, social arguments are technical arguments.

Arguing that the myriad local police departments of the United States in particular do not have the security posture required to keep access to a data portal secure is a technical argument against government-backdoor encryption.

The article describes “type 3” bad ideas like demands to work out new mathematics:

> “Work it out” is generally a demand to invent new mathematics, but sadly, mathematics doesn’t work like that.

E2E + a backdoor for a particular police department isn’t the sort of bad idea that requires new mathematics.

The example is

> For the last 25 years, engineers have said ‘we can make it secure, or we can let law enforcement have access, but that means the Chinese can get in too” and politicians reply “no, make secure but not for people we like”.

Insecure police departments will inevitably leak the backdoor keys. It's not possible to limit who can use decryption keys based on who they are and not just possession of the keys under our current understanding of how encryption works. If you assume that the police will never leak keys then sure it's easy. But arguing about whether or not social factors like police department computer security is good enough to safely store keys is a technical argument about this technical problem.

Thanks for trying so hard here.

It's quite depressing how many people here don't seem able to deconflate "I don't believe police can be trusted with this power" from "it is mathematically impossible to give it to them".

This is a nice clear example of how experts talk themselves into lying to the public for the greater good, as we saw so often in the past :(