undefined | Better HN

0 pointsxg154y ago0 comments

You could make that same argument in favour of the e2e backdoor: "The risk of child groomers, terrorists etc running rampant is far greater than the risk of a few chats getting leaked."

At the very least, this would need some quantification of risk: Probability and impact of keys getting leaked vs probability and impact of not installing a backdoor.

0 comments

1 comments · 1 top-level

progval4y ago

> At the very least, this would need some quantification of risk

Yes, of course.

And in the case of autoupdates:

1. the risk of finding a RCE in any random PC within the next few years is close to 100%

2. an unpatched RCE is strictly worse than a backdoor

3. how many computers won't be patched without forced autoupdates?

In the case of e2ee, I'm afraid it's much harder to quantify, though.

j / k navigate · click thread line to collapse