No Backdoors

Voice of the DBA - A podcast by Steve Jones

Categories:

Every once in awhile I hear about someone in law enforcement sure that tech people can build in a safe, secure way for data to be unencrypted by the company or vendor. The latest appears to be from Australia, where the Security Intelligence Organization wants tech companies to build this into products. Backdoors never work. Anytime an encryption key is stored, it could be stolen. We see this all the time. Keys are just data, and companies lose data all the time. At scale. Governments are certainly not immune from this. One of the reasons that Azure allows a BYOK (bring your own key) for encryption mechanisms is that many organizations don't want to trust Microsoft to store their keys. I'm guessing Microsoft doesn't want the liability, either. Read the rest of No Backdoors