That's why my proposed system doesn't rely on the difficulty of reading write-only chips alone... You need both:

1. Physical access to the device

2. Physical access to the vendor's key storage (this could be extremely difficult if not impossible if the company were responsible - consider an air gapped storage vault)

I still think my system could work if implemented by, say, Apple. You have only shown weaknesses of individual parts, not weaknesses of the entire system.

You, like everyone else who has these ideas every few years when this government overreach bubbles up to the surface again, have made the mistake of believing that first the government is responsible enough to manage this kind of program -- they aren't and never will be, and second that engineering can stop engineering.

If you can make it, someone can break it, and will. And companies are not responsible, that's not how this works.

Also, a "weakness of the individual part" is a break, and the entire system collapses. You're essentially arguing for security by obscurity.

You can argue about "responsibility" all day long, until my credit card information gets stolen, and then you find out it's a meaningless concept with a corporation. Do you have the money to sue Apple? I don't. Or worse, someone gets killed because of their data being stolen. Maybe you live in a privileged world where that doesn't happen, some of the rest the rest of the world doesn't.

If you build a bridge out of concrete with weak rebar, guess what? Bridge falls down, people die. If you build a bridge with shit concrete and great rebar, guess what? Bridge falls down, people die. You've made nearly the perfect analogy for me.

Privacy from the government is something most people want. If the government wants my data, I'm not going to build a system that makes it easier for them to get it.

And finally, you can't ban math. I don't give a fuck who says what, I won't put backdoors in my code, and if someone else does I'll stop using their code and I'll build my own.

Well it's not like you can roll your hardware, software, firmware, etc. You implicitly trust Apple or Google or whoever to keep you secure at some level, so yes, responsibility and reputation matter. Apple pushes back against illegal warrants to keep prying officials from getting into your iPhone.

> Privacy from the government is something most people want. If the government wants my data, I'm not going to build a system that makes it easier for them to get it.

You won't have a choice; Apple will build the system and it will be transparent to you and they will only let the government into your phone if they have a warrant.

> And finally, you can't ban math.

No, but you can make it harder for people to use said math.

That's like saying "you can't ban physics! If you try to ban my automatic weapons I'll just 3d print a part that makes my semi-auto gun full auto!" Well, yes. You can do that, physics won't stop you. Your average person, however, won't do that and everyone is better off as a result.

> I don't give a fuck who says what, I won't put backdoors in my code, and if someone else does I'll stop using their code and I'll build my own.

Well you'll spend the rest of your life living like RMS then because you can't control the whole stack of a phone - it takes millions of man hours to develop and maintain.

Ah so it's an inevitability argument now. You're all over the place.

I don't care if you believe that it's inevitable. I don't, and won't live my life that way. Slavery was inevitable once. The holocaust was inevitable once. People standing up against it stops what weak minds believe inevitable.

And gun parts are machined, not 3d printed for the most part. The laws against it are directly contrary to our Constitution and a lot of people dedicate a lot of time to working against those laws. But even that isn't math -- you simply can't ban math. The files that describe how to machine those parts -- those are readily available all over the world, even where they're banned...

Also, I trust Apple a lot more than I trust the other tech companies, because they've been willing to stand up for the consumer -- other companies don't.

I think it boils down to:

I believe it is possible to design a secure system that complies with warrants while otherwise retaining user privacy; you don't. That's okay.

Before computers existed police could bust down your door with a warrant and search through the files/mail. I don't see why that should change just because we store files/mail digitally now.

It's not a matter of belief. There is fact, which is that a broken system is broken, and there is fiction, which is the belief that a broken system can be only broken when requested to be broken, presumably by somebody with the right credentials.

No one with any credibility in the field of math or CS believes this fiction. In addition, I encrypt my data specifically so that no one can get to it. That includes the government. I don't care what the government thinks they are entitled to with regard to my data.

All systems are broken, then. Even the one-time pad, though mathematically perfect in theory, is flawed in execution as proven by the NSA.

My proposed system in the original post is just as secure as any current scheme.

> No one with any credibility in the field of math or CS believes this fiction. In addition, I encrypt my data specifically so that no one can get to it.

Huh? It's easy to get an individual's data. Don't fool yourself. You are not low hanging fruit in broad attacks, but if a highly skilled group wanted your data, they could easily get it. I would just look at what keyboard you use and swap it with an identical one that has an invisible keylogger in it. Or I would get to know you and your coworkers and do a precise spear phish.

Bam, instantly compromised, no decryption needed.

It's only if you commit a terrorist attack and then commit suicide that I have a hard time getting your data because I can no longer spearphish or keylog you.

A one time pad is not broken by design. Your scheme is.

You can’t get my keyboard, and I don’t answer phishing attacks. This isn't about that -- in fact you're making the argument your broken key management system isn't needed.

No one is immune from spear phishing. No one. A competent spear phisher will compromise one of your coworkers first (maybe even your manager), then target you posing as them. Click a (legit looking) link and you are pwned.

And yeah, I don't know who you are obviously. But if I did and you were my target, I could pwn you easily. Pwning individuals is easy with keyloggers.

Also, my scheme isn't broken by design, you just labelled it as such with no evidence. You never said why it's broken by design. Because it's not.

You’re making my point for me. Since you believe so strongly in social engineering, there’s no need for backdooring crypto algorithms!

You have articulated clearly that you require your proposed system to have a backdoor for the authorities to use to read the traffic. That is the definition of broken by design.

Good day.

You are picking and choosing which parts of my comments you read and are blind to the rest. Backdoors are not "broken by design", that's just another slogan you are chanting.

Also dead people cannot be social engineered.

Good day.