Got a van Moof bike? Worried that you might not be able to unlock it if the company goes bust completely (it relies on their servers to unlock the bike). Fear not, have an open source tool to unlock your bike https://github.com/grossartig/vanmoof-encryption-key-exporter
@FlorianTischner @bjoern oh. That's useful to know. How would you handle this sort of problem ?
Mandate handling out the keys to the customer at time of purchase. Mandate open APIs. Mandate being able to set the server the bike communicates with to a URL of the customers choice.
Any of those three. Mandating key escrow would severely weaken encryption against the state, as it is an obvious target for both covert (secret services) and open (police) surveillance, and an obvious high value target for adversaries.
@FlorianTischner @bjoern that makes perfect sense. I stand very corrected. Thank you.
Glad to be of service. :)
If you want to dig deeper, the EFF maintains an archive: https://w2.eff.org/Privacy/Key_escrow/
@quixoticgeek
@bjoern
The last thing you want to establish is key escrow. We fought damn hard to not have it.