The government continues to press the tech sector to give them “golden” keys that they can use to decrypt our communications. One of the main arguments against these proposals is that they will inevitably be compromised and make us less safe.
Now we have a dramatic demonstration of just that. In locksmithing, golden keys are called master keys because they can be used to open many different locks. A few years ago when the TSA was merely annoying they persuaded luggage manufacturers and travelers to use locks for which the TSA had master keys. Recently, the TSA allowed the Washington Post to take a picture of the keys. But once you have a picture of a key it’s trivial to make a copy (and, indeed, that has already happened) so now no one’s baggage is safe from, say, a dishonest baggage handler1.
Does anyone doubt that some equally incompetent government agent will similarly reveal the golden keys that the FBI so fervently desires? If you do, how much do you think criminals or unfriendly nation states would be willing to pay for those keys? As Bruce Schneier says in the post linked above, the problem with backdoors, whether cryptographic or physical, is that they’re fragile.
Footnotes:
Matt Blaze’s point about the safety of these locks
As a practical matter, the photos of the TSA keys isn't such a big deal. Using a key is actually *slower* than picking those locks.
— matt blaze (@mattblaze) September 8, 2015
is beside the point. What matters here is that the government asked for special access and then was careless with safeguarding it.