End-to-end encryption is useless without endpoint security, i.e. security of the device you're using. As far as I can tell, all new chips have something like the Intel Management Engine, which allows out-of-band access to the device. It takes about 6 lines of VHDL to modify a CPU so that if it receives a specific combination of instructions, it will transition to ring 0. That could even be added to the microcode so you wouldn't even be able to find it with a microscope. That essentially means if someone knew the right combination of instructions, a simple javascript expression could give you kernel level access to the machine.
Despite how troubling this is, I have trouble accepting that end-to-end encryption is useless. It still offers significant protection from being monitored even if that protection can be theoretically circumvented by lower level methods.
+1 You're absolutely right; I really just meant to say that it could be circumvented by specific parties. We absolutely do need end-to-end encryption everywhere to protect information while in transit. But if someone is worried about a tyrannical government, then end-to-end encryption may not solve that person's problem.
Maybe we could use parts from different governments to check each other. ARM CPUs are available from US-controlled sources and China-controlled sources. An Intel ARM CPU and an Allwinner ARM CPU, run in lockstep with comparators checking the bus transactions, could be useful.
Two different vendors' CPUs running in lockstep won't have their buses equal each other anyway, due to differences in implementation. Even more so, you have to have different code for a Allwinner vs an Intel ARM CPU, since they have different memory-mappings, peripherals, etc.
> End-to-end encryption is useless without endpoint security
No, not in a practical sense. Securing data in transit and at rest drgrades the value of breaking endpoint security, and it degrades the value of massive internet snooping.
Breaking endpoint security, one machine at a time, and exfiltrating data, is vastly riskier than hoovering it up from the backbone. It is more likely to be noticed, and the exfiltration traced. It doesn't scale well.
Endpoint security sucks now, but if people, governments, and enterprises find out data being exfiltrated from their machines, the demand for secure hardware will increase.
This doesn't affect interception. It affects one end of the two-party comms saying, "Hm, there is suspicious traffic on my network. Let me report that". Think about if you had a business whose network was constantly attacked by an adversary, doing harm to your business. Under this law, you can share that data (in anonymized format) with the govt and with industry partners.
Whether that's good or bad can be debated, but we're talking about endpoints giving up data, not necessarily ISPs snooping and reporting badness.
You can't do that. End-to-end encryption only applies to private data or p2p communication. Anything p2p wouldn't even be covered by CISA since it's for network operators. If I make a post to HN it has to be decrypted for anyone else to read it. Financial transactions all need to be shared with banks. Banks can't read your balance unless they can decrypt.
End to end encryption prevents anyone except for your intended recipient from reading it, or making changes. This is about increasing the resources required for mass surveillance. To make a copy of all unencrypted traffic going through an ISP takes very little resources. Keeping a copy of all encrypted traffic, and unencrypting it to make it useful takes much more time and resources.
You're talking about encryption over the wire like HTTPS which already widespread. CISA is about data within a private network meaning it's probably already been decrypted. When people talk about end-to-end encryption they mean even network operators can't see it.
It's the only way to keep government and politicians honest.
Of course they are working on inventing reasons to make that illegal too.