Now California wants to prevent the sale of smartphones that cannot be decrypted on demand by a carrier, or operating system provider. Bill AB1681 adds onto the kill switch law that already exists in California. It is forcing a level of control over personal devices that is very, very Orwellian in context and in execution. This knee jerk reaction is fueled by fear and ignorance of the way technology, law enforcement and the legal system work.
Anyone working in digital forensics knows that you can break into a smartphone with the right (and registered) tools. They are intended to be used by professionals when a warrant is put in place. Having a massive back door in a device opens them up to malware and compromise on an epic scale. We have already seen this happen with existing encryption standards. In 2015 we lost SSL v3.0 along with TLS 1.0, 1.1 and 1.2. These fell because of flaws in the standards that were linked to NSA input. Having these built-in flaws or backdoors at the OS level is just plain stupid.
We sincerely hope that this bill backfires so badly that the people responsible end up without a job come next election. The time really is here to get some truly tech savvy people in legislative branches of government before they hurt someone.