Re: Colour me surprised
No. Not a technical weakness. The symmetric key remains encrypted, buy you now have a choice of two public keys to decrypt it. Brute forcing either is impractical, so no technical weakness is created.
It is clearly still "end-to-end" encrypted, as the message it encrypted on device A and not decrypted until it's read on device B.
There is clearly an ability for a third-party to decrypt - that's the point - but it's not a technical weakness. Let's be clear, I'm not advocating this system and I am not keen to allow Amber Rudd to read my messages, but criticising he on the grounds of "it can't be done, technically" is incorrect.
But if you know better, please explain in detail why this is the case - as I just aded to my post, this method is used by PGP amongst others, so I'm sure they would be delighted to hear your analysis.
Biting the hand that feeds IT
