The government wants to add a back door key for smartphone encryption, but doing so could be disastrous.

The encryption that secures your phone doesn’t come with a backup key. That may make you nervous if you’re prone to forgetting your passcodes — but it makes many law-enforcement and national-security types even more anxious when they contemplate permanently losing access to valuable evidence.

They use the phrase “going dark” to describe the spread of hardware and software that can only be unlocked by their owners — even if a court orders the companies behind those products to allow police access.

Privacy advocates, however, see “strong crypto” — without any extra keys or back doors — as vital when both commercial and government attackers may want into your devices and the immense stores of data on them.

Meanwhile, companies like Apple (AAPL) and Google (GOOG, GOOGL) increasingly treat strong encryption as a standard feature. As this debate escalates — and as many observers think the Trump administration may try to move a bill mandating what’s sometimes called “exceptional access” — they continue to ship encrypted devices and apps that can’t be whisked out of existence by any such bill.

A new twist on the Apple-FBI fight

The encryption argument got its most public airing two years ago, when the Federal Bureau of Investigation went to court to compel Apple to write special software to disable the lockout system on an iPhone 5c used by one of the San Bernardino shooters.

But a final ruling never came, because the FBI dropped the case after saying it had “successfully accessed” that iPhone’s data. Subsequent reports pointed to the bureau hiring the services of an Israeli mobile-security firm, Cellebrite, that exploited a vulnerability in Apple’s iOS operating system.

In March, however, the Justice Department’s Office of the Inspector General issued a report suggesting the FBI hadn’t tried too hard to get into that iPhone.

That report found some FBI employees seemed more anxious to set a court precedent of requiring manufacturers to let in police than to get the San Bernardino shooter’s phone unlocked. It quotes the head of one FBI office voicing his disappointment that another had hired a contractor to hack the iPhone: “Why did you do that for?”

“What we saw was a breakdown of the FBI’s argument,” explained Robyn Greene, policy counsel and government affairs lead at New America’s Open Technology Institute. “You can hack into every version of an iPhone; why do you need to back-door it?”

The biggest secret in phone unlocking in years: GrayKey

Two weeks ago, Vice’s Motherboard tech-news site revealed that one iPhone-unlocking tool — a device offered by Atlanta-based GrayShift called GrayKey — was far more widely used than even the OIG report implied.

Details had surfaced about this apparatus in earlier reports by Forbes and the security firm MalwareBytes, but reporter Joseph Cox found that numerous federal, state and local law-enforcement agencies regularly used GrayKey.

GrayKey works, MalwareBytes reported, by trying different passcodes until one works—somehow without invoking the self-defense feature that causes an iPhone to wipe its storage irreversibly after 10 incorrect tries.

GrayKey’s effectiveness and wide use surprised people on both sides of this issue, who are still trying to figure out how it works and how many other such tools might exist.

“It’s hard to know whether there are other undisclosed tools like it,” said Jamil Jaffer, head of George Mason University’s National Security Institute and an advocate of preserving law-enforcement access to encryption.

Andrew Blaich, head of device intelligence at the mobile-security firm Lookout, suggested that market forces alone ensure that more GrayKey-like tools will be built.

GrayShift has since provided its own unintentional warning of the risks of leaving back doors open: After a customer left some of its interface code exposed on the web, unknown hackers downloaded it and demanded a ransom of two Bitcoin. GrayShift doesn’t seem to have paid up.

Congress complicates this

The Trump administration has been more vocal about encryption than Obama’s. “I think the administration is increasingly getting spun up and looking for ways to address this problem,” Jaffer said. Last month, the New York Times reported that the White House was considering pushing for legislation mandating law-enforcement access to encrypted devices.