262
UK passes "online safety" bill making end-to-end encryption impossible
(www.reuters.com)
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
Cant you just make a keyboard app that encrypts it for the recipient while you type it? Will they even ban that?
Like this one https://github.com/amnesica/KryptEY?
Yes, like that, thanks for it. was thinking about something that captures the screen and uses OCR to take the encrypted text and then decrypts it. But that would be complicated and would need to be adapted for every app
There are logistical problems with that. Such as how you plan to get the key out to recipients.
When someone wants to start a conversation they send their public key unencrypted (no need for it to be encrypted) and then you send your public key It will be one more message but the keyboard could have some sort of "profiles" for every persons public key, that you could select (This is just an idea, I have no coding experience)
Okay, but how do you then make sure that key isn't intercepted? Anyone who has the key can read your messages
They are talking about asymmetric encryption which has a keypair, private key (kept secret only by the owner) and a public key that is used by everyone that would send them a message. You can’t decrypt the message with the public key when it is encrypted using the public key, you must use the private key to decrypt it.
Ah, I missed the public key part.
That is true, you could do that
http://pgp.mit.edu/
Yeah, they're a bit cart ahead of horse on that one.
No they won't. The bill is against social media companies, not your own encryption measures. Where the line exactly falls between hand-coding your own cypher; using good old PGP; using an app to encrypt but sending via a separate service; using an e2ee messaging app+service; being on a community/group-focused e2ee service; normal unencrypted-on-server social media... Going by the Reuters article (I haven't read the actual bill) it seems mostly aimed at main social media platforms, with a to-be-explored relationship with private messages.