336
submitted 1 year ago by Raisin8659@monyet.cc to c/privacy@lemmy.ml

Summary

The UK Parliament has passed the Online Safety Bill (OSB), claiming it will enhance online safety but actually leading to increased censorship and surveillance. The bill grants the government the authority to compel tech companies to scan all user data, including encrypted messages, to detect child abuse content, effectively creating a backdoor. This jeopardizes privacy and security for everyone. The bill also mandates the removal of content deemed inappropriate for children, potentially resulting in politicized censorship decisions. Age-verification systems may infringe on anonymity and free speech. The implications of how these powers will be used are a cause for concern, with the possibility that encrypted services may withdraw from the UK if their users' security is compromised.

top 40 comments
sorted by: hot top controversial new old
[-] simple@lemm.ee 52 points 1 year ago

This would affect even messages and files that are end-to-end encrypted to protect user privacy.

But how would they even enforce that? It's E2E, and I doubt anyone would add backdoors to every app, website, and service that uses it.

[-] leraje@lemmy.blahaj.zone 83 points 1 year ago

They won't need to. Signal, WhatsApp, Session and iMessage (Apple) have already said they'll withdraw their products from the UK market. Meta are making similar noises regarding Facebook Messenger.

[-] WhatAmLemmy@lemmy.world 33 points 1 year ago

Not if all of 5 eyes rush through similar legislation in the next year. Then big tech will cave.

[-] leraje@lemmy.blahaj.zone 11 points 1 year ago

The current state of the legislation is this: the gvmt started out by saying "you must do this", then when it finally sunk in that it wasn't technically possible right now, they then said "OK, we get its not possible right now. As soon as it is, you must do this."

Some people have said 'no problem, its never going to be possible to break encryption'. This is not accurate. When quantum processing becomes a reality, which is realistically not too far away now, encryption will be trivial to crack. That's the point the rest of the world need to worry because you're right, every other gvmt in the world will follow the UK's lead.

[-] PupBiru@kbin.social 19 points 1 year ago

we have plenty of solutions to this though… we have quantum-safe encryption

afaik how these work is that currently cracking encryption is CPU-bound (takes a lot of CPU resources to find the key) which quantum can do much faster… there are classes of encryption that are RAM-bound though, which mean that quantum still can’t crack them because it doesn’t give us huge amounts of storage

[-] rutrum@lm.paradisus.day 12 points 1 year ago

On the tangent of quantum factorization, I feel like a reality of modern encryption at risk is still very slim. At least if the wiki article is anything to go by. I think we are sooner to have backdoors in encryption algorithms than we are quantum messing everything up.

[-] leraje@lemmy.blahaj.zone 2 points 1 year ago
[-] kitonthenet@kbin.social 7 points 1 year ago
[-] leraje@lemmy.blahaj.zone 2 points 1 year ago

This is very good news, I've never been more happy to be wrong.

[-] Syntha@sh.itjust.works 2 points 1 year ago

Most applications, like your internet traffic, aren't using public key encryption.

[-] jaybone@lemmy.world 2 points 1 year ago

Doesn’t an https website use a public key?

[-] LollerCorleone@kbin.social 10 points 1 year ago

Signal is already making some progress on building protections against the use of quantum computers to break its encryption https://signal.org/blog/pqxdh/

[-] MalReynolds@slrpnk.net 5 points 1 year ago

No sale. Most encryption algorithms in use today are already quantum resistant and there are a bunch of stronger ones waiting in the wings. Basically a solved problem. Stuff the NSA already harvested years ago, not so much.

[-] miss_brainfart@lemmy.ml 8 points 1 year ago

The EU will vote on chat control next week, if I'm not mistaken.

This bullshit is completely incompatible with many member states' laws, so if this goes through, I will lose all the trust I somehow still had.

How they can propose severely pro- and anti-consumer laws at the same time is genuinely disturbing.

[-] uriel238@lemmy.blahaj.zone 5 points 1 year ago

The California Age-appropriate Design bill just got Julius Caesared by Federal Judge Beth Labson Freeman. I dont know what the process is to prevent Parliament from doing things that are really stupid in the UK, but the same forces obsessing on kids on the internet sponsored both bills.

It might be a Tory infestation. Or at least a Baroness Beeban Kidron infestation. Another person with too much money behaving like a toddler with a handgun.

[-] Maeve@kbin.social 1 points 1 year ago

Yes, I’m wondering how much pressure USA exerted do they could claim it’s nothing to do with them.

[-] LoafyLemon@kbin.social 1 points 1 year ago

For all our sake, I hope you're wrong.

[-] Maeve@kbin.social 4 points 1 year ago

Personally, I don’t trust or use anything Meta because I very well recall what Zuck said when fb was still university only.

[-] Extrasvhx9he@lemmy.today 4 points 1 year ago

Bet they'll try to come up with their own "private" messenger as an alternative too for the public

[-] Godort@lemm.ee 32 points 1 year ago

I suspect that the UK will just say "either you add the backdoor or you don't operate here"

Which from a cynical perspective is just an easy check for hackers to see if a particular target is vulnerable by seeing if they're allowed to operate in the UK

[-] cheese_greater@lemmy.world 11 points 1 year ago* (last edited 1 year ago)

I mean, kinda sounds like the companies beat it to the punch or are threatening to. Which is the real path forward. Buh-bye Whatsapp and Signal disappearing and fully encrypted messages you parliamentarians and government folks are so fond of to avoid public transparency and "priveleged" info. They will last 5 seconds before the bill is scrapped.

Regarding iMessage, I believe they are honestly safer and better off without out it. Fight me(!), aha

[-] adespoton@lemmy.ca 4 points 1 year ago

Of course, what this means in reality is that all Brits will start using VPNs all the time, so they can get their secure apps from international app stores.

At that point everyone has plausible deniability and the security theatre is complete.

[-] Maeve@kbin.social 1 points 1 year ago

I’m wondering what, if any, effect this win have on the royals?

[-] cheese_greater@lemmy.world 1 points 1 year ago

Can you imagine if Prince Andrew ever got busted for CSAM? Oh my God, [chef's kiss]

[-] Maeve@kbin.social 1 points 1 year ago

I’m wondering if they’d Jimmy Savile it. Yes, it.

[-] ono@lemmy.ca 26 points 1 year ago* (last edited 1 year ago)

They don't need to backdoor end-to-end encryption when they can instead snoop at the endpoints (e.g. the apps).

Governments can force service providers to either do that or no longer operate in their jurisdiction.

This won't stop especially knowledgeable people (including criminals) from using encrypted comms, but it will make it much harder to access for everyone else, thereby robbing the general population of an essential safety tool, among other things. It's terrible for democracy and dangerous to vulnerable populations. The article is worth reading.

[-] HumanPerson@sh.itjust.works 6 points 1 year ago

You mean you didn’t hear about that new encryption standard that keeps your data completely private from everyone except for the good guys?

[-] AnUnusualRelic@lemmy.world 3 points 1 year ago

Double Rot-13? I hear it's state of the art.

[-] Maeve@kbin.social 2 points 1 year ago

They may or not, but would it be just UK downloads when it’s easier and cheaper to do it across the platform?

[-] Eggyhead@artemis.camp 45 points 1 year ago

Well, I hope we get a list of businesses that comply so hopefully I can just uninstall those.

[-] AnonTwo@kbin.social 45 points 1 year ago

Can only hope most products choose to leave the UK rather than go with this.

[-] Powerpoint@lemmy.ca 34 points 1 year ago

The UK really is closed for business

[-] echodot@feddit.uk 20 points 1 year ago* (last edited 1 year ago)

The conservatives are pretty bad at the best of times but the last 5 or 6 years they've been utterly appalling.

[-] drekly@lemmy.world 25 points 1 year ago

Fuck I thought this got put off?

[-] Teppic@kbin.social 3 points 1 year ago

Well they've conceded aspects are not technically possible - but why let a trivial little details like that get in the way? (/s)

[-] makeasnek@lemmy.ml 10 points 1 year ago
[-] LoafyLemon@kbin.social 9 points 1 year ago

Just fabulous! I absolutely can't wait for Facebook and the gang to graciously remove their apps from the stores. It's not like I rely on services like WhatsApp for daily communication or anything. But honestly, who wouldn't want Rishi Sunak to have a front-row seat to all our messages? It's like a dream come true, really.

[-] possiblylinux127@lemmy.zip 4 points 1 year ago

This is why I hesitate to store my data in a foreign country. The US has lots of problems but at least I get a vote here

[-] Kuori@hexbear.net 15 points 1 year ago

help, i keep voting against the nsa but it still exists??

[-] MonkderZweite@feddit.ch 1 points 1 year ago

Now a Safe Harbour / Privacy Shield for UK, because they can't provide a comparable level of privacy.

this post was submitted on 19 Sep 2023
336 points (99.1% liked)

Privacy

31974 readers
200 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS