224
all 35 comments
sorted by: hot top controversial new old
[-] davel@lemmy.ml 84 points 1 year ago* (last edited 1 year ago)

This kind of legislation fundamentally misunderstands how easy it is for bad people to build their own end-to-end encryption layers on top of other messaging systems.

This person is mistakenly taking the justifications for these laws at face value. These governments aren’t trying to thwart bad actors, they’re trying to control their entire population. To point out that scofflaws can circumvent the laws is to misunderstand their true purpose.

[-] Deckweiss@lemmy.world 10 points 1 year ago* (last edited 1 year ago)

https://balkaninsight.com/2023/09/25/who-benefits-inside-the-eus-fight-over-scanning-for-child-sex-content

Independent report, which has been posted before. It doesn't even seem to be as deep as controlling the population, rather they just take big US tech money in exchange for pushing these laws.

[-] davel@lemmy.ml 11 points 1 year ago

As an old nerd I’ve lived through previous battles in the crypto wars.

[-] davel@lemmy.ml 7 points 1 year ago

Often that US tech money comes from peculiar places, like In-Q-Tel, for example.

[-] Ferk@lemmy.ml 2 points 1 year ago* (last edited 1 year ago)

Wouldn't it be easier and more direct to simply impose a tax to those external big tech services?

I don't understand why using protection against "bad actors" as an excuse is necessary at all if getting money from big tech were the ultimate goal. A lot of people within the EU would happily support such a tax targeting big US companies, it's the privacy problems what we are pushing against, not the fees. So I'd expect a more direct and honest fee for external companies making business within the EU would be easier to pass if that were what they actually wanted, wouldn't it?

[-] Deckweiss@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

Tax goes to the government account, politicians don't profit from it as they have determined wages. Lobbying money goes to multiple individuals pockets. So the individuals need to convince the whole parlament that a certain law is good, then they get paid. Thats why they lie.

[-] cobra89@beehaw.org 8 points 1 year ago

And yet it's still important to strike down their bullshit reasoning so that normies can see the argument for what it truly is.

[-] merde@sh.itjust.works 33 points 1 year ago

Various lawmakers in different countries are proposing to require messaging services to provide a mechanism for law enforcement to decrypt end-to-end encrypted messages. This kind of legislation fundamentally misunderstands how easy it is for bad people to build their own end-to-end encryption layers on top of other messaging systems.

Requiring Signal, WhatsApp, and so on to introduce vulnerabilities into their products does not make life much harder for criminals. Criminals can easily build or buy an extra layer of encryption on top and exchange messages that can't be decrypted.

It does make everyone else less safe. If a backdoor exists and is usable by authorised people, it will eventually be exploited and used by malicious people.

This repository contains a trivial demonstration of this. 👉

[-] davel@lemmy.ml 10 points 1 year ago

It does make everyone else less safe.

This is all the evidence one should need that these laws are about control, not safety.

[-] Gabu@lemmy.world 2 points 1 year ago

It's the age old political weapon of saying "but think of the children" before doing something horrible.

[-] rtxn@lemmy.world 16 points 1 year ago* (last edited 1 year ago)

I haven't read the article, but I'm going to guess that it describes a form of encrypted tunnel with pre-shared keys that operates over any text messaging app and is trivial to implement.

In the world of tech illiterates, the script kid is a seasoned cybercriminal.

[-] library_napper@monyet.cc 12 points 1 year ago

I don't think anyone thinks that e2ee bans prevent people from using e2ee. What it does is force companies in their jurisdiction to install a backdoor

It is entirely plausible and it will make many people (who dont migrate to secure service providers) loose security and privacy.

[-] NuXCOM_90Percent@lemmy.zip 11 points 1 year ago

I am glad you had fun writing that blog post but, for any purpose that matters: Yes, it is possible. And we are already seeing the pathway to it

  1. Increasingly build a narrative that encrypted communication is for CSAM. The tor crowd are already doing a good job of providing fuel for this.
  2. Argue "terrorism" for the rest. "Fortunately" people have realized the mess in Israel/Palestine is a lot more complicated, but it is only a matter of time
  3. Strongly pressure/incentivize the major app/social media companies either disable it at the app level or maintain internal keys to decrypt messages (effectively disabling it)

End result? Only "tech savvy" people will know how to set up their own entirely parallel "internets" (similar to tor). And then the phone and OS app stores increasingly lock down on third party apps for "security". Hell, I can even see a world where Redhat and Ubuntu strongly discourage these tools from being allowed in any official repositories because they want the government contracts for their premium OSes.

Will e2e truly be "banned"? No. But the only people doing it have insanely janky phones and linux.users with laptops. Which means it is nigh useless for the vast majority of whistleblowers and that "secretly being gay or a woman" becomes a huge mess where the vast majority of people will never understand how to protect themselves.

[-] minnix@lemux.minnix.dev 5 points 1 year ago

I am glad you had fun writing that blog post

Who are you talking to?

[-] Starglasses@lemmy.blahaj.zone 10 points 1 year ago* (last edited 1 year ago)

It sounds like they are talking to the person who wrote the blog post. The author of the blog post that was posted.

[-] spacecowboy@sh.itjust.works 7 points 1 year ago

How do you know such things? Tell us your secrets.

[-] rikudou 1 points 1 year ago

That's way more paranoid than you should, really. The only thing that changes is that Signal etc. will have to officially stop offering their product here. Would be a shame if you could just install one apk file.

[-] lemming741@lemmy.world 11 points 1 year ago

Languages

Hack 99.1% Other 0.9%

Fukin lol

[-] phase@lemmy.8th.world 10 points 1 year ago

I find this article more complex than it should. For me the logic is more basic:

You want to ban encryption? So no https so no banking online.

[-] chahk@beehaw.org 7 points 1 year ago

They don't want to outright ban encryption. They want to force communication providers to build in backdoors. And not tell you about them.

[-] phase@lemmy.8th.world 4 points 1 year ago

Banking regulation is going to freak out with this. Tracking this risk which has to be kept hidden can only be fun.

[-] penquin@lemm.ee 9 points 1 year ago

Can't bad actors just create their own messaging app and their own encryption methods?

[-] umami_wasbi@lemmy.ml 7 points 1 year ago

They absolutely can. Its just the matter where to find a trusty guy to write one for them.

[-] penquin@lemm.ee 7 points 1 year ago

Ok then, what are these politicians smoking?

[-] davel@lemmy.ml 8 points 1 year ago

Some of them are useful idiots, and some of them are working with State security & intelligence, which want full-spectrum communication access.

[-] possiblylinux127@lemmy.zip 7 points 1 year ago

That's the point

[-] Deckweiss@lemmy.world 2 points 1 year ago

https://balkaninsight.com/2023/09/25/who-benefits-inside-the-eus-fight-over-scanning-for-child-sex-content

This independent report has been posted here a while ago. They seem to be smoking big US tech dollars.

[-] rikudou 1 points 1 year ago* (last edited 1 year ago)

They don't need new encryption methods, the current ones are unencryptable enough. You can literally post the encrypted messages publicly and no one can do anything with them.

This is my name as stored in one fully encrypted app I wrote: PZPmZ5YvhlFgCLSBuFP9j4LtExG8yKmBERBmDPm1EPtTgw5/GaH7VeGCvn2xMxsfofOibD+M9CY4bM0v/PabrnOp4NCR5qqET8mm0c7xu0uIIV2r80LuhJutqScn+c6K8SHIn3IrSsImtkblU2o24qQNB5ztzmUhUz2IkM4VgtdKCx15Jg29+HvViWVzxREaE6n+Fw7VXJbajDMRYnLohdMEmqUiB1vH6qU6+jr80ymAZLsMnGppEsMdLm8y+OdN0UdFg4Nrj4sEihm+b92WUCbdr/F24MOGFZhe5EvfaM0XIIxYGhHzTlq3ku7ZmrKfDowj62PdyMw2ywH5oZdm1WEIaF6Lp8UrTdLxnHi0KjpQBjCck08zRetJj83+KU3klU40Aqfs8WbgCPzUK2Cmmfgjjzqarhhpw+iQi1WU1ZFaJkWMo2B+faV2ZL+sPlpYkdjBxw2it9LyxHSa2AGnarOdyEpe7ZoMnN7R7LYXtUfUqEKW2+zOWQIS0VKUQT9HFpZ2KqB7eDVp6NH/qRnAH0iGQrK0+DehV5MFoxafhizh0O855l4PX6ZbI8JfQXjxZeP/g04Xp/jXwgI85l6081V6zeDpPnGWJ2z2iFjDM1rIRRbtNbCxKdSSOVRPgqiOoEajja5fVNjvqWnOXjmh3ULTJae5qZEfR2KSP6m5eI8=

(If anyone's wondering, the app is https://baby-journal.app - for secure tracking of your child activities, also on Google Play).

[-] aniki@lemm.ee 1 points 1 year ago

Hi Dominik! Hows the weather int he Czech republic?

[-] rikudou 1 points 1 year ago* (last edited 1 year ago)

Heh, nice, though not exactly decrypted, that's pretty much a public knowledge. But I can post some encrypted piece of information that I haven't shared publicly, if you wish.

Edit: The weather sucks, as usual. Summers are way too hot and winters are cold. Yay for climate change.

[-] penquin@lemm.ee 1 points 1 year ago

Nice and exactly. These politicians would have to also make encryption methods illegal, not require apps to break their core functionality. Also, even if they made the methods illegal, that will never stop people from creating them. As a rule of thumb, you never tell the Internet what to do. lol

[-] Zerush@lemmy.ml 8 points 1 year ago* (last edited 1 year ago)

Laws made by elderly people, who confuse a remote control with a cell phone, to satisfy certain lobbies, whose spokespersons they are.

Even if they manage to carry out this law, until all the chat companies introduce it and the legislators of the different countries manage to introduce it into their own legislation, with the necessary infrastructure and the corresponding bureaucracies, I think that most of us would already be retired. or in a pine box.

Adding that until then there will be zillions of countermeasures available to give them the middle finger.

Until now there is a regulation that allows access to chats with a court order, in case there is an investigation against certain people for crimes. Trying to globalize it to the entire population by default, well, I think I'll wait quietly, with agencies and administrations that still use FAX and Windows XP.

[-] Gabu@lemmy.world 5 points 1 year ago

That was a fun read.

this post was submitted on 08 Nov 2023
224 points (97.1% liked)

Privacy

31974 readers
232 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS