- cross-posted to:
- foss
- privacy@lemmy.ml
- privacyguides@lemmy.one
- 🦄🦄🦄 ( @Duke_Nukem_1990@feddit.de ) English100•1 year ago
Its really really great that in a time where fascists gain more and more influence in several EU states, we also make it possible to massively spy on citizens :)
- Gamey ( @Gamey@feddit.de ) English43•1 year ago
I am sure they will only use it against Pedos and Terrorists! ;)
- Random_German_Name ( @Random_German_Name@feddit.de ) English47•1 year ago
Europol already said it would use it to fight „illegal migration“ and „human traffickers“ and drug dealers
A french politian demanded to use it against „Drag Queens“ and museums
An italian politian proposed to use chat control against „human traficking“ (in this case a dogwhistle for people, that rescue migrants), organ traffickers, illegal trading of weapons and drug dealers.
Some important german polititians want to expand it against antisemitism, far right extremism and child pornography
A lobbyist and another german politian want to also use it against illegally downloaded movies and music.
https://netzpolitik.org/2023/ueberwachung-politiker-fordern-ausweitung-der-chatkontrolle-auf-andere-inhalte/ (article in german)
- Gamey ( @Gamey@feddit.de ) English12•1 year ago
Surprise surprise!
- Takios ( @Takios@feddit.de ) English4•1 year ago
Where there’s a through, the pigs will come.
- SlopppyEngineer ( @SlopppyEngineer@discuss.tchncs.de ) English29•1 year ago
And they’ll screech like banshees when you mention the same or higher standards of transparency should apply to the rich and politicians themselves.
- anlumo ( @anlumo@feddit.de ) English12•1 year ago
They’re the same people.
- taladar ( @taladar@feddit.de ) English5•1 year ago
Well, not the same people. The surveillance people are authoritarian fascists that have been in government parties a lot longer than the newer parties with similar views.
- KraftPunk ( @KraftPunk@feddit.de ) English3•1 year ago
Facism is not the same thing as wanting mass surveillance. Or is your definition fascist = bad?
- taladar ( @taladar@feddit.de ) English3•1 year ago
Well, mostly I was thinking of the extreme nationalist views that most of these kinds of politicians showed in the past when they e.g. created intelligence agencies that completely ignored any international agreements, basic rights,… to ensure the supremacy of their own nation and their influence within it.
- anlumo ( @anlumo@feddit.de ) English2•1 year ago
Well, I meant that they all belong to the same group, fascists.
- OsrsNeedsF2P ( @OsrsNeedsF2P@lemmy.ml ) English81•1 year ago
Fourthly, scanning for known, thus old material does not help identify and rescue victims, or prevent child sexual abuse. It will actually make safeguarding victims more difficult by pushing criminals to secure, decentralised communication channels which are impossible to intercept even with a warrant.
This point is huge, and on its own explains why half baked compromises are worthless.
The criminals will use banned chat apps, while innocent people get their messages read.
- taladar ( @taladar@feddit.de ) English72•1 year ago
The reason they don’t care about that is that the whole thing isn’t about protecting children at all but about surveillance of the vast majority of people.
- MentalEdge ( @MentalEdge@ani.social ) English27•1 year ago
This. There are already plans on expanding what the surveillance is used for, as soon as it is possible to begin with.
“Think of the children” is just the trick they’re using to get their foot in the door. It being utterly ineffective in doing what they claim it’ll do, is irrelevant.
- BestBouclettes ( @BestBouclettes@jlai.lu ) English28•1 year ago
Well that’s the point, catching CSAM is just a very convenient excuse. Once that’s through, it will just be a matter of extending it to terrorism. Then you can declare anyone a terrorist and bam you have free reign to monitor anyone you want.
- taladar ( @taladar@feddit.de ) English13•1 year ago
Or you could just accuse them of the really dangerous crimes, like copyright violations or insulting politicians.
- BestBouclettes ( @BestBouclettes@jlai.lu ) English7•1 year ago
That requires some kind of proof or bureaucratic fuckery. If you take any ecologist group for instance, you just have to pin a terrorist label on them, and bam, now you can spy on them legally. They’re trying to do it in France right now.
- taladar ( @taladar@feddit.de ) English10•1 year ago
Germany too. They are trying to label the climate change protests by the “Letzte Generation” (Last generation) group as organized crime and terrorism.
- dingleberry ( @dingleberry@discuss.tchncs.de ) English7•1 year ago
Your first mistake was assuming it’s an attempt in good faith.
- germanatlas ( @germanatlas@lemmy.blahaj.zone ) English50•1 year ago
I want cameras and microphones in every politicians house, in every room. These record 24/7 and will be live-streamed on twitch. Any politician against this proposal is obviously a child-abusing terrorist, or do they have something even worse to hide?
- Vivarevo ( @Vivarevo@sopuli.xyz ) English15•1 year ago
Zero privacy to world leaders and absolute privacy to citizen would be ideal.
- taladar ( @taladar@feddit.de ) English3•1 year ago
Don’t forget all their offices and vehicles.
- RedPandaRaider ( @RedPandaRaider@feddit.de ) English41•1 year ago
Time to become a proud criminal. When law becomes tyranny, resistance becomes moral.
- tal ( @tal@lemmy.today ) English2•1 year ago
The law restricts providing a commercial service in the EU that provides end-to-end encryption without monitoring of the content of communications, not using end-to-end encryption. Unless you’re planning to run some kind of underground messaging service, you probably won’t be the one violating the law.
- RedPandaRaider ( @RedPandaRaider@feddit.de ) English1•1 year ago
What is to stop a company from offering their services in the EU though? As long as they don’t legally cooperate with the EU it should be fine. Like Telegram operating from Russia (if they weren’t collaborators already).
- tal ( @tal@lemmy.today ) English4•1 year ago
Well, depends on the jurisdiction where they are operating from.
In the US, if you’re intentionally offering commercial services in the EU (and while the US and EU definition of that may differ, I don’t think that the difference is broad enough to matter much from the standpoint of services that are being affected), my understanding is that the US will honor EU jurisdiction, and will enforce rulings against companies. Now, you have to actually be doing business under the US standard of doing business in the EU for this to apply – like, this can’t just be some random non-commercial server that you set up and then let anyone on the Internet use, as the US doesn’t consider that doing business in the EU. A US-based lemmy/kbin server isn’t going to be considered by the US to be doing business in the EU, but if its operator, for example, says “hey Europeans, donate money here and avoid restrictions”, then that’s targeted advertising to the area and the US will consider that to be doing business in Europe. Someone like Whatsapp definitely can’t just say “oh, my servers are in the US, ergo EU law doesn’t count, and I’m going to go right on selling ads and services and such in the EU and whatever else I do”.
For somewhere like, oh, Russia, Russia may not care about enforcing EU law. However, that isn’t a blank check.
First, it may be a pain for the EU to act against Telegram itself, but if money is involved, so are payments. It’s not hard for the EU to act against payment processors – banks, Visa, stuff like that. If a service is getting payment either directly from people in the EU or from advertisers in the EU, the EU can tell the payment processor to cut them off. The payment processor isn’t going to fight the EU on that; this sort of thing happens regularly.
Second, if you’re using an illegal service, the EU might wind up having EU ISPs block it. Russia has been running around requiring ISPs to ban certain sites. The EU hasn’t done that yet, but it could. I am not at all convinced that in the long term, it won’t be the norm for countries to have a list of “banned” services that they require their ISPs to block. I am pretty sure that there are a number of parties who would like piracy sites to be blacklisted, for example.
https://en.wikipedia.org/wiki/List_of_websites_blocked_in_Russia
Third, from an individual standpoint, that means that someone in the EU is not going to be getting any EU legal protection, in the privacy sphere or elsewhere. Now, maybe the technical benefits of having end-to-end encryption outweigh that for the user, but stuff like traffic analysis on messages and the security of the client may be up for question.
Specifically for Telegram, I haven’t used Telegram, so I don’t know how it handles key distribution, which you need to do for end-to-end encryption – OTR, for example, needs some pre-existing shared secret or secure sideband channel to bootstrap trust between two users. It looks like Telegram provides source, but for that to be useful, one needs to believe that someone trustworthy has validated the source, that the binary for the client is a legitimate build from that source, and that you have properly distributed keys with the other user using that client. Those can all be done with a lack of legality, but my guess is that a lack of legality likely makes it harder.
- raubarno ( @raubarno@lemmy.ml ) English37•1 year ago
-----BEGIN PGP MESSAGE----- enters the chat
- tal ( @tal@lemmy.today ) English7•1 year ago
Most people don’t use PGP/GPG, despite it being generally available.
If the vast majority of people don’t use something, it doesn’t matter much whether it exists.
A service that makes end-to-end encryption easy for the vast bulk of the public is another story.
- notepass ( @notepass@feddit.de ) English6•1 year ago
Most people also do not care about privacy or understand anything about encryption.
If this shit was to happen, it would hit the news for a cycle, some people would get slightly upset and then it would go on with the next thing.Most people here care a lot about these things and are technically inclined. But we are a minority.
- bbbhltz ( @bbbhltz@beehaw.org ) English23•1 year ago
So this is how liberty dies…
I can’t see Signal operating in Europe if this is the case. Telegram has already handed over information, so they will likely adapt and continue doing their thing. Meta/WhatsApp will want to keep that money, so they will find a way to operate as well.
I suppose Signal could have a European server, but that might cut them off from the rest of the world.
Might end up using Briar or XMPP.
I haven’t given the proposition more than a once-over, but I assume this will cover emails too?
- germanatlas ( @germanatlas@lemmy.blahaj.zone ) English8•1 year ago
Crazy how we had protests by right wing maniacs suspecting an evil dictatorship conspiracy behind everything, but when an actual aspect of dictatorship comes, nothing happens.
I don’t want to live on this planet anymore
- Gamey ( @Gamey@feddit.de ) English6•1 year ago
I will probably end up using Matrix but they really have to leave the UK before those facist shits force them to implement a backdoor!
- Dyskolos ( @Dyskolos@lemmy.zip ) English20•1 year ago
Great. That would probably mean a ban for Telegram would also be needed, as they’re known to not bow to local surveillance-laws.
I’m all for doing everything to find effing pedos, but I’ll doubt it will help catch one. Who would be so dumb to do illegal things on the surface-web?
- Vincent ( @Vincent@kbin.social ) 20•1 year ago
Telegram is already not
encryptedend-to-end encrypted by default. Signal is the interesting app - they don’t even have the data to bow to data requests.- Yamayo ( @Yamayo@lemm.ee ) English4•1 year ago
Of course it is encrypted by default, just not on device, but in the server side. Just like Gmail, office 365, and so many online services that are perfectly secure and that no one mentions as being a problem.
If you need End to End encryption, you have the option to use it, but being server encrypted it’s more convenient for syncing on devices and for uploading files, which I use a lot.
- Vincent ( @Vincent@kbin.social ) 3•1 year ago
Sorry you’re right, I meant end-to-end encryption of course. (Gmail, Office 365, and most HTTPS websites are only encrypted in-transit though, not on the server side.)
Which is, of course, the kind of encryption that matters for this proposal. (And which I believe you don’t have the option of using in group chats on Telegram, but don’t quote me on that.) Non-end-to-end encrypted messages can already be obtained by law enforcement by coercing the service provider.
- Dyskolos ( @Dyskolos@lemmy.zip ) English1•1 year ago
Signal or tgram. Whatever floats your boat and isn’t whatapp and co. It’s not always about encryption alone. It’s also about trust. I trust tgram and Pavel Durov. If one doesn’t, go signal & co. Perfectly valid alternative.
- Zacryon ( @Zacryon@feddit.de ) English1•1 year ago
Doesn’t Signal have backdoors for government agencies or am I mistaken? (Has been a while since I read something like that.)
- Natanael ( @Natanael@slrpnk.net ) English5•1 year ago
No
Every time somebody comes to them with warrants they got nothing but timestamps for account creation and last login
Closest thing you might be thinking of is when Signal added a warning third party keyboards might spy on you, which was promptly followed by China banning Signal (the most popular Chinese keyboard app is developed within China).
- Zacryon ( @Zacryon@feddit.de ) English1•1 year ago
Alright, thanks for the info! Fun fact about the chinese keyboard app.
- crispy_kilt ( @crispy_kilt@feddit.de ) English1•1 year ago
Nope
- vrighter ( @vrighter@discuss.tchncs.de ) English17•1 year ago
not really, cos telegram is not end to end encrypted unless you do not use group chats, and deep dive into the menu to enable secret chat for every individual contact.
I have no idea why telegram got this secure reputation. it is literally the absolute worst of the bunch, security wise
- Dyskolos ( @Dyskolos@lemmy.zip ) English1•1 year ago
Encryption wasn’t relevant in the context of the surveillance-law, as having ways to decrypt it will be required then and hence make it useless.
Telegram does not bow. They won’t bend their knee to a government wanting them to plant a bot. They then will just be banned.
Besides, there is end2end-encryption if you want, where is the problen? Noone forces you to use the cloud. And it’s also not “hidden deep”.
- vrighter ( @vrighter@discuss.tchncs.de ) English5•1 year ago
you have to open chat, click profile picture of contact, and then click the three dot menu from there, where you will find the option. It is buried deep down.
- Dyskolos ( @Dyskolos@lemmy.zip ) English1•1 year ago
If that’s “buried deep” to you, then maybe that technology isn’t your thing. Beside that was totally irrelevant to the topic at all. If you don’t like tgram, use something else. It’s not a pro/contra encryption discussion, it’s anti-observation.
If a messenger is still alive after this law gets real, then you have your answer regarding security and privacy.
- vrighter ( @vrighter@discuss.tchncs.de ) English3•1 year ago
the title of the post has secure encryption and chat in the title. but irrelevant, yeah.
Also it’s at least 4 taps (and you get reduced functionality too) than most other apps, which require 0
- Dyskolos ( @Dyskolos@lemmy.zip ) English1•1 year ago
I think, you didn’t get the real impact of the meaning of this post if you fight about encryption-capabilities of some clients.
Wow. 4 taps. This is really above the horizon of most boomers 😁 (of which you surely aren’t of)
Seriously, who cares. If you don’t like it, use another client. Telegram rocks and has a lot of features i would never want to miss. It’s not all about privacy and privacy. Smart people know when to use which tool at what occasion at their disposal. It’s about having even the option to do so at all, which the law mentioned in the OP is going to fuck away from us. But sure, go ahead and fight your peasant client-wars. Omg tgram is not the most secure client, i gotta fight it until the last secure messengers are gone at all. Happy whatsapping then.
- Chaotic Entropy ( @ChaoticEntropy@feddit.uk ) English17•1 year ago
Goodbye data security and privacy… I guess you were nice concepts whilst you lasted.
- 0x815 ( @0x815@feddit.de ) English12•1 year ago
Germany suggests splitting up child sexual abuse material regulation
Germany has suggested splitting the file into two parts, namely “generally acceptable provisions”, which should remain in the compromise text, and “controversial provisions”, which should be removed. The removed parts should be included in a new draft regulation.
Controversial provisions could be “discussed without time pressure”, to come up with solutions that protect children and also respect data privacy.
- CookieJarObserver ( @CookieJarObserver@ani.social ) English12•1 year ago
Typical Achsel Voss behavior… Fucking fascist.
- germanatlas ( @germanatlas@lemmy.blahaj.zone ) English3•1 year ago
He is 1 Hurensohn
Now I’ll go make coffee for the police raiding me later
- caesaravgvstvs ( @caesaravgvstvs@feddit.de ) English10•1 year ago
Are they proposing opening every letter that goes in the mail too? And checking every memory card that gets sent?
- online ( @online@lemmy.ml ) English1•1 year ago
Reminds me of this: The Post Office Is Spying on the Mail. Senators Want to Stop It: The USPS carries out warrantless surveillance on thousands of parcels every year. Lawmakers are working to end it—right now by Dell Cameron in Wired.
To initiate this surveillance, the department or agency has at least one hurdle to climb. First, they must submit the request in writing. Then … well, nothing. That is the entire hurdle.
Edit. Note: this is just the exterior of the mail that’s scanned.
- jsdz ( @jsdz@lemmy.ml ) English8•1 year ago
the proposed text would mandate the implementation of surveillance bugs
And they call it 2.0? I’ve never seen such a blatant example of version number inflation. It should be called 0.2a, as it’s nowhere near ready for release and full of bugs.
- Spzi ( @Spzi@lemm.ee ) English6•1 year ago
How to contact your MEP.
Thanks for the link, but I’m still not sure who to contact. Apparently I’m supposed to know who is “my MEP”, but I don’t. How to?
- Xoronil ( @Xoronil@feddit.de ) English7•1 year ago
Might depend on your country, but for Germany there are no direct candidates that we votes for. Everybody hat one vote one could give to a party, which had presented a list of people for the election. At the end the party then send the first x people of that list, according to how many of the German representatives were to be send by that party.
So, effectively all MEP which are German are “my” MEP. Or just the party I voted for if I want to be exclusive.
- denny ( @denissimo@feddit.de ) English5•1 year ago
As long as it applies to the normalplebian things like WhatsApp, I’m not really concerned nor surprised.
It is up to us to protect themselves and it has been since the wake of malicious ads that track your every click. It’s gotten so bad that you’d have to be insane to not use uBlock Origin.
Now it’s time to find another means of communication. So many privacy oriented open source apps have come out and all that you need to do is install one and tell your friends… such as SimpleX Chat and Session Messenger.
Don’t sleep on your OPSEC, unless you have a reason to. :)
- tal ( @tal@lemmy.today ) English5•1 year ago
As long as it applies to the normalplebian things…I’m not really concerned nor surprised.
So many privacy oriented open source apps have come out and all that you need to do is install one and tell your friends…
If you don’t want to interact with “normalplebians”, I suppose that’s one way of looking at it.
- Sparking ( @spark947@lemm.ee ) English5•1 year ago
The age of stenography has begun!
- interolivary ( @interolivary@beehaw.org ) English9•1 year ago
Did you mean steganography, ie concealing messages “in plain sight” in otherwise innocuous-looking things like images or audio?
Stenography is any abbreviated writing system, but not really “coded” in any meaningful way
- Sparking ( @spark947@lemm.ee ) English3•1 year ago
Yes and yes
- online ( @online@lemmy.ml ) English1•1 year ago
Okay tell me, a nerd who has never tried to use this, where to start learning how to use steganography.