The Joint Declaration was agreed upon at an informal meeting of the European Chiefs of Police in London hosted by the National Crime Agency on 18 April.

Police Chiefs of all EU Member States and Schengen Associated Countries were invited, alongside Europol’s Executive Director.

Here is the declaration (pdf).

  • @[email protected]
    link
    fedilink
    English
    87 months ago

    Once you have a tool that uses pgp with keys you provide, and encrypts messages in normal chats, changing the actuall message format would probably be easy, so there’s plenty of room for adittional steganography. Images would make for a perfect cover, with something like last-bit steganography.

    But, I hope it won’t come to that.

    • trollercoaster
      link
      fedilink
      English
      1
      edit-2
      7 months ago

      They will have tools to scan for steganography. I bet Palantir or some other dodgy tech bro company is more than happy to sell something like that to them. And with PGP’s not only strong encryption, but just as strong authentication, they’ll have no problem whatsoever proving that it was you who sent those illegal encrypted messages.

      • @[email protected]
        link
        fedilink
        English
        17 months ago

        That’s true. I guess that in this case, your best bet is (assuming you don’t have something so illegal to hide, that they do want to expend large amount of resources on you) to just go security by obscurity, and have some kind of obscure custom steganography that’s not widely used.

        And for PGP - I though that there’s a difference between signing and encrypting a message, and when you only encrypt and don’t sign, they can’t attribute the message to you, assuming they don’t have your private key or the original plaintext? Or is it possible to attribute a encrypted message using only public key and cyphertext?

        • trollercoaster
          link
          fedilink
          English
          17 months ago

          Or is it possible to attribute a encrypted message using only public key and cyphertext?

          I’m not entirely sure, and was more thinking of the standard application of PGP where encryption and signing go hand in hand.