• Talaraine
    link
    fedilink
    1486 days ago

    Literally on the heels of the revelation that China is spying on all chats and phone calls, these clowns still think back doors are safe in any way.

    I swear, humanity is simply failing the IQ test here.

  • @CosmoNova
    link
    English
    1126 days ago

    What we need are laws to prevent this kind of court trolling because courts all over europe are wasting time and money on these repeated proposals. Politicians should be held accountable for wasting everyone’s time.

    • @rottingleaf
      link
      English
      04 days ago

      I thought a lot about fair government and such when I was 16-17.

      And it came down to any such action being individual, thus having an initiator, who is the responsible person, or a group of such.

      And such laws, when not passing through courts, should require a huge payment (should be tied to total GDP, I think), equally split among members of that group (so a group does not become an entity).

      No person from among them can initiate anything such until having paid the previous.

      It seems logical, I mean. If something IRL is being overloaded, it should just be a paid service. Same here.

      Should be expensive enough so to not be an acceptable cost of doing business for a corrupt politician.

      Also the cost should depend on which tier of laws this is - suppose regulation of milk products is lower tier than total fscking surveillance.

      Also the court should be able to determine whether a rejected initiative is a repetition, in which case the cost will be, say, order x 12 x “last year’s GDP” x coefficient x tier.

      It’s ridiculous that lawmaking is free, with the amount of value it redistributes.

  • ERROR: Earth.exe has crashed
    link
    fedilink
    English
    78
    edit-2
    6 days ago

    If y’all wanna know why is this stupid

    Take a look at the so-called “TSA-Approved Locks”

    The locks that lets TSA have a “special key” to unlock your bags to search then without cutting it open.

    The same “special key” is available to buy on amazon.

    🤣

    It’s even worse than no locks, since someone could plant drugs in your bag using the “special key”, and since there’s no evidence of tampering, and the bag is also locked, the blame falls on you.

    • @daggermoon
      link
      English
      96 days ago

      For anyone else who’s curious about the history I actually went and looked this up. Photos of the keys were accidentally leaked on the Travel Sentry website. This made it very easy to copy. The website says “Sensitive Information – do not post, copy or disseminate”. Clearly someone elected to do the opposite.

    • @wurstgulasch3000
      link
      English
      96 days ago

      Oh no you don’t understand, with this legislation bad actors and foreign intelligence would not be allowed to use these back doors. So they can’t do it because it’s illegal. That’s why it’s 100% safe. I mean don’t you trust the it competence of 60+ year old law makers?

      OK I will stop now

        • @[email protected]
          link
          fedilink
          English
          76 days ago

          I believe DeviantOllam recommends putting a gun in your bag (from memory a starter gun counts as a gun to TSA but doesn’t have the whole licence restrictions of an actual firearm). Because you have a gun you are allowed to lock it with an actual padlock and the TSA can’t just go through your stuff. If you put a padlock on otherwise they’ll just cut it off and you’re back to square one.

      • @[email protected]
        link
        fedilink
        English
        146 days ago

        I just use a zip tie. It keeps the bag shut and it’s obvious if they open it. Of course they could potentially replace it with an identical zip tie. You can get security seals that are serial numbered if you want to protect against that.

        • @[email protected]
          link
          fedilink
          English
          76 days ago

          Good idea. And you could easily add a mark (maybe green permanent marker?) and they’re most likely not going to replicate it. Prep a few and carry the zip ties in your personal item or something.

          That said, zip ties seem kind of annoying since you’ll need to cut them at the destination, without being able to being a knife with you.

          • @[email protected]
            link
            fedilink
            English
            56 days ago

            I put a cheap pair of wire cutters in the front pocket of the suitcase to cut the zip tie off with.

        • @[email protected]
          link
          fedilink
          English
          56 days ago

          I guess it could be better to not lock it at all and use some other form of tamper detection?

          Or I guess I could just travel with a pelican case so they have to defeat the lock to get in.

            • ERROR: Earth.exe has crashed
              link
              fedilink
              English
              2
              edit-2
              6 days ago

              Oh I didn’t watch the video at first and I was thinking of the ones where the locking mechanism is stationary and attached to the suitcase, not a separate lock that you use.

              Those stationary ones, you cannot rezip.

              • @uranibaba
                link
                English
                15 days ago

                Yeah, okey. That makes sense. I would be difficult to hide the intrusion if you can’t move the zippers.

    • DacoTaco
      link
      English
      4
      edit-2
      6 days ago

      Even worse btw, you can 3d print the tsa master keys. I have them printed, and confirmed them working.

      Tsa knows about this, and they have publicly said they dont care

    • @[email protected]
      link
      fedilink
      English
      26 days ago

      Where I am, we have “Post Office approved” locks, cam locks for your post box that can be opened with your key plus a special key that the postie has, in case they have a parcel that won’t go in the slot.

      Yes, you can get one of the special keys if you know where to look

      No, it isn’t a problem because we’re not a bunch of fucking savages 😂

      • ERROR: Earth.exe has crashed
        link
        fedilink
        English
        86 days ago

        Yea, a mailbox near your house all the time is not the same as a luggage that to through MILLIONS of people in a busy airport. Only take one scum out of a million to ruin it.

        Fun fact: I never actually had a porch pirate. Well other than a neighbor’s kid being a dipshit (or maybe mistaken it to be their package, who knows), but that eventually got returned, and one time, the delivery driver kinda stole it before it ever arrived on the porch, so it was not technically porch theft. Reported that one and got refunded.

        Like never a random dude (or gal) that just walked up and grabbed a package. Like never!

      • @Valmond
        link
        English
        26 days ago

        This metaphor is so bad. You expect people on the internet to act like good neighbours?

    • @[email protected]
      link
      fedilink
      English
      116 days ago

      It was the one good thing the german liberal party FDP was good for, but they aimed to destroy the coalition from the inside (literally! they made plans and discussion meetings when the best time to destroy it would be). And now they are out and we have the SPD and the Greens left. So one party who really has a hard on for surveillance and the other one who is undecided.

  • @latenightnoir
    link
    English
    346 days ago

    1000010988

    In all seriousness, the EU has become beyond frustrating in so many ways… Kudos for fighting against corporate monoliths, but… c’moon!

    • @[email protected]
      link
      fedilink
      English
      346 days ago

      I don’t think you get the EU. It’s a democracy and everyone can submit proposals.

      This is a proposal from pro-Russian Orban from Hungary, and not EU’s opinion.

      • @latenightnoir
        link
        English
        36 days ago

        I see your point, although I still can’t shake the impression that the entire EU’s shifting away from its potential of being the best example. Sure, it’s down to individual people with individual views, but we’re still to see if it’s greater than the sum of its parts, to be honest…

        Don’t get me wrong, I’d still rather we have the EU than not have it, but I’d wish to see a lot more reasonable and rational minds on the council and have it be felt throughout its policies.

      • @rottingleaf
        link
        English
        -46 days ago

        It’s a democracy where the European Commission (which is actually the main governing body of the EU and not EP) is comprised of people put there by bureaucracies.

        I don’t think you get the EU. It’s a failed attempt at powerful democratic version of USSR, that has been retconned into a successful confederacy, only it’s not that too.

  • Kokesh
    link
    English
    336 days ago

    Here we go again Good old Child abuse.

  • @daggermoon
    link
    English
    146 days ago

    You shouldn’t be using whatsapp anyway.

    • @Valmond
      link
      English
      306 days ago

      First they came for whatsapp. I didn’t say anything because I don’t use whattsapp.

    • @[email protected]
      link
      fedilink
      English
      126 days ago

      It would concern all messaging apps, which is beyond stupid. Lol, even nato uses the matrix protocol.

        • @[email protected]
          link
          fedilink
          English
          25 days ago

          Oh, I thought that was clear by context…

          I definitely would sideload the secure versions, if I was affected, which got more easy thanks to EU, lol

          • @[email protected]
            link
            fedilink
            English
            3
            edit-2
            5 days ago

            Again, no sideloading needed. You’re misunderstanding the executive.

            They enforce this by freezing bank accounts and issuing fines to corporations, not by internet censorship.

            So any company that doesn’t have money flowing through the EU is unaffected. And any company that does have money flowing through the EU has a choice to either pull out of the EU or to fuck over their users.

            • @[email protected]
              link
              fedilink
              English
              15 days ago

              I’m sure, that they would ask apple and google to remove all messaging apps from organisations with no EU money flow?

              Or do you not think so too?

              • @[email protected]
                link
                fedilink
                English
                25 days ago

                I don’t see how this would be a problem either except on Apple. Blocking the sites offering the apk/deb/exe/etc - good luck, doubt their censorship skills are that good given that they’re unlikely to want a ton of collateral damage like more authoritarian places.

    • @[email protected]
      link
      fedilink
      English
      -13
      edit-2
      6 days ago

      And instead use what? Signal? And then chat with the zero other people who use it?

      Telling europeans to not use whatsapp is like telling people not to use the power grid. It’s more popular here than iMessages are in the US.

      • @[email protected]
        link
        fedilink
        English
        12
        edit-2
        6 days ago

        I’m European using signal, I frequent in two countries very often (not neighbouring countries) and for the past two years I’ve noticed more and more people using signal.

        Ditched whatsapp half a year ago and haven’t had problems. Some friends use both signal and whatsapp.

        Not saying many in whole Europe use signal but it certainly is not only popular in US.

        Edit: but not saying using signal will change anything if this bill passes. No matter what popular app we use we are going to have no privacy at all if this thing passes…

        • @woelkchen
          link
          English
          36 days ago

          WhatsApp uses the same encryption as Signal and chat screening won’t be exclusive to WhatsApp anyway, so whatever WhatsApp will need to implement to comply, Signal will have to follow.

            • @woelkchen
              link
              English
              35 days ago

              Good luck setting up your own server and convincing everybody else to use that.

              Signal is not federated. It relies on a central server, meaning for all intends and purposes Signal controls the entire chain.

              • @[email protected]
                link
                fedilink
                English
                15 days ago

                End to end encrypted, I think chat control is all about client-side scanning so the app being open source is a big deal and would prevent client-side scanning because even if they build in client-side scanning, it’s open source and people can remove it.

                • @[email protected]
                  link
                  fedilink
                  English
                  15 days ago

                  Signal is pretty control freak-y, so would not be surprised if they can somehow prohibit third-party modifications entirely. That would be out-of-character for them, though, so doubt they would actually go through with this.

                  Still, if that went through, I’d discount all the centralized solutions.

                • @woelkchen
                  link
                  English
                  15 days ago

                  Just have the server link a hidden device, boom, all chats decrypted.

      • @[email protected]
        link
        fedilink
        English
        -66 days ago

        I dont know a single euroepean that is using WhatsApp, and im european… i mostly encounter asian people that use it.

        • @woelkchen
          link
          English
          56 days ago

          Then you’re in a weird bubble. Nearly everyone uses it. I do. I hate it, I think its usability is bad, why can I only link four devices, etc.

        • Brumefey
          link
          fedilink
          English
          46 days ago

          WhatsApp is everywhere. Even at school it’s used for parents discussions. I have Signal but not using it since nobody has it…

      • @daggermoon
        link
        English
        -56 days ago

        Why do you assume I’m American? I am, but you would have no way of knowing that. I could be Croatian for all you know.

        • @HC4L
          link
          English
          66 days ago

          Nobody assumed that, but you still haven’t answered the question…

        • @[email protected]
          link
          fedilink
          English
          36 days ago

          I haven’t made any assumptions about where you’re from. I’m only arguing against the blanket statement of telling everyone to stop using whatsapp.

          • @daggermoon
            link
            English
            05 days ago

            Sorry but if you want private messaging Signal is your only option. I’m sorry you all have to deal with it but now is a good time to bully friends and family into switching to Signal.

  • @Jackthelad
    link
    English
    166 days ago

    Is this a Brexit benefit?

    • @UnderpantsWeevil
      link
      English
      256 days ago

      Not when the UK is already a member of Five Eyes.

      • @Jackthelad
        link
        English
        176 days ago

        Isn’t that a burger restaurant?

        • @UnderpantsWeevil
          link
          English
          76 days ago

          Not quite

          https://en.wikipedia.org/wiki/Five_Eyes

          An Anglosphere intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are party to the multilateral UK-USA Agreement, a treaty for joint cooperation in signals intelligence.

        • @UnderpantsWeevil
          link
          English
          26 days ago

          The PRISM leak demonstrated how much that’s worth

          • @[email protected]
            link
            fedilink
            English
            26 days ago

            Yes. Specifically the top secret slide that listed Signal and Tor as being “disastrous” to their dragnet surveillance systems

            • @UnderpantsWeevil
              link
              English
              36 days ago

              And I’m sure in the intervening ten years they haven’t done anything about that

              https://blog.dijit.sh/i-don-t-trust-signal/

              Signal is not open source

              Why would I say something so provably untrue? “Of course signal is open source, it’s on f-droid! (it’s not, actually1); there are even sources on github!” … I can already hear it coming.

              How is it then dear reader, that they developed MobileCoin integrations for over a year without anyone knowing?

              That would be because, they stopped updating sources. We can be reasonably sure that private & unpublished code was in production, otherwise they left some security vulnerabilities unpatched for a long time2. This throws into question the entire nature of what they consider “open source” to mean, they are clearly comfortable deploying non-public software.

              It’s also vanishingly small amounts of people who will use the from-FOSS versions of the client, nearly everyone will be downloading it from Google Play or Apple’s App Store; and they have a long way to go when it comes to verified builds which seems to work when you google it and there’s a page; but in reality if you read the page you’d realise is not possible.

              Which gives a false appearance in my opinion, and that is a large part of my issue honestly; that there is a surface level of “everything is by the book” but underlying it all is: nothing, really. Signal doesn’t give you any option to verify their claims

              If I were in a situation to be signal, if there was a competing implementation that I could point my clients to (similar to how headscale is an implementation of tailscale’s control server); I’d certainly be a lot more comfortable, since then I could be in a situation where I can see all traffic to my server and jail/inspect all traffic coming from the binary distributed Signal client; thus it would allow for independent verification of the binary distributions delivered via Play or the iOS App Store.

              As it stands the whole thing is built on trust and people believe that someone else will do the hard part of reverse engineering every version.

              Which I don’t have to tell you is significantly more effort, requires much more advanced skills and might not even yield results even if there were concerning items yet to be discovered.

              “Moxie says you can run your own server though!”3; I’d like to see where I can change the endpoint in the signal app that’s distributed via Play or App Store; my claim is purely that I can’t verify those and that few enough people run the custom compiled versions to be meaningful. If I was to be smart and want to hide a back door I’d only need one side of every conversation. – please note though, I’m not saying they do this, I’m just saying that they could do this and the only thing that says they don’t is “trust me”.

              • Laurel Raven
                link
                fedilink
                English
                15 days ago

                That sounds pretty bad, but 1) the article is 3 and a half years old (not that big of a deal really, but an update on the current status would be useful at this point), and 2) I see plenty of commits to all five of their pubic facing repos.

                I’m not saying they’re wrong…I’m not going to presume to understand it better than them… But I’m not seeing how that translates to them hiding things from public view, or if they were that they’re still doing so. If you’re aware of something I’m missing there, I’m very much interested in hearing about it.

                But yes, trust should not be implicit, it should be verified.

    • @[email protected]
      link
      fedilink
      English
      146 days ago

      To answer seriously: unfortunately, the UK is one step ahead with the Online Safety Act. They’ve already given Ofcom the power to enforce client-side scanning. Ofcom themselves are deciding whether they want to use this power yet and this should happen sometime next year.

        • @[email protected]
          link
          fedilink
          English
          13 days ago

          I think (and hope!) it would likely only get applied to the biggest services, and would be enforced by removal from the app stores.

          Then, the logical next step for the government when this doesn’t work would be to allow this requirement at the OS level.

          • @[email protected]
            link
            fedilink
            English
            2
            edit-2
            3 days ago

            That would only really work on mobile, though - and that’s assuming the OS isn’t custom.

  • @[email protected]
    link
    fedilink
    English
    10
    edit-2
    6 days ago

    Look, it was discussed for years already and we have a consensus; it’s technically and legally not possible without giving you the keys (methaphorically and literally) and we can’t give you the keys because that would quickly lead to you abusing the power given to you.

  • @[email protected]
    link
    fedilink
    English
    76 days ago

    I use signal but I always kind of wanted to switch people to threema but in reality it’s hard enough getting them to install signal.

    • MaggiWuerze
      link
      fedilink
      English
      66 days ago

      Threema really doesn’t do a good job of making it easy to switch. For the regular user there is too much that can go wrong and its too easy to lose your chats when migrating to a new phone

  • @[email protected]
    link
    fedilink
    English
    86 days ago

    I actually don’t really understand how they would do this. Isn’t WhatsApp end to end by protocol? They’d have to share messages at the client side. What a mess.

    • @x00z
      link
      English
      166 days ago

      They want to force WhatsApp to scan your private messages on your device.

    • @[email protected]
      link
      fedilink
      English
      66 days ago

      End-to-end encryption is worthless, when it’s done by a company like meta in a closed source project.

    • @[email protected]
      link
      fedilink
      English
      35 days ago

      End to end encrypted with keys stored on Meta’s servers.

      Just kidding but I’m sure there’s a backdoor somewhere.