| ▲ | flumpcakes 2 days ago |
| Good news for UK people. I am all for laws designed to protect children, and stop terrorism. But these 'back door' laws are nearly always very poorly thought out and offers new avenues for 'normal' people to come to harm. |
|
| ▲ | throw0101a 2 days ago | parent | next [-] |
| > I am all for laws designed to protect children, and stop terrorism. The usual suspects: * https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp... |
| |
| ▲ | fmajid 2 days ago | parent [-] | | The real target: journalists, activists and whistleblowers | | |
| ▲ | flumpcakes 2 days ago | parent [-] | | This isn't true on the whole in this context. How does the UK's OSA target journalists, activists and whistleblowers? I think this conspiratorial view of these laws is doing more harm than good and ignores the entire issues that these laws are designed to address. The problem is we create overly broad laws because: - There is a problem with child predation / terrorism
- There is a lack of understanding on how technology works
- There is faith that the system works and won't ever be abused
- There are too few people in community self policing these issues. Addressing any one of these in a different way will negate the need for laws like the UK were trying to implement. Creating broad gives the police more ability to enforce their spirit. I think that's generally a bad thing when the laws are to do with civil liberties. But maybe a good thing when dealing with, for example, domestic abuse. | | |
| ▲ | johnnyanmac a day ago | parent [-] | | >How does the UK's OSA target journalists, activists and whistleblowers? The general context is it targets "anyone who angers the government". Being able to ban your entire internet if this becomes widespread becomes a very powerful deterrent to opposition. \ >Creating broad gives the police more ability to enforce their spirit. I think that's generally a bad thing when the laws are to do with civil liberties. Given the histories of "enforcing spirits" for both the US and the UK police forces, I'm not sure how or why you'd have faith in their interpretations. The police can bring up your info themselves without needing the ability to cut off someone's entire digitial landscape. |
|
|
|
|
| ▲ | ben_w 2 days ago | parent | prev | next [-] |
| Mm. Unfortunately, I'm highly confident that 90% of the intelligence community looks at us insisting that crypto standards be inviolable, and thinks we're all as infuriatingly naïve as a ChatGPT comment. I don't know the true risks of terrorist organisations. I doubt I ever will, because the intelligence community wants to keep its methods secret in order to avoid mildly competent terrorists from avoiding stupid (from MI5/6's POV) mistakes. The counter-point is that such secrecy makes the intelligence organisations themselves a convenient unlit path for a power-hungry subgroup to take over a nation. Regarding sexual abuse, the stats are much easier to find, and are much much worse than most people realise to the extent that most people either don't understand what those numbers mean or don't believe them: If you're an American, on your first day in high school, by your second class you have more than even odds of having met a pupil who had already been assaulted, most likely by someone close to the victim such as a relative. I don't see how any level of smartphone surveillance will do anything to stop that. Or indeed, any surveillance that isn't continuous monitoring of every kid to make sure such acts don't find them. |
| |
| ▲ | stephen_g a day ago | parent | next [-] | | I think the problem with terrorism is it's simultaneously more and less than they think. More from the groups they don't expect, and less from the ones they expect it to come from and are surveillance and infiltrating. For example, looking back over the history from what has been declassified in my country, the intelligence services spent a huge amount of time and resources infiltrating and surveillance communist groups and university socialist clubs, and then seemed to be completely blind-sided by the rise of Islamic terrorism when 9/11 rolled around... In a similar vein I think to how the UK is spending all this time going after people waving signs supporting Palestinians - they probably honestly think there's a real threat there, and it will turn out to be a huge waste of time and the next real terror threat will come out of some other unexpected group. As for assault - yes, it's usually someone they know. Which is why it's ridiculous the resources they spend trying to backdoor private messaging etc. in the name of "protecting the children" when much of it's happening in person... | |
| ▲ | kbelder 2 days ago | parent | prev | next [-] | | >If you're an American, on your first day in high school, by your second class you have more than even odds of having met a pupil who had already been assaulted, most likely by someone close to the victim such as a relative. You're saying that the rate of sexual assault is.. a few percent? Too high! I agree. But it's bad form to give convoluted examples in order to give the impression that the actual number is worse than it is. | | |
| ▲ | ben_w a day ago | parent [-] | | > You're saying that the rate of sexual assault is.. a few percent? Specifically of pre-pubescents. This is already enough to exceed the prison capacity of any nation, including El Salvador. If I had instead broadened to the under-18 rate of victimisation, about 11% of women are victimised: https://rainn.org/statistics/children-and-teens The lifetime risk is higher still. |
| |
| ▲ | Refreeze5224 2 days ago | parent | prev [-] | | > Unfortunately, I'm highly confident that 90% of the intelligence community looks at us insisting that crypto standards be inviolable, and thinks we're all as infuriatingly naïve as a ChatGPT comment Until they can prove this is the case, and not just fear mongering to justify their massive budgets, overreach and assaults on civil liberties, I am happy to continue being considered naïve by them. |
|
|
| ▲ | chaostheory 2 days ago | parent | prev | next [-] |
| Back doors just make the device or platform less secure. |
|
| ▲ | ACCount37 2 days ago | parent | prev | next [-] |
| I am very much against laws designed to protect children and stop terrorism. By now, "think of the children" is a tired cliche of anti-freedom laws. If "protecting children" requires sacrificing freedom for everyone, then children should not be protected. Every time I come across another anti-freedom law wrapped in an excuse of "think of the children", I question whether the worshippers of Moloch had the right idea after all. |
| |
| ▲ | thewebguyd a day ago | parent | next [-] | | > If "protecting children" requires sacrificing freedom for everyone, then children should not be protected. Agreed. It all goes back to the famous quote "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." (granted, the quote was about taxation but the principle applies here) Much like cybersecurity, it's always a trade off between absolute freedom and absolute safety. You don't get both. Every "safety" measure that gets put in place reduces your level of individual freedom. Go to far in the safety direction and you lose all your freedoms, and that trade off IMO is not worth it. | |
| ▲ | flumpcakes 2 days ago | parent | prev [-] | | > I am very much against laws designed to protect children and stop terrorism. This can't be true. You're against a law that says a convicted child rapist cannot work in schools? You're against a law that says people can't take bombs onto planes? I think you're being dishonest in your statements, or do not care about anyone else in society. | | |
| ▲ | johnnyanmac a day ago | parent | next [-] | | >You're against a law that says a convicted child rapist cannot work in schools? I'll be the devil's advocate: for how long and in what way? You can be on the child predator list because a minor caught you peeing on the side of a road. Do they deserve to be blocked out of an industry because of bad luck over something many people have done? >You're against a law that says people can't take bombs onto planes? Well that led to me not being able to bring a normal stick of deoderant in my bags. So maybe we should review the TSA oversight after 20 years. >I think you're being dishonest in your statements, or do not care about anyone else in society. and I think you're arguing in bad faith comparing the ability for government to track society's entire digital footprint to imprisoning a convicted criminal. | |
| ▲ | ACCount37 a day ago | parent | prev [-] | | I do think that both TSA and modern airport security in general should be dismantled. And that any law that claims to "protect children" or "stop terrorists" should be scrutinized as if it was written by Satan himself, with assumed malicious intent. This is true for existing laws, and true twice over for anything that's being proposed. It's long overdue for the "safety" plague of "think of the children" to die. |
|
|
|
| ▲ | amelius 2 days ago | parent | prev [-] |
| Meanwhile, who believes that the US has no backdoors in these devices? |
| |
| ▲ | philistine 2 days ago | parent | next [-] | | Cold logic dictates otherwise. The UK is part of Five Eyes: total data sharing between intelligence agencies. If that were the case, why would the UK need a law to get data it already has? | | |
| ▲ | Someone 2 days ago | parent | next [-] | | It wouldn’t need the law, but putting the proposal up and then, after the predictable backlash, retract it could be a ploy to make the criminals/us think they don’t have access to the data now. | | |
| ▲ | 0cf8612b2e1e 2 days ago | parent | next [-] | | WW2, the Allies used all sorts of fake outs to lead the Germans to believe that the Enigma machine remained secure. Many people died for the sake of the secret. Given the lengths the government has gone to monitor its citizens, I could believe the technology stack has already been compromised. | |
| ▲ | southernplaces7 a day ago | parent | prev [-] | | Upvote from me. Your point is completely valid and simply stated, and yes, I agree that they very possibly could do exactly this sort of thing for the sake of play-acting a government blindness that doesn't really exist as such. Truly this site is crawling with anal-retentive man-children who downvote over any silly self indulgent bullshit they can think of. |
| |
| ▲ | fsflover 2 days ago | parent | prev | next [-] | | https://lapcatsoftware.com/articles/2024/10/4.html https://sneak.berlin/20231005/apple-operating-system-surveil... | |
| ▲ | kneegerm 2 days ago | parent | prev [-] | | San Bernardino shootings smartypants |
| |
| ▲ | johnisgood 2 days ago | parent | prev | next [-] | | Hopefully no one, in services available globally (i.e. not US-specific), just to be sure. | |
| ▲ | sedivy94 2 days ago | parent | prev | next [-] | | Why litigate it when you can buy it from the NSO / IDF? | |
| ▲ | sneak 2 days ago | parent | prev [-] | | It’s not really a secret; it’s by design and it’s public. iCloud is not end to end encrypted by default. Apple and the state can read the on-by-default iCloud Backup which contains your iMessage sync keys and all your historical iMessages and attachments. iCloud Photos, Contacts, and Mail are all similarly not e2ee and trivially readable by Apple, DHS/FBI, and anyone else under FAA702 (aka PRISM, aka the #1 most used US intel source) without a warrant. https://www.reuters.com/article/world/exclusive-apple-droppe... Apple processes FAA702 orders on upwards of 80,000 Apple IDs per year per their own annual transparency report. Snowden himself said that they see so many nudes that they got desensitized to it. This clever setup allows them to claim iMessage is e2ee while still escrowing keys in effective plaintext to Apple in the iCloud Backup, rendering the e2ee totally ineffective. I think “backdoor” is probably an appropriate term for it, but they have made no secret whatsoever of it. It’s terrifying to think that the US federal government can read every iMessage in the entire world across a billion devices (except China, where the CCP can do the same) in effectively realtime. The power that that enables (if only in blackmail ability) is staggering. | | |
| ▲ | staplers 2 days ago | parent [-] | | allows them to claim iMessage is e2ee while still escrowing keys in effective plaintext to Apple in the iCloud Backup
Does this also apply to their advanced data protection feature? | | |
| ▲ | thewebguyd a day ago | parent | next [-] | | I don' think so, but, even with advanced data protection on - if you communicate with someone via iMessage, for example, that does not use advanced data protection, and then they use iCloud backup, then it nullifies it essentially. Feds could get your messages via the recipients iCloud backup. Advanced Data Protection needs to be turned on for both you, and everyone you communicate with if you want the full chain to be E2EE. Your communications are only ever as secure as its recipient. | |
| ▲ | intrasight a day ago | parent | prev [-] | | My read is that it does not apply to ADP. Also, what regular criminal, let alone terrorist, would leave iCloud backup turned on after all the hacks and leaks over the years. I assume that most in the HN community, like myself, have iCloud backup turned off. | | |
| ▲ | sneak a day ago | parent [-] | | Criminals (that get caught, or get put under surveillance) are generally criminals because they are stupid. I would venture a guess that almost all criminals have iCloud Backup enabled, because that is the default setting. |
|
|
|
|
