| ▲ | jcarrano 2 days ago |
| In the past, we could have made a version of Signal without this spyware, to be installed as an APK (as I would expect the EU to force Google to ban the non-spying version from the app store). With the upcoming Android developer verification, this will no longer be a possibility. |
|
| ▲ | jofla_net 2 days ago | parent | next [-] |
| Pretty neat how, out of the blue, two seemingly unrelated efforts manage to tighten together to create the perfect unavoidable storm. I swear those Thursday bilderberg meetings are a thing. |
| |
| ▲ | glenstein 2 days ago | parent | next [-] | | The thing that depresses me about offhand references to bilderberg group is it's a missed chance to name real names. I don't know who they are, but from chat gpt'ing it looks like there's some particular agencies regularly behind these. One is "DG Home," an EU department on security that drafts legislation. Another is Europol, a security coordination body that can't legislate but frequently advocates for this kind of legislation. And then there's LEWP, The law enforcement working party, a "working group" comprised of security officials from member EU states, also involved in EU policy making in some capacity. Perhaps targeted reform of these bodies is in order so they don't keep producing this legislation over and over. The blocking minority shouldn't just oppose the legislation itself, but make sure that their representation at those bodies is stopping those recommendations from moving forward. The legislating infrastructure needs to be challenged as much as any particular bill. | |
| ▲ | varispeed 2 days ago | parent | prev | next [-] | | People have been talking about this for years. Corruption, authoritarianism and fascism is eating the EU from within and people who warned about it were called from tin foil hatters to just nutters. | | |
| ▲ | 127 2 days ago | parent | next [-] | | It seems the general direction in all big organization on this planet. EU is definitely not immune, but perhaps the most resistant so far. | | |
| ▲ | Aerroon 2 days ago | parent [-] | | The Data Retention Directive was passed in 2006 by the EU. It was law of the land for almost a decade: >According to the Data Retention Directive, EU member states had to store information on all citizens' telecommunications data (phone and internet connections) for a minimum of six months and at most twenty-four months, to be delivered on demand to police authorities. >Under the directive, the police and security agencies would have been able to request access to details such as IP addresses and time of use of every email, phone call and text message sent or received. There was no provision in the directive that permission to access the data must be confirmed by a court. On 8 April 2014, the Court of Justice of the European Union declared the Directive invalid in response to a case brought by Digital Rights Ireland against the Irish authorities and others because blanket data collection violated the EU Charter of Fundamental Rights, in particular the right of privacy enshrined in Article 8(1). https://en.wikipedia.org/wiki/Data_Retention_Directive |
| |
| ▲ | happymellon a day ago | parent | prev | next [-] | | At least in the UK, a lot of these calls were made by the far right. It's easy to dismiss as hypocritical, but it doesn't mean that they were wrong. Their "solution" to leave rather than fix was simply because they wanted it but in their control. Honestly they are nutters who make stuff up about "bendy bananas" etc, which dilutes the complaint. | | |
| ▲ | brikym a day ago | parent | next [-] | | The media, owned and controlled by powerful people who benefit from the status quo, just tacked on the term 'far' to remind people not to venture outside the Overton window or think too hard. It's scary and far away. Stay the cosy middle where it's safe. Anyone against the pro-corporate status quo (for example mass immigration) is tainted having an extreme opinion; Discussion over. There are a few nutters and poor people notice these trends first. The media tend to zoom in on those people and of course that taints all their concerns because normal people don't want to say anything that people might see as poor or nutty; they want to be seen as successful and smart. Only poor people would complain about immigration and only extremists and pedos would complain about censorship and you are not one of them right? | |
| ▲ | soraminazuki a day ago | parent | prev | next [-] | | I believe people in tech have been making these calls decades before the far right started making noise for their political ends. | |
| ▲ | tastyface a day ago | parent | prev [-] | | The far right may have *latched on* to these calls, but rest assured they are as eager as anyone to use state power to quash dissidents, if not more so. | | |
| ▲ | happymellon a day ago | parent [-] | | > rest assured they are as eager as anyone to use state power to quash dissidents, if not more so Yep completely agree, as mentioned. > Their "solution" to leave rather than fix was simply because they wanted it but in their control. |
|
| |
| ▲ | bboygravity 2 days ago | parent | prev [-] | | Still are being called that now. Any political party of any member state that even thinks about being critical of the EU will instantly be completely destroyed by "independent" national (state sponsored) media. | | |
| ▲ | Geof25 2 days ago | parent | next [-] | | It is exactly the opposite. EU is blamed for everything what is wrong and local politicians are taking credit for whatever is good. | |
| ▲ | gambiting 2 days ago | parent | prev | next [-] | | What are you talking about. UK is the prime example of political parties being extremely critical of the EU and eventually getting exactly what they asked for. But even if you think UK is some kind of weird one-off example - it's not. Look at Poland - PiS has been openly critical of EU for years now and held power for years, will most likely win it again in the next elections. Konfederacja straight up calls EU facist on a daily basis and they have like 20% support for some insane reason. >>by "independent" national (state sponsored) media. You have to explain what you mean by this - you can't be independent and state sponsored. Or do you mean unbiasased(like what the BBC or TVP are meant to be, which they are obviously not but they are not "independent") | | |
| ▲ | Etherlord87 2 days ago | parent | next [-] | | That "insane reason" is the propaganda machine(s) of russia and china. Konfederacja is called Konfederussia by many Poles just because how often what they say align with russian interest. The founder of Konfederacja, Janusz Korwin-Mikke once said that in the war between russia and Poland, he would fight on the side of the former. | |
| ▲ | YetAnotherNick 2 days ago | parent | prev [-] | | UK is a wrong example as their issue wasn't EU's policies but the idea of one Europe. They wanted to have control on the borders that was fundamentally incompatible with EU. | | |
| ▲ | SiempreViernes 2 days ago | parent | next [-] | | Why would you first claim the issue "wasn't EU's policies" and then list the extremely central EU free movement policy as the issue? | |
| ▲ | AlecSchueler 2 days ago | parent | prev | next [-] | | And even then it was based on a misunderstanding of border policy, a false perception of control by the EU. In the years since Brexit all of the issues they had have only worsened and the biggest political agitator now is just the same group that pushed for Brexit with a new name still running on an anti immigrant ticket. Turns out the border problems were policies of their own governments. | |
| ▲ | graemep 2 days ago | parent | prev [-] | | I disagree. Control or borders was one of many issues. Policies and regulations were definitely an issue too. https://media.ukandeu.ac.uk/wp-content/uploads/2018/07/CSI-B... I think something that is under estimated is how much it was a matter of identity - do people feel British or European? The areas that voted remain most strongly were the nationalist areas of Scotland and Northern Ireland. |
|
| |
| ▲ | Yeul 2 days ago | parent | prev [-] | | Mate everyone in the Netherlands hates the EU. But after calculating it is still more profitable to be in it. We can see how Trump treated Switzerland. |
|
| |
| ▲ | lyu07282 2 days ago | parent | prev | next [-] | | That's the fun part, they are all public conferences, like: https://initiatives.weforum.org/global-coalition-for-digital... It doesn't have to be in secret, they can and do plan and coordinate these efforts in the open. When we hear about it, it was already planned for many years. | |
| ▲ | p0w3n3d 2 days ago | parent | prev | next [-] | | > seemingly unrelated efforts What are the odds | |
| ▲ | crimsoneer 2 days ago | parent | prev [-] | | I mean, "the police should have the power to read your communication" is not some fringe view. It's been the view of every state in the history of forever. |
|
|
| ▲ | varenc 2 days ago | parent | prev | next [-] |
| Couldn't someone just build that Signal APK without spyware and then get it signed/verified by Google? The Google change means that every APK has to be signed and linked to a developer with a verified identity. Unless Google might not be willing to approve this alternative version of Signal, but is there any indication of that? The Signal clients are open source with a permissive license so there's nothing unauthorized about building and distributing a modified version yourself. |
| |
| ▲ | jcarrano 2 days ago | parent | next [-] | | If the developer is in the EU, they can come after them. If not, the EU can direct Google to revoke the verification. The commission has a big lever to pull with fines which are pretty much arbitrary. | |
| ▲ | mort96 2 days ago | parent | prev | next [-] | | The point is, before, you could run apps on your Android phone without anyone's permission. Now, you need Google's permission. You're relying on Google authorizing a Signal build which circumvents laws, and that's not at all a given. | |
| ▲ | sneak 2 days ago | parent | prev | next [-] | | If you do this with Apple they will deny it as “too similar”. They have no obligation to sign anything, and they aren’t in the business of fighting city hall. Quite the opposite. | |
| ▲ | NewJazz 2 days ago | parent | prev | next [-] | | Is there any indication that Google will obey the laws of the EU when they have no vested interest in the outcome? They only break the law when it earns them bundles of money. | | |
| ▲ | munksbeer 2 days ago | parent [-] | | >Is there any indication that Google will obey the laws of the EU when they have no vested interest in the outcome? In this context it isn't EU laws. The upcoming Android change in 2026 will stop anyone installing a non-verified app on their Android devices. This seems to be something Google arrived at "independently". But I would bet the US and EU and whoever else have put pressure on them. | | |
| ▲ | NewJazz 2 days ago | parent [-] | | The law would be "don't sign apps unless they follow these regulations". Google has put themselves in the position of being able to enforce these regs, but that doesn't mean they aren't law. | | |
| ▲ | munksbeer 2 days ago | parent [-] | | I'm not following. What law are you referring to? A theoretical law you're speculating on, or one that exists today? | | |
|
|
| |
| ▲ | rdm_blackhole 2 days ago | parent | prev [-] | | > Couldn't someone just build that Signal APK without spyware and then get it signed/verified by Google? The Signal CEO aid that they would pull out entirely from the EU if Chat Control comes to pass. > Unless Google might not be willing to approve this alternative version of Signal, but is there any indication of that? In this scenario, Signal will still be allowed to be distributed outside of the EU so you could get it from the Play store hosted out of the EU. |
|
|
| ▲ | raxxorraxor 2 days ago | parent | prev | next [-] |
| The EU says it wants to challenge Big Tech. What they mean is they want to blackmail them into giving them privileged access to information, control- and surveillance systems. Android as it is fails as an operating system and the same idiots ruining perfectly good software in other companies now work for Google. Not that iOS is in any way better, it has the exact same and even more deficiencies. |
|
| ▲ | userbinator 2 days ago | parent | prev | next [-] |
| There are plenty of devices running older versions of Android which are not under Big G's control and won't be subjected to this authoritarianism. Coincidentally they are also likely to be easily rootable, so you can still have full freedom. Just don't "upgrade" and ignore all the propaganda telling you bad things about that. Keep building apps that work on older, less-hostile devices and spread the word to oppose this very deliberate planned obsolescence. |
| |
| ▲ | jcarrano 2 days ago | parent | next [-] | | True, but there are apps, as reported in other threads in this forum, that will not run on rooted phones. E.g. banking and government apps. Most people will not go around with a rooted phone, much less with two phones. | |
| ▲ | Hizonner 2 days ago | parent | prev [-] | | > Coincidentally they are also likely to be easily rootable, so you can still have full freedom. Also easily remotely ownable, so you can be spied on without even having to install any software at all. And any that aren't now will be a couple of years after they fall out of support. Which, by the way, is very hard for the community to step in and do, since they're full of undocumented proprietary binary blobs. > Just don't "upgrade" and ignore all the propaganda telling you bad things about that. ... and when your fully owned device finally breaks completely? | | |
| ▲ | userbinator 2 days ago | parent [-] | | You've fallen for the propaganda. "remotely ownable" is only true if you do things like visit sites with JS enabled by default, which is what has been the case with true PCs for a long time. There's a whole community keeping these devices alive, I trust them far more than Big G. | | |
| ▲ | chowells 2 days ago | parent [-] | | The... propaganda? PoC exploits demonstrating full device takeover by sending an image file are propaganda? What would a real security vulnerability that's not propaganda look like? https://nvd.nist.gov/vuln/detail/CVE-2023-4863 | | |
| ▲ | userbinator 2 days ago | parent [-] | | libwebp, a Google-originated format... how convenient. via a crafted HTML page Don't forget that the majority if not all exploits will use something like JS to obfuscate their existence and frustrate analysis. Also remember the famous sayings "Those who give up freedom for security deserve neither" and "Live free or die". Accepting the insecurity, because freedom cannot exist without it, is also important. | | |
| ▲ | davidcbc 2 days ago | parent | next [-] | | That's a common misquote "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety" The extra words are important | | |
| ▲ | rightbyte 2 days ago | parent [-] | | "a little temporary" is key. Also the background context of arguing for taxing the rich instead of making them aristocrats. |
| |
| ▲ | chowells 2 days ago | parent | prev [-] | | No, really. I asked a specific question. What would a vulnerability that's not propaganda look like? Please explain how to distinguish between propaganda and non-popaganda vulnerabilities. I need to be able to distinguish between them for myself. |
|
|
|
|
|
|
| ▲ | cherryteastain 2 days ago | parent | prev | next [-] |
| Molly (signal fork) on GrapheneOS will still be there |
| |
| ▲ | tiku 2 days ago | parent | next [-] | | Why is it so hard to run virtual android on your Android as a sandbox for these kinds of things. | |
| ▲ | whatshisface 2 days ago | parent | prev [-] | | Since the right people are here, can anyone explain to me why its so hard to "root" (in reality, obtain basic filesystem / networking etc. control) with that OS? | | |
|
|
| ▲ | akimbostrawman 18 hours ago | parent | prev | next [-] |
| >as I would expect the EU to force Google to ban the non-spying version from the app store If you expect hostile action by Google you should also expect the rootkit that is google play services to also do that. Which means in both cases the solution would be to use a actual open source mobile OS based on AOSP. |
|
| ▲ | fifteen1506 2 days ago | parent | prev | next [-] |
| Slow heating boils the frog. Move now to alternatives. If you must use Android, GrapheneOS with Sandboxed Play Services. |
| |
| ▲ | zelphirkalt 2 days ago | parent | next [-] | | It already took a mountain of resisting the network effect to get at least some half of my friends to chat with me on Signal. The chances to get them to move to something more obscure, that has any additional friction is low and the effort in convincing them will be high. That's not to say I won't try, but man I hope it doesn't come to that. | |
| ▲ | asah 2 days ago | parent | prev [-] | | > If you must use Android the reasonable alternative being... ? | | |
| ▲ | frm88 2 days ago | parent | next [-] | | For people looking for a new phone it could be either Jolla [0] or Fairphone 6 [1]. Both come with their own OS. [0] https://jolla-devices.com/sailfish_devices/ [1] https://shop.fairphone.com/de/the-fairphone-gen-6-e-operatin... | | |
| ▲ | slmkbh 2 days ago | parent [-] | | Fairphone os _is_ android... | | |
| ▲ | frm88 a day ago | parent [-] | | Yes, you're correct. With Fairphone 6 and eOS they completely degoogled, tho - at least that's the claim. |
|
| |
| ▲ | fifteen1506 2 days ago | parent | prev | next [-] | | You got me. None. I do wish ubports + waydroid would be a reasonable alternative -- but it's wishful thinking. | | |
| ▲ | bboygravity 2 days ago | parent [-] | | My only hope is Tesla bringing out a phone with it's own OS at some point. | | |
| |
| ▲ | fsflover 2 days ago | parent | prev [-] | | GNU/Linux phones. | | |
| ▲ | TeMPOraL 2 days ago | parent | next [-] | | Name three? Unfortunately, "reasonable" generally means "can do the things typically done with smartphones these days", which include things like banking, media streaming, and civic stuff - things mediated by the very systems whose vendors aren't just embracing remote attestation, but actually driving its proliferation. For better or worse[0], this is not a technical problem - it's a social/political one. Technology created it, by making remote attestation possible - but the actual problem is with why companies want to use it. -- [0] - Definitely worse. Technical problems are easy. | | |
| ▲ | incompatible 2 days ago | parent | next [-] | | Maybe you need two phones then, one for the civic stuff and the other for private communication. | | |
| ▲ | TeMPOraL 11 hours ago | parent | next [-] | | I don't care about this kind of private communication. I care about automating and debullshittifying my life, which includes stuff like banking and civics. I didn't learn to program computers so I could use it to shitpost more privately. I learned it so I can make machines deal with things for me the way I want them to. | |
| ▲ | tiku 2 days ago | parent | prev [-] | | Perhaps just websites for communication then, through tor or some other protocols. |
| |
| ▲ | fsflover a day ago | parent | prev [-] | | > Name three? Openmoko, Pinephone, Librem 5 |
| |
| ▲ | concinds 2 days ago | parent | prev [-] | | Are there any that aren't laughably insecure? No? Oh well. | | |
|
|
|
|
| ▲ | rdm_blackhole 2 days ago | parent | prev [-] |
| Google won't have to ban the non-spying version of Signal, Signal will simply cease to operate in the EU. That's what the Signal CEO said in an interview. |
