307
top 45 comments
sorted by: hot top controversial new old
[-] Dasnap@lemmy.world 90 points 1 year ago* (last edited 1 year ago)

Tories really trying to cause as much harm as possible before they get voted out so they can blame the next party for mismanaging their mistakes.

Edit:

the U.K.’s Minister for Culture, Media and Sport simply re-hashes an imaginary world in which messages can be scanned while user privacy is maintained.

Those are literally opposites to each other.

[-] leraje@lemmy.world 24 points 1 year ago

It's not just the Tories, Keir Starmer has already tried to get VPN's included in the bill. Don't kid yourself its going to be any better when Labour get in.

[-] ChaoticEntropy@feddit.uk 16 points 1 year ago

Keir Starmer is just a colour blind Tory who put on the wrong sash.

[-] leraje@lemmy.world 10 points 1 year ago

No doubt, but he's very likely going to be the next PM. Even if the current proposed legislation doesn't get through the Lords or get scrapped or not implemented before the Tories get booted out, he clearly sees this sort of bill as a good thing and will introduce his own.

[-] hello_cruel_world@lemmy.world 4 points 1 year ago

Labour's authoritarian streak is slightly more than the tories. Only sightly, mind. Labour have zero intention of stopping or (if it goes through - it still needs to go through the Lords yet, and as I understand it, they're not as keen) if it goes into law: removing it.

[-] RagingNerdoholic@lemmy.ca 17 points 1 year ago

Tories really trying to cause as much harm as possible before they get voted out so they can blame the next party for mismanaging their mistakes.

That's the conservative M.O. It's literally the only thing they do.

[-] RobotToaster@infosec.pub 4 points 1 year ago

You're underestimating Starmer Chameleon's ability to snatch defeat from the jaws of victory.

[-] jkure2@lemmy.world 1 points 1 year ago

Plus starmer's gov would probably do something similar lol the man is a red Tory through and through

[-] troyunrau@lemmy.ca 70 points 1 year ago

I read the article, and it's hard to see how this would have worldwide effects. If anything, the companies with customers in the UK will: disable E2EE for chats with UK parties (likely warning the parties); leave the UK market rather than weaken their brand; or create a secondary product just for the UK. Consumers will continue to find workarounds provided the phones and computers are not fully controlled by the government.

The fact that the government would have to force client side scanning software onto phones and computers is probably the death knell of the UK tech industry. Either that, or so many exceptions will need to be added that the legislation would be ineffective. Can you imagine a Linux hacker recompiling their own kernel and then getting thrown in jail because they didn't enable the government scanning module?

[-] rockSlayer@lemmy.world 37 points 1 year ago* (last edited 1 year ago)

The reason it will impact security worldwide is that the UK is part of the "14 eyes" alliance, an alliance between the US, UK, Canada, Australia, New Zealand, Denmark, France, Netherlands, Norway, Belgium, Germany, Italy, Spain, and Sweden used to spy on citizens. This data from the 14 eyes is also shared with countries in strategic alliances, like NATO members not listed here, Israel, South Korea, Japan, etc.

Any encrypted data going to or through the UK will need to have this backdoor, exposing all encrypted traffic to this vulnerability while also sharing that data with foreign governments. Edward Snowden exposed that the US government was paying the UK government to spy on US citizens for the data. This is what will happen in the UK, but for people around the globe.

[-] pfannkuchen_gesicht@lemmy.one 20 points 1 year ago

They're up to 14 now? When did that happen? They used to be just 5.

[-] rockSlayer@lemmy.world 22 points 1 year ago

The 5 eyes still exist, they're like the "inner circle" of eroding privacy. I think it's no longer useful to just refer to the 5 eyes, because data about our personal life is shared with far more than even 14 governments

[-] eleitl@lemmy.world 11 points 1 year ago

VPN tunnels don't magically become transparent when packets pass UK fiber and routers. And legislation doesn't translate well into which software people are allowed to run, for endpoints in UK. They can try to become North Korea of course, good luck with that.

[-] rockSlayer@lemmy.world 4 points 1 year ago* (last edited 1 year ago)

I'm aware, but most software utilizing E2EE are maintained by corporations. If those companies want to operate in the UK, they will need to implement a back door, most companies utilize encrypted traffic to and from their server rather than E2E, and most people don't know someone outside of the UK able to create a vpn tunnel that isn't operated by a company. I'm willing to bet that the UK is also prepared to leverage lawsuits and warrants against individuals that write encryption algorithms without a back door, regardless of what country they live in. I'm willing to bet github and gitlab also don't want to take the risk in hosting encryption algorithms that don't comply.

[-] Steeve@lemmy.ca 8 points 1 year ago

They won't do that, they'll either turn off the option of E2EE or pull the app from the UK market if the app is entirely E2EE, because the UK market isn't big enough to be making worldwide demands like this.

[-] rockSlayer@lemmy.world 4 points 1 year ago

I generally agree, Apple has threatened to remove some apps from the UK market over this, so it's not like this will be accepted lying down. But the reality still exists that most things like VPN tunnels are operated by companies, so they can't legally operate in the UK without the backdoor. Overall, this will primarily hurt UK citizens, but this law threatens to impact everyone on Earth

[-] Rooki@lemmy.world 3 points 1 year ago

But are e2e from big corp REALY e2e? Like whatsapp? How many cases there were "Whatsapp Chats from the attacker showed that they were backed by terrorists" or so. Github.... was github EVER encrypted? or Gitlab? They dont want big corporation rather "small" open source like the matrix chats or other sorts of real encrypted chats.

[-] rockSlayer@lemmy.world 5 points 1 year ago

End To End Encryption (E2EE) is a very precise term meaning that something gets encrypted on your device and doesn't (usually can't) get decrypted by anything other than the destination. I don't know what they call it, but if Whatsapp calls it E2E then it's a misnomer. They encrypt to and from their central server, which is not E2EE.

[-] lazynooblet@lazysoci.al 4 points 1 year ago

WhatsApp claims it is true e2ee. Do you have evidence of it not?

[-] Rooki@lemmy.world -1 points 1 year ago

That what i said

[-] Steeve@lemmy.ca -1 points 1 year ago* (last edited 1 year ago)

Yes, WhatsApp is fully E2EE, there is no back door, Meta can't see or be forced to hand over your messages. I've never seen those headlines personally, but they probably got just got access to their phones.

I don't know about GitHub, is there any reason to believe it isn't encrypted?

[-] Rooki@lemmy.world 0 points 1 year ago

Whatsapp had been ever back doored. In germany there are so many news "Whatsapp chats show terrorist was a bad guy", "Facebook gave police chats of a suspect"....

If you really think even if it is really E2EE, does a data greedy company not have that encryption key? Are you really that Mainstream Apple fan?

Is there any reason to belive it IS encrypted?

[-] Steeve@lemmy.ca 4 points 1 year ago* (last edited 1 year ago)

Lol wait, so you're making the claim that an app that's widely known to be encrypted isn't encrypted because you made assumptions based on news headlines and you want me to prove it is encrypted? Well that hardly seems fair...

But sure, I'll do it anyways.

https://www.justsecurity.org/79549/we-now-know-what-information-the-fbi-can-obtain-from-encrypted-messaging-apps/

FBI themselves admitted they can't get messaging data from WhatsApp. At best they can get iCloud or Drive backups, but even those use full encryption now.

https://faq.whatsapp.com/444002211197967

In fact, WhatsApp straight up tells local law enforcement that no, you can't request messaging data.

But sure, yeah, let's go with your German headlines that I'm pretty sure you've misinterpreted.

[-] Rooki@lemmy.world -1 points 1 year ago

Whatsapp is NOT widely known to be encrypted of a privacy killing company. I really doubt that still. I have heard of Signal that they give no f*cks about law enforcements. But never Whatsapp. And we cant trust if they are just backdooring it for them and only in the dark giving them to the fbi. Do you really think that meta "encrypts" anything REALLY.

[-] Steeve@lemmy.ca 1 points 1 year ago

Whatsapp is NOT widely known to be encrypted

I work in this industry, yes, it is. Just because you don't know something doesn't make it not true.

I have heard of Signal that they give no f*cks about law enforcements.

No actually, they still have to respond to requests for metadata. They actually do very much give a fuck about the laws of the countries they operate in.

And we cant trust if they are just backdooring it for them and only in the dark giving them to the fbi.

They aren't, I literally just sent you proof of that.

Do you really think that meta "encrypts" anything REALLY.

Yes, because they do.

Man you're off your fucking rocker dude.

[-] Rooki@lemmy.world -1 points 1 year ago* (last edited 1 year ago)

Wow just another troll who doesnt understand when to stop. Who is a corporate fanboy who trust in big corporation not to f.. around and sell any data they have. As Meta or rather Facebook is very trustworthy not to sell your data ;). And again from someone from lemmy.ca

[-] Steeve@lemmy.ca 1 points 1 year ago

Riight, I'm the troll, because I'm responding with links and sources proving your bullshit wrong. Ok bud.

[-] rhombus@sh.itjust.works 14 points 1 year ago

I think the major concern is the idea of the government backdoor, any company that implements such a thing is adding a serious weakness to their product. I’m sure the major companies will probably find some other way to contain it to the UK (or leave the UK entirely), but some will opt for the backdoor to cut costs.

[-] AnonTwo@kbin.social 9 points 1 year ago

I'd imagine any company who needs their encryption to be taken seriously will openly remove encryption or the product entirely in the UK only.

Since otherwise all their customers would assume they added backdoors and compromised security....

[-] LexiconDexicon@lemmy.world 2 points 1 year ago

"I think the major concern is the idea of the government backdoor"

The concern is individual security and privacy, not the government getting what it deserves if that were to happen

[-] RagingNerdoholic@lemmy.ca 7 points 1 year ago* (last edited 1 year ago)

You're probably right, but the problem is the political precident that's set. Once a major western government codifies this into law, it becomes a little bit easier and more self-justifiable for other world governments to follow suit.

Every relevant player here needs to be swift and unequivocal about pulling out of the UK if this becomes law. It's needs to result in a PR disaster and loss of power for the UK government so the world can see what bafoons they are and no one else dares to make the same ill-fated attempt.

The tech industry has an ethical responsibility to unequivocally reject this.

[-] housepanther@lemmy.goblackcat.com 34 points 1 year ago

Don't you just love it when the justification for fascism becomes, "What about the kids?" I am not saying that this is necessarily the case in this instance, but it's a common refrain for breaking technology and taking away rights by the authoritarian state.

[-] Jackthelad@lemmy.world 23 points 1 year ago

"Of course we have to spy on you, there's terrorists out there".

[-] Mubelotix@jlai.lu 17 points 1 year ago

Truth is, terrorists can fight for freedom. Terrorism isn't always bad. As a french, I'm well aware of the need for revolt

[-] housepanther@lemmy.goblackcat.com 12 points 1 year ago

One man's terrorism is another man's freedom. It's all about perspective and what the person has to gain or lose.

[-] teft@lemmy.world 3 points 1 year ago

One man's terrorist is another man's freedom fighter.

[-] Dasnap@lemmy.world 4 points 1 year ago

Gotta love fighting terrorism by making terrorists more sympathetic.

[-] Peruvian_Skies@kbin.social 6 points 1 year ago

Terrorists and authoritarian governments are each others' greatest allies even though both pretend otherwise. Each one uses the other to endear itself to the people and justify atrocities that they would otherwise never get away with, all in the name of protecting you from the other one.

[-] MasterCelebrator@feddit.de 8 points 1 year ago* (last edited 1 year ago)

Well at least in the EU where simiar stuff is Plotted by politicians this is exactly their "Argument "

[-] hardypart@feddit.de 1 points 1 year ago

I am not saying that this is necessarily the case in this instance

It's literally stated in the article. And terrorism of course.

I didn't read the article. I fully admit that.

[-] UltraMagnus0001@lemmy.world 14 points 1 year ago

They really wanna know what porn we're watching don't they?

[-] Dasnap@lemmy.world 10 points 1 year ago

I can go and watch my femdom in the House of Lords if they really want me to. Hell, it might even add to the experience.

[-] uriel238@lemmy.blahaj.zone 12 points 1 year ago

Whenever law enforcement can scan your stuff to make sure it's safe, it can also be exploited by corporations, data harvesters, industrial spies (from competitors in your industry), and malware bandits.

You can't tell the software who the good guys are, only who the guys are who have keys.

load more comments
view more: next ›
this post was submitted on 27 Jul 2023
307 points (96.7% liked)

Technology

60123 readers
2781 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS