Discussion in 'Article Discussion' started by bit-tech, 1 Aug 2017.
Incredibly insidious behaviour.
We are at least fortunate that the less-real people who care about encryption are the ones who write all of our software!
"Think about the kids"...
Why, oh why, do people who know nothing get to be in charge
Maybe she should have talked to someone who understands the basic principle of encryption before running her mouth.
I've not read the original article (paywall) but has Rudd just pulled out the classic 'if you've got nothing to hide' argument?
Not quite. She's pulled out the "well the plebs are stupid and don't know what it is so why have it?"
"Why won't everybody just think of the little hashtags ..."
She should get together with Turnbull
I wonder if someone could convince Rudd that wingdings is encryption.....
Wouldn't surprise me. I wouldn't have an issue with what they are proposing normally but due to governments recently using "targeted" warrants a little too loosely i don't trust them. I agree there probably should be some sort of system for LE to investigate someone but they've been shown to abuse it far too much.
Having a problem with it or not is the smallest problem,
Lets say Corky42 and me use an encrypted messaging app developed by you to plot to break into the home of Amber Rudd and install Ubuntu on her laptop.
Now think about what you would need to do in order to be able to comply with a warrant:
1: You would need to decrypt and re-encrypt every single message sent. (effectively turning you into a "legitimate" man in the middle attacker)
2: You would need to store every single message sent. (after all you can't know in advance which messages you will potentially receive a warrant for)
3: You would need to be the authority of which governments to comply with (lets not pretend that if tech companies ended up complying in one country other countries wouldn't immediately demand the same access).
4: You would need to keep all data related to it safe from unauthorized access.
5: You would need to have a physical presence in every country where your messaging app is accessible (else the whole idea crumbles due to it being unenforceable)
Oh for sure. On a technical level it's ridiculous but i was under the impression Facebook messages could be obtained by LE. If not I'm 99% sure they used to be. At the moment I'm not 100% sure what LE can and cannot get. I'll need to do some research at lunch or when I've left bit-tech HQ for the day.
EDIT: Also, I wonder what Amber Rudd's thoughts are on asking establishments to ban visitors from wearing clothes so they can't easily conceal weapons?
The way I understood it she only brought up facebook in connection to encryption due to them owning whatsapp, not due to other stuff on facebook.
This might be a good time to run down some handy-dandy privacy-enhancing tools, before Our Glorious Leaders ban 'em all.
GNU Privacy Guard: an open-source implementation of Phil Zimmerman's Pretty Good Privacy (PGP). Bit of a pain to use, so...
Keybase: an also-OpenPGP-compliant cryptography thing with a neat socially-driven web of trust (basically doing away with the need for PGP-style key-signing parties) and cool software boasting instant messaging and 10GB of free cloud storage all end-to-end encrypted - and you can even encrypt stuff for people who aren't members yet, then it'll be automatically rekeyed when they join. Shared encrypted folder for all your friends, invisibly accessible on all their devices (mobile support due Real Soon Now)? Sure, why not.
AirVPN: no-logging privacy-guaranteed VPN run by crypto-nerds, compatible with pretty much any device out there and seriously affordable.
WhatsApp: end-to-end encrypted instant messaging for mobiles (and desktop via a web client) with video, audio, and file sharing capabilities. It's owned by Facebook, so if that is a no-no for you...
Signal Private Messenger: the original implementation of the end-to-end encryption WhatsApp uses.
HTTPS Everywhere: a browser extension which enables HTTPS where it would normally be disabled by default.
Privacy Badger: a browser extension which attempts to block web-based trackers.
There are millions more, of course, but that's a good start.
ehh. I've heard this way too many times in the past then logs magically appear under pressure from LE.
Given that it's a project founded by Pirate Party members and currently run exclusively by "activists, privacy, data protection and security issues aware persons" (from here, English is not their first language) and has never been caught supplying logs ('cos there aren't any), I'm willing to take them at their word.
Especially as you can audit the software they use - it's all open source - and sure enough, there's no logging.
Well then. I'm impressed. I'll look into using them. From my understanding VPNs that don't keep logs are shut down so I'm interested in what they're doing to stay up.
Phew! For a moment i thought she was saying just because she hid her offshore tax haven and involvement in a share ramped company didn't mean she was doing anything wrong, instead she said as people don't understand those sorts of things she shouldn't have them.
Besides hasn't Rudd already answered her own question? She says "real people" don't care about encryption but terrorists do, if that's the case then won't "real people" continue using systems that the government can read while the terrorists will just move to ones they can't.
made me laugh
We need to regain sovereignty over our own laws, the laws of mathematics have no place in a modern society.
Separate names with a comma.