Forgive me if this is an obvious stupid question, but with all this talk (again) about the EU trying to force chat platforms to check the content of its messages, I can help but think: how are they ever going to prevent me and my friend from sharing public keys and using them to encrypt our messages to each other? In other words: how are they ever going to be able to ban encryption?
They probably won’t bother actually enforcing a ban against you and a buddy using PGP by hand. What they don’t want is normies encrypting everything so they lose the ability to casually spy on the masses. At the point at which they care enough about you personally to notice you’re using PGP, you’ve already “committed suicide.”
Ham radio in the US has restrictions on sending encrypted data over ham frequencies.
They can’t stop you, they probably won’t even catch you unless you are egregious about it. But if they do catch you, it’s like a $10,000 fine.
I think the whole world is quickly moving closer to China’s model. Everything that gets encrypted will need the government’s key on it anything they can’t decrypt will get blocked.
You basically set up some rules at the backbone level looking for suspect traffic. They could now have AI review the suspect traffic and try to tell if what’s going on is viable data or nonsense words/coded messages. All communications will need to be identified. None of the blocking would work real time but once they know who’s sending it in think that you’ve sent some stuff that you shouldn’t be sending they could just turn you off.
I read an article somewhere recently where AI was able to tell if an image was being used with even the most advanced steganography with a fairly high reliability.
They’ll never be able to stop people from privately communicating at small scale, But man will there be some watch lists.
Thanks. 😥
deleted by creator
The same way they prevent you from transmitting any other illegal content: they fine you and/or throw you in jail if they know you’re doing it.
It’s trivially easy to detect encrypted messages just by measuring the entropy of each message. A messaging provider would just turn you in if they detect it.
You could probably get away with peer-to-peer messaging, but your ISP would be able to detect that you’re using unapproved encryption and then turn you in to the government.
Thanks. And fuck this.
They can’t stop you. But they can criminalize your behavior.
It becomes yet another tool in the toolbox, if you become a person of interest, the tool comes out and they start hitting you with it.
The fact that it’s impossible to implement isn’t important.
That’s exactly what makes the proposed regulation so absurd. If you’re not completely tech illiterate, you’re gonna use whatever fork of your FOSS software of choice to keep communicating securely. This regulation is just a very obvious data grab for the whatsapp users that are too lazy to switch.
whatsapp is not meaningfully e2ee
please share
It’s closed source. So it’s impossible to verify Facebook doesn’t have you pkey and goes MitM.
They say they don’t, but you can only take their word for it.i guess that fb does store keys after all; they do respond to police requests
i also found this: https://www.reddit.com/r/privacy/comments/v7tsou/is_whatsapp_lying_about_its_endtoend_encryption/
Encryption in WhatApp is actually a fake, because the encryption keys are generated and stored on Facebook’s servers, accordingly, they can read any of your messages as plain text, and the intelligence services obviously have access to them.
Also a few months ago there was a leaked slide from an FBI training course or something where they compared different messengers in terms of how well they cooperate with the police, guess who came first ?
WhatsApp provides data to the police in near real time (about 15 minutes from the time of the request)
The message from WhatApp at the beginning of the chat - that your data is not available to third parties is the height of hypocrisy.
In what sense? It’s encryption is based on that of Signal. Are you referring to metadata? I also avoid whatsapp, but not because of the encryption.
Even if it’s based on Signal’s encryption, it doesn’t mean it’s implemented as it is in Signal.
Exactly.
They generate the keys, that’s all you need to know in order to know that it isn’t secure.
If you have a deck of cards, you have the ability to send securely
They would have to regulate the clients that you and your friend use. So if you do it with pen and paper they can’t do anything about it.
You don’t even have to do it with pen and paper. You can install whatever operating system and software you want on your computer. If blocking certain resources on the internet is an issue, you could torrent public keys, use tor, use i2p, or worst case scenario deliver a USB drive to your friend’s door.
One time pads can be used in public message apps or irc nothing they can do about it
Yup
