Another month, another attempt: Even though Hungary had to cancel the latest EU Council’s vote on the Child Sexual Abuse (CSA) Regulation in June 2024 because there was no majority among member states, it tried again this Wednesday - without success. The tipping point was that the Dutch secret service clearly issued their opinion on the enormous threat to everybody’s security should end-to-end encryption be weakened. Encryption is paramount for the digital resilience in Europe.

  • fluxion@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    ·
    2 months ago

    Client-side scanning - if required by law - would ask tech companies to scan communications for illegal content on the client before the encryption takes place and send suspicious content to the authorities. The Hungarian Presidency claims that this can coexist with end-to-end encryption, but this is fundamentally untrue.

    JFC.

          • model_tar_gz@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 months ago

            You can scan before the encryption step. It defeats the purpose of the encryption such that only the privileged actor gets plaintext while everyone downstream gets encrypted bytes, but technically it’s possible.

            It’s only a matter of time until a vulnerability in the privilege is found and silently exploited by a nefarious monkey, and that’s precisely why adding backdoors should never be done.

            • rottingleaf@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              2 months ago

              Yes. Just like saying that Microsoft and Google don’t have a monopoly, or, for Americans, that modern automatic weapons are “not what the founding fathers intended”, or, of what I care about, that Artsakh is “legally part of Azerbaijan”.

              Politicians use the salami strategy, always. They’ll always milk to the bone every such detail as, for example, the fact that E2EE itself is not compromised here. It’s only spyware on the endpoints which everyone is going to be obligated to install.

              So fighting politicians we should never give up cards. Even if an argument is false, the very fact they have to fight it is good. Because otherwise they’ll be able to dedicate all their resources to fight the good arguments.