[HN Gopher] The EARN IT act is an attack on end-to-end encryption
___________________________________________________________________
The EARN IT act is an attack on end-to-end encryption
Author : jmsflknr
Score : 209 points
Date : 2020-03-06 17:13 UTC (5 hours ago)
(HTM) web link (blog.cryptographyengineering.com)
(TXT) w3m dump (blog.cryptographyengineering.com)
| motohagiography wrote:
| The risk of backdoors in encryption has changed since the last
| crypto wars.
|
| With Huawei entering the 5G market, all ostensible law
| enforcement encryption backdoors now become de-facto Chinese
| communist party backdoors because of the pervasiveness of their
| equipment, and that nations interception capabilities.
|
| The UK and Canada have approved Huawei to supply critical
| networks, and now end-to-end encryption on our personal devices
| is the _only_ thing preventing interception by Beijing.
|
| It also explains why the US president was so angry with Bojo over
| approving Huawei, because it means if the U.S. allows Huawei, it
| must also allow end to end encryption for citizens to protect
| themselves. The national security priority of mitigating that
| aggressive foreign interception capability for every business in
| the country should outweigh the special interest of law
| enforcement using victims groups as human shields.
| vkou wrote:
| > With Huawei entering the 5G market, all ostensible law
| enforcement encryption backdoors now become de-facto Chinese
| communist party backdoors because of the pervasiveness of their
| equipment, and that nations interception capabilities.
|
| How is this different from those backdoors being CIA/NSA
| backdoors, when that equipment was made by US vendors?
|
| Nothing fundamentally changed. We should be building protocols
| that don't require us to trust the underlying network.
| jszymborski wrote:
| > The UK and Canada have approved Huawei to supply critical
| networks,
|
| If you're referring to 5G, Huawei has yet to be given a green
| light in Canada. Perhaps you're referring to some other
| infrastructure, however.
| mrybczyn wrote:
| You mean other than Huawei 5g being chosen and deployed (or
| about to be) at Telus 1 of the 3 major carriers?
|
| And the fact that both Telus and Bell use Huawei for their
| 4g/LTE networks?
| dblohm7 wrote:
| That does not mean that the government has approved it. In
| fact, the telcos are freaked out right now that the
| government will say no and force the telcos to replace the
| Huawei stuff.
| seemslegit wrote:
| FB and google aside - why does something like signal need section
| 230 protections to operate ?
| unnouinceput wrote:
| World-wide? It doesn't. In US? it does. Also once Google will
| obey to out Signal from their store, usage will decrease (and
| is not a wide usage currently to begin with).
|
| Short-term effects? Power back to surveillance / power
| grabbers. They don't care about CSAM, they care about
| money/power.
|
| Long-term effects? Like dark web, Signal (or something similar)
| will be used mostly by criminals, so EARN IT will fail it's
| "honorable" goal 100%, while achieving its hidden goal (strip
| privacy from ordinary citizen).
|
| Also this will accelerate Splinternet. The future looks bleak,
| welcome to it.
| seemslegit wrote:
| Why does it need them in the US ? - From what I understand
| section 230 protects a company from lawsuits related to
| content posted by their users, signal is not a content
| platform as it does person-to-person communication
| Klonoar wrote:
| Signal also doesn't retain the content, I believe, which...
| well, if it's more or less auto-killed, there's no
| argument, no?
|
| Note that I don't support doing away with Section 230, but
| I find this train of thought interesting.
| toss1 wrote:
| Obviously, as TFA describes, this is a huge end-run to create a
| problem.
|
| But, would this leave a loophole for text-only and/or highly
| bandwidth-limited communications to remain end-to-end encrypted?
|
| If you cannot sent a photo, audio or video, kind of hard to send
| CSAM material, yet end-to-end real-time SMS type messages are
| still somewhat useful in many instances (better than nothing).
|
| Anyone with more detailed info?
| ISO-morphism wrote:
| Base64 encode, no such thing as text-only.
| toss1 wrote:
| Good point, but if you bandwidth-limit and message-size-limit
| the channel to something like the speed of a world-record
| typist, sending a Base64 encoded pic of any good resolution
| would take days rendering it essentially useless for that
| sort of thing.
| DuskStar wrote:
| And now you've blocked me copy-pasting my novel's
| manuscript...
| cassalian wrote:
| I have a feeling that the EARN IT act will pass based on that it
| so cleverly disguises it's ability to ban end-to-end
| encryption... I imagine most elected officials will hear
| something like this:
|
| Person explaining: "It's establishes a committee to make sure
| people are using best practices to ensure child pornography etc
| isn't being distributed on their platforms"
|
| Elected official: "Hmm, it actually sounds like this will help
| the children!"
|
| Maybe it's just me _shrug_ , but I have little faith in our
| elected officials to parse out the ramifications to encryption
| based on how the act is written.
| tapoxi wrote:
| >I have little faith in our elected officials to parse out the
| ramifications to encryption based on how the act is written.
|
| Then its your duty to contact your Senators/Representative.
| It's not hard.
| bilekas wrote:
| There is another reason its not really effective to try to ban or
| even limit e2e encryption. If you're intentions are nefarious,
| and you have a group that you need to communicate with, you will
| just implement the encryption yourself. Or buy burner phones etc.
|
| Honestly, with my cynical hat on, I feel this is actually being
| pushed by the marketing and advertisement lobbyists, such as
| Facebook, google and others, in order to data mine for
| advertisers into your communications..
|
| Maybe my tinfoil hat is a little bit too big, but I really use
| encrypted communications so that at least there is one dialogue
| that's not being warped into advertisements for me.
|
| I genuinely fear for future generations privacy, in all regards.
| It's worrying and it really does deserve more attention. It's so
| crazy to my younger nieces and nephews that when I was their age,
| I didn't have a phone. It blows their minds. And I'm only in my
| 30's.
| ta999999171 wrote:
| It's not too big. Metaphorically.
|
| Realistically, it will amplify signals/readings, so, it's
| outdated.
|
| Anyway, what happens when messaging with ciphertext becomes
| illegal?
| fenwick67 wrote:
| Also One-Time-Pad is uncrackable and dead simple to program and
| you can do it with pen and paper. The cat's out of the bag for
| the baddies.
| gph wrote:
| I've seen OTPs described as being a replacement for e2e
| encryption before, but I just don't see it as actually usable
| outside of large established organizations (NSA, cartel,
| etc.) to use for passing short text messages. And even then
| the usability seems cumbersome enough that they'd only use it
| when strictly necessary.
|
| Am I missing something?
| aianus wrote:
| I don't see why it's limited to short text messages.
|
| Your pre-shared OTP can be a rack of 8TB hard drives
| delivered to an embassy by the Marine Corps which covers a
| whole lot of documents and media before it's exhausted.
| bilekas wrote:
| Looks like a legit solution to me!
| bilekas wrote:
| Exactly, the problem for the baddies has been solved since at
| least 1882 (Frank Miller iirc: __Edit Wiki says yes __). So
| this argument about security is obviously just what
| information they 're getting.
|
| You can't blame someone for not knowing what they don't know,
| but lawmakers are supposed to enact laws based on the benefit
| for their citizens. Seems not to be the case here.
| squarefoot wrote:
| I might be playing Captain Obvious here, but anyway, this
| worldwide coronavirus pandemic state of panic is the best
| possible scenario in which corrupt politicians in any country
| could enact restrictive laws or do nasty things while their
| citizens look elsewhere. If they were waiting for a good mass
| distraction weapon, well, this is it.
| carapace wrote:
| > The new bill would make it financially impossible for providers
| like WhatsApp and Apple to operate services unless they conduct
| "best practices" for scanning their systems for CSAM.
|
| I'm okay with that, as long as e2e isn't actually banned.
| cfv wrote:
| As the author states, encrypting your data impedes scanning it,
| so any encryption that is actually worth anything inmediately
| puts them at fault, so it wont be applied.
|
| Any unmonitored user upload is at risk here.
|
| This is dark.
| andrewflnr wrote:
| Is there any real evidence that restricting distribution of CSAM
| creates better outcomes for victims? More to the point is there
| evidence that increased aggression in enforcement of CSAM
| possession laws produces proportionately better outcomes? I would
| expect the ROI curve to go flat pretty quickly.
| mindslight wrote:
| It's a hot button for lawmakers because they want the privilege
| reserved for themselves. I mean that is why these psychopaths
| lust after power over others, right? To partake in what money
| cannot buy.
|
| It's similar cognitive dissonance to homophobic agendas being
| pushed by closeted politicians.
| wilkystyle wrote:
| The argument from those in power against encryption is mind-
| bogglingly stupid, and I don't know if it is due to an extreme
| ignorance, or because of a lust for the power and leverage that
| mass surveillance grants a governing entity (I suppose it could
| be both?)
|
| Regardless, using the argument of child pornography and sex
| trafficking is an emotional play, and it is solely designed to
| resonate with those who also do not understand the technology.
|
| If this same argument took another form, e.g. if this were an
| attempt ban walls made out of non-transparent material because
| opaque walls allow child abuse to occur hidden from sight, the
| obvious violation of privacy would be evident to the average
| person.
|
| What inevitably happens with laws that create such a drastic
| power imbalance between your average citizen and the governing
| entity is that those with power and status are exempt.
| duxup wrote:
| Not even the governing entity...
|
| ALL the governing entities, or any entity with bad intentions,
| because whatever magical backdoor or whatever are available
| will surely leak and in that case everyone is at the mercy not
| just their own government (let's say they're responsible folks)
| but other government groups who do not care what happens to
| anyone outside their borders....
| throwaway55554 wrote:
| > The argument from those in power against encryption is mind-
| bogglingly stupid...
|
| Is it, though? I mean, most people think all sorts of bad stuff
| happens on the internet, so playing to those emotions would
| garner more support.
|
| > ... extreme ignorance, or because of a lust for the power and
| leverage...
|
| The latter. They believe that tech companies have too much
| power right now.
| TrueDuality wrote:
| The funny thing is that true end-to-end encryption actually
| weakens the power a lot of tech companies have. That content
| isn't available for them to scrape.
|
| By mandating that the encryption can't be end-to-end
| guarantees these large companies access to private data they
| wouldn't otherwise have. Data they can then use for their own
| gain. When people complain that they have that access,
| they'll now have the excuse the government made them do it.
| cjfd wrote:
| Whether or not the tech companies have too much power does
| not sound like the most relevant question here. The lack of
| power of citizens of communicate privately is the more
| worrisome thing. And maybe some random person is right to say
| that all of his communications are not something to hide. It
| becomes something else if lawyers and journalists can't
| protect their communications. If the state cannot suffer that
| it is rather likely that it is engaging in dirty business
| that it wants to hide, as pretty much all of them are.
| CJefferson wrote:
| Encryption isn't like transparent walls in my opinion.
|
| In the real world, the police can get into anywhere, and get
| basically any physical object, once they have a warrant. Most
| people seem to agree that is reasonable -- I don't think there
| is a big push for an easy way for people to hide physical
| objects from police.
| saber6 wrote:
| > The argument from those in power against encryption is mind-
| bogglingly stupid, and I don't know if it is due to an extreme
| ignorance, or because of a lust for the power and leverage that
| mass surveillance grants a governing entity (I suppose it could
| be both?)
|
| The people we are talking about are not stupid. We both know
| which reality is true, as sad as the admission feels.
| bilekas wrote:
| > using the argument of child pornography and sex trafficking
| is an emotional play
|
| It is and it's used everytime something like this comes up
| actually. But if you take it for what it is; most of the
| lawmakers don't fully undersand what their deciding on, so they
| depend on lobbyists for their info and unfortunately, they're
| always just interested in making money, so the lawmakers get a
| skewed view and some nice talking points. I'm not sure if I
| feel bad for them or just be confident that the next generation
| of life long politicians might be people like us who are aware
| of this problem and enact laws to protect privacy.
|
| The old pendulum that swings example.
| inetknght wrote:
| > _just be confident that the next generation of life long
| politicians might be people like us who are aware of this
| problem and enact laws to protect privacy._
|
| Do you want a pay cut? I don't want a pay cut. Unless we take
| a pay cut and go become a elected, it won't be people like us
| who are the next generation of life long politicians.
| bilekas wrote:
| Personally, no, I'll be the first to put my hand up and say
| I don't have the patience to try and deal with the
| bureaucracy but I do believe that there are some people who
| go into politics to genuinely make a difference and improve
| the society. As cynical as we can be about politicians, for
| sure there are people out there who would just like to
| 'fix' things. - Usually the roadblock to that is the
| interest bodies with influence.. It's annoying at best, but
| I hold out hope..
| Klonoar wrote:
| Has there been any public statement from Apple, Google, and
| assorted companies? I'd imagine they have to be concerned about
| this.
|
| This one feels kind of weird in that I'm not seeing the same
| level of uproar/pushback as I've seen in the past, which is a
| slightly frightening bit.
| cft wrote:
| If one of them is behind on encryption relative to others it's
| a competitive disadvantage. If all of them are forced to
| abolish encryption it's a welcome opportunity for better ad
| targeting . Additionally this increased regulatory and
| technological burden is a good start-up deterrent. What's not
| to like?
| Klonoar wrote:
| The bill is specifically going after Section 230 on the
| surface, though, which I would think would be of more
| immediate concern to them. Most blog posts even note that the
| encryption aspect is being targeted as a run-around.
|
| I'm willing to entertain the logic, sure, just not sure I
| agree with it. Feels like there's more at stake for them
| (collectively) here.
| ctoth wrote:
| Please won't someone think of the children?
| bostik wrote:
| I'd like it if someone actually thought of the adults, for a
| change.
| clarry wrote:
| > So in short: this bill is a backdoor way to allow the
| government to ban encryption on commercial services.
|
| I'm all for this. Suddenly people in tech would have to start
| taking free & open source decentralized services seriously
| instead of lazily relying on Google and Facebook while
| complaining about how evil they are.
| danShumway wrote:
| We want decentralized systems so that people will be more free.
| Giving up freedom in order to get them is completely
| counterproductive.
|
| Decentralized systems aren't nothing; they're more resilient
| against these types of attacks than the alternatives. However,
| decentralized systems don't _welcome_ these attacks any more
| than anybody else does. These attacks still hurt us, and they
| still make our life harder -- China isn 't _more_ free because
| its centralized services are all back-doored.
|
| There's a (thankfully fringe) group of people who keep saying
| that if Section 230 goes away everyone will just switch to more
| Open protocols and it'll be fine. But this is painfully naive;
| a pseudo-requirement to backdoor communications will make it
| harder to build Open platforms and onboard users, because no
| commercial host will want to touch a platform that exposes them
| to liability. Getting rid of Internet freedom turns the people
| using these systems into criminals, which will make Open
| platforms much more dangerous to use, much more risky to
| sponsor, and much harder to advertise or develop.
|
| What happens when you go to host your private encrypted email
| on Linode, and Linode says, "no, because then we can't scan
| your server for CSAM"? What happens when the Matrix org tries
| to set up a free server to onboard new users and the government
| prosecutes them? What happens when every user running a Tor
| exit node becomes liable for content traced back to that IP?
| What on earth makes you think the DOJ won't prosecute hosts of
| Open services?
|
| There are so many ways this law can go wrong, and so many ways
| it can be expanded from here to shut down the projects you
| think it's helping.
| clarry wrote:
| > There are so many ways this law can go wrong, and so many
| ways it can be expanded from here to shut down the projects
| you think it's helping.
|
| It'd have to be expanded by a ridiculous amount. To the point
| where it's practically speaking illegal for anyone to run
| non-approved software on their computers, if it can send
| messages over the internet. I'm not saying they wouldn't try
| that, but in practice it's completely unrealistic. Which
| means, at best, it'll be a law that criminalizes everyone and
| nobody really cares.
|
| Hilariously, the same tech behemoths that people give up
| their freedom to are doing everything they can to push us
| into the same exact situation, with their walled gardens and
| power asymmetry that allows them to squeeze out competition.
|
| > But this is painfully naive; a pseudo-requirement to
| backdoor communications will make it harder to build Open
| platforms and onboard users, because no commercial host will
| want to touch a platform that exposes them to liability.
|
| If you play your cards right, these "platforms" are more like
| internet routers and load balancers that facilitate message
| exchange between computers. You build your platform on top of
| this technology. Banning the technology would be akin to
| banning TCP/IP+TLS or UDP+DTLS. I don't see hosting providers
| having a case for banning encrypted transport protocols. And
| the law in question doesn't go that far; again, for it to go
| there we'd need a law that virtually bans all encrypted
| message exchange on the internet.
|
| > What happens when the Matrix org tries to set up a free
| server to onboard new users and the government prosecutes
| them?
|
| Once decentralization becomes a thing techies care about
| because they need it, I'm sure we can spread software by word
| of mouth just like we did back in the early days of Kazaa,
| DC++, Torrents, etcetra. In fact that's pretty much how
| software gets adopted today. You only need faddy & flashy
| onboarding when you're trying to growth hack a product that
| has no intrinsic demand for it. We'd be way past that point.
|
| > What happens when every user running a Tor exit node
| becomes liable for content traced back to that IP?
|
| That's already something you should worry about if you're
| about to run a Tor exit node. I don't recommend it.
|
| Exit nodes are just bowing down to the centralized clearnet.
| A proper decentralized network is one where the exchange
| stays within, and doesn't rely on a single point source as a
| hosting node that can be taken down. If a message is in the
| network, it can be anywhere, and it can and will replicate
| itself if requested.
|
| > What on earth makes you think the DOJ won't prosecute hosts
| of Open services?
|
| The easy way out for them is that everyone uses the same
| handful of services provided by a handful of tech behemoths.
| Then they only need to prosecute those, if they don't play
| along. That's largely where we've been headed, and I think it
| really sucks, because I lose my freedom and privacy both to
| these tech companies as well as their government.
|
| If individual people started participating in a network and
| hosting their own nodes, the situation becomes much harder.
| If they seriously tried to prosecute everyone, it'd end up
| being much like the neverending war on drugs (or piracy or
| similar). Except that in this case, you wouldn't be up
| against just potheads and kids downloading movies, you'd also
| be up against professionals (and not only in tech) keeping
| their comms confidential. But everyone, individually, is a
| small fry, so fighting a legal battle against everyone is
| very nonproductive, unlike slapping one megacorp with
| millions in fines they can actually pay.
|
| The status quo is terrifying, and it is not getting better
| because even technical users are too lazy to care if they
| don't have to. If I move to decentralized services that try
| to provide freedom and anonymity, I'm just isolating myself
| from everything else and simultaneously painting a target on
| my back. That's because these things do not have enough
| mindshare, and they will never have enough mindshare when
| techies just encourage everyone to keep using google & fb &
| co.
| pat2man wrote:
| Couldn't Apple and Google just ship a client side model for
| detecting certain images and apps could use it to detect CSAM
| without leaving the device?
| SkyBelow wrote:
| How long before someone extracted the algorithm and turned it
| into an application to test images before they are shared?
| Could even use it as a benchmark for software to hide from
| authorities.
|
| One thing to remember is that "The Net interprets censorship as
| damage and routes around it." applies regardless of how
| agreeable the censorship is.
| bostik wrote:
| The US regulators are painfully aware of device rooting and how
| it allows to subvert any client-side security measures.
|
| Disclosure: I have been dealing with certain state regulators
| and their morbid fear of forged geo-location data for a number
| of months. It would be inane to assume other regulators would
| be any less informed about the threat vector.
| kodablah wrote:
| Linked to from the article:
| https://blog.cryptographyengineering.com/2019/12/08/on-clien...
| throwbackThurs wrote:
| It's also very easy to implement your own client side encryption
| methods with wrappers around service provider APIs. Sure they may
| be private APIs but if people are desperate libraries and apps
| will appear to do this.
|
| Really anyone who wants to encrypt data WILL, the algo ithms are
| public knowledge, it ain't going anywhere.
|
| Why is the English speaking world becoming so authoritarian in
| its policing of its people? This isn't going to end well, I
| honestly believe the English Empire is burning right now.
| tboyd47 wrote:
| How do you figure? The word "encryption" doesn't appear anywhere
| in the bill.
| faeyanpiraat wrote:
| Couldn't homomorphic encryption be part of a possible solution to
| enable end-to-end encryption and server-side scanning aswell?
| nullc wrote:
| Fully homomorphic encryption doesn't provide an ability to
| operate on encrypted data and get a decrypted output. It is
| also absurdly slow, with order-of-magnitude performance of a
| minute per and-gate in the operation being performed.
|
| But, lets forget the terms you used and consider the question
| of "can fancy crypto do something here"?
|
| A protocol could be created using a zero knowledge proof and a
| private set intersection that could do the following: I compute
| the hash of a file, blind it, and then submit it for you to
| query against a secret database of naughty hashes (Private set
| intersection / Private information retrieval). Then I encrypt
| the file, send it, the opened intersection result, and a ZKP
| that the encrypted file has a hash corresponding to the query.
|
| The server only learns if the encrypted file was a hit on your
| database, it doesn't even learn the file's hash if it wasn't a
| hit. If the private intersection scheme is setup right the user
| doesn't learn if it was a hit or not.
|
| Assuming the naughty hash databases was reasonably small (like
| tens of thousands of items), and users were assumed to be on
| very fast smart phones or desktops... then could actually this
| could have workable performance with existing tech-- on the
| order of tens of seconds processing on the client, milliseconds
| on the server.
|
| But, this kind of scheme is pointless: I just make a one bit
| change to every file I send and it'll never match. You could
| invoke some kind of fuzzy match but then false positives are a
| real problem, the fuzzy hashing is a lot more expensive to
| perform inside the ZKP (now you need every user on a 8 core
| desktop), and the fuzzy matching is prohibitively expensive
| inside the private intersection (so the server side scales
| poorly).
|
| You could go further and make it so that the server could
| decrypt the entire file if and only if there was a fuzzy match
| (and still, the user still can't tell if a match happened)--
| but even that would create really bad incentives to stuff the
| database with false-positive producing data (or just loads of
| legally protected speech which they'd like to covertly
| monitor). You couldn't make the database public and transparent
| without distributing the naughty-data yourself and without
| making it easy for users to self-censor anything that might
| match.
|
| ... and that kind of supercharged scheme is also still easily
| defeated by just pre-encrypting the data.
|
| So you'd have a system that was absurdly expensive to create,
| expensive to operate (both for the client and server),
| extremely non-transparent due to its complexity (even if it was
| open source) and private database, and would have extremely
| limited ability to do its job. Users would be subjected to an
| uncertain and non-transparent level of non-privacy. To me that
| seems more dystopian than a transparent "we're gonna watch
| everything you do", at least with a simple surveillance state
| you know where you stand and you'll refrain from complaining
| about Dear Leader online, where it might result in you ending
| up in a prison camp.
|
| The whole discussion misses the point that the real goal of
| these systems isn't to protect children, stop child porn, etc.
| (which, as awful as it is, is essentially a rounding error in
| the risks we face) the real purpose it to subject the
| population to pervasive whole-take retroactively accessible
| surveillance.
| seemslegit wrote:
| No, by definition allowing a 3rd party to derive any
| information about the semantics of the content means it's not
| end-to-end encrpytion or not a two-way communication (the 3rd
| party is assumed to be trusted)
|
| Also - this is hardly the point.
| jagged-chisel wrote:
| Perhaps. What's the state-of-the-art in homomorphic encryption?
| I only recall vaporware, platitudes, and non-starters in the
| last year.
___________________________________________________________________
(page generated 2020-03-06 23:00 UTC)