[HN Gopher] Signal threatens to dump US market if EARN IT act pa...
___________________________________________________________________
Signal threatens to dump US market if EARN IT act passes
Author : tzm
Score : 504 points
Date : 2020-04-09 17:58 UTC (5 hours ago)
(HTM) web link (uk.pcmag.com)
(TXT) w3m dump (uk.pcmag.com)
| aeurielesn wrote:
| Are companies afraid that opposing the Anti-Encryption Bill will
| automatically label them as in favor of online child
| exploitation?
|
| I'm honestly curious about why there's no widespread opposition
| to the bill yet.
| lonelappde wrote:
| Which companies? Most companies don't use e2e encryption
| because they read your data for ads. Apple, maybe?
|
| Big companies don't generally make ethical stands, and small
| companies can't afford to. Apple makes some stands but only to
| be competitive against Android.
| Barrin92 wrote:
| In general they seem to be afraid of standing up to the
| administration on virtually everything. Facebook in that regard
| seems particularly embarassing with Thiel on the board
| apaprently writing Facebook policy.
| IAmEveryone wrote:
| There are other methods of lobbying than just public, visible
| disagreement. They probably are registering their disagreement
| in private talks with people in congress.
|
| Facebook publicly coming out against this might not be helpful:
| most people just don't care. Those that (potentially) do care
| are far more likely to be mobilized by the EFF or ACLU, which
| they tend to trust. Facebook isn't the most trusted brand name
| in privacy, as far as I can tell. Their support might actually
| be detrimental for the cause.
|
| An open split of Silicon Valley and Republicans would also
| "politicize" the issue. Almost instantly, you'd have the 35% of
| Trump supporters galvanizing around the bill, even if they were
| previously ignorant or lukewarm on it. See the recent train
| wreck around Qunines-against-covid for a great example of this
| effect.
| hjkgfdfgh wrote:
| If Signal were federated, there would be no single entity to shut
| down. Alas...
| thanksforfish wrote:
| Given the amount of open source code already, it should be
| possible to clone.
|
| Edit: see below, server code is open. Keeping original text
| below:
|
| IIRC the server code is proprietary, but the clients are open.
| That's a decent starting point.
|
| https://github.com/signalapp/Signal-Android
| tialaramex wrote:
| A pile of separate Signal clones = zero interoperability =
| zero functionality. So that's why there aren't any.
|
| You could solve that by Federating, except... Federation
| would be lovely _if_ you could actually deliver Signal 's
| goals and do federation for free, but what we always see from
| proponents of Federation is that was their goal and so
| they're done. Oh you wanted _security_? Sorry, we federated
| everything, so you 'll need to get every single member of the
| federation on board with every single change you need, we
| know you can't get that done but that's fine because our
| priority was federating stuff, so we are successful, shame
| about your goals.
|
| As an example, somebody earlier in this thread mentions you
| can "just" know who is communicating with who anyway. Signal
| got rid of that, because they can, and it's a security
| improvement, so they put all the work in and did it. Now even
| Signal's own servers don't know who sent most messages!
| "Sealed Sender" means Signal has no idea who is sending this
| message to my friend Steve. Maybe it's me? No idea. It just
| has to be somebody who Steve allows to send him messages.
| Could be Steve loves spam and so it's a spammer. Could be
| Steve loves the AfD and so it's a Nazi. No way to know
| without reading the message which only Steve's Signal client
| can do.
|
| Now imagine trying to roll that out to a federated system.
| After years of effort maybe you switch it on, and then you
| find a bug and have to switch it off again for a few years
| while you fix that. Hopeless.
| int_19h wrote:
| But conversely, if legislation really succeeds in killing
| Signal in the entirety of US (and EU won't be far behind!)
| to the point where they're forced to use geo-IP blocks, the
| end result is still strictly worse off.
| correct_horse wrote:
| The server is also open source
| https://github.com/signalapp/Signal-Server
| ComputerGuru wrote:
| I get where you are coming from but given the walled garden
| there is no need to kill the severs. Merely blocking all
| clients from the Apple Store and the Play Store would
| accomplish the same thing, federated or not.
| mkup wrote:
| That's why it is essential for end user to have an ability to
| sideload apps to the phone (i.e. to bypass vendor's store).
| einpoklum wrote:
| Which they do. Well, on Android phones anyway.
| wyre wrote:
| Signal recommends downloading through the play store.
| They don't endorse downloaded apks
| ccktlmazeltov wrote:
| Your comment makes zero sense, let me explain: most people use
| signal through the iOS app. It is very easy to shut down an iOS
| app.
|
| Hope you got it!
| mirimir wrote:
| That'd be easy to fix, if Apple wanted to.
| pengaru wrote:
| > Your comment makes zero sense, let me explain: most people
| use signal through the iOS app. It is very easy to shut down
| an iOS app.
|
| If Apple users actually controlled the software running on
| their devices that wouldn't be an issue.
|
| A want for federated services complements a want for control
| over our computing.
| sudosysgen wrote:
| If you care so much about uncensorable resilient service you
| probably already use either jailbroken iOS or Android. And if
| you don't, then do. iOS has a 13% market share anyways.
|
| Hope you got it!
| ccktlmazeltov wrote:
| Sorry but iOS actually has a 60% market share in the US[1],
| which is the country we're talking about, hope you got it!
|
| [1]: https://lmgtfy.com/?q=ios+market+share+us
| eeZah7Ux wrote:
| Why the stupid downvotes? Signal's walled garden can be its
| demise.
| jplayer01 wrote:
| Signal is open source. If you want to develop and host your
| own Signal, go right ahead. You'd just be opening yourself up
| to the same problem facing the Signal Foundation. As it is,
| the Signal Foundation would suddenly be open to lawsuits, and
| they're the main developers of Signal.
| mirimir wrote:
| So don't be discoverable!
| mirimir wrote:
| If EARN IT passes, and if Signal wimps out, something tougher
| will replace it.
| djaque wrote:
| If you haven't already, please take the time to email your
| federal representatives. The EFF's tool [1] only takes a few
| clicks to use.
|
| [1] https://act.eff.org/action/protect-our-speech-and-
| security-o...
| SkyMarshal wrote:
| For reps that require it, which topic should we select for this
| - Science/Technology or Communications/Telecommunications/FCC?
| pc86 wrote:
| It would depend on the representative - if they're on
| committees related to one or the other, I'd select that one.
| If it's 50/50 I'd probably choose Telecom/FCC as that seems
| more technically accurate.
| thaumasiotes wrote:
| > The EFF's tool [1] only takes a few clicks to use.
|
| Your input is discounted at least in direct proportion to how
| little you sacrificed in order to provide it. If you really
| want to make an impression, telephone your representative.
| owenshen24 wrote:
| I attempted to call them today. All of their offices were
| closed due to COVID-19. I was unable to leave a message.
| shadowoflight wrote:
| > Your input is discounted at least in direct proportion to
| how little you sacrificed in order to provide it.
|
| If this were true, corporations would be completely ignored
| when they provided a measly few million dollars in campaign
| contributions...
| reaperducer wrote:
| _Your input is discounted at least in direct proportion to
| how little you sacrificed in order to provide it._
|
| One of my college roommates works for a congresscritter. He
| says, at least for his guy, written letters still have the
| most impact, followed by telephone calls. He didn't mention
| faxes.
|
| E-mail and social media are waaaay down on the list because
| they take the least effort and can be gamed so easily.
| sailfast wrote:
| Many of my reps have stopped providing phone numbers on
| their websites. Kinda cowardly, but it allows them to
| validate emails with addresses that come via their website
| from actual constituents.
| akeck wrote:
| I'll probably send certified letters in this case.
| ihaveajob wrote:
| Hand delivered.
| akeck wrote:
| I'll break out my calligraphy pen, ink, and sealing wax.
| egl2020 wrote:
| I use my owl.
| thanksforfish wrote:
| Don't let that discourage you if you've only got time to tap
| a few buttons. Better to send a weak signal than none.
|
| In either case, contact instructions are here:
| https://www.usa.gov/elected-officials/
| pc86 wrote:
| I take issue with the premise that there is anyone who
| _doesn 't_ have time to send a better signal? It takes all
| of about 4 minutes to call the Capitol offices of your two
| representatives in Congress. They'll get your name address
| and you can make it as quick as "I just wanted to let
| Rep./Sen. so-and-so know that I am for/against HB/SB 1234."
| and it's done. You will absolutely spend more time looking
| up their phone numbers than you will on the phone.
|
| You can do this while walking out of the office to the
| parking lot or metro station.
| mohaine wrote:
| I've heard this so many times but I'm not sure it is true.
|
| I helped with processing the results of a large government
| RFC for a large government aid bill (Farm Bill 201?) and the
| exact opposite was true. There were too many responses to
| individually read each one so the responses just got bucketed
| and counted. You could be fine with a one off response but it
| would be less likely to be bucketed correctly and would still
| only be counted once per bucket at most.
|
| To cover your bases I would always do the easy one click
| option and then write the handwritten letter as well.
| lliiffee wrote:
| I was a little apprehensive, but decided to try this. I
| called my representative as well as both senators. In all
| cases (3:30pm on a thursday) I just got a voicemail. I left a
| short message in each case. Nothing could be easier.
| hanniabu wrote:
| If you really want to make an impression, create a SuperPAC
| and donate millions to their campaigns.
| pas wrote:
| No, don't! After you've spent the money they'll do whatever
| they want. Instead, threaten to donate to their opponent if
| they don't bow to your will, then after roll call you can
| wire the money to them.
| StillBored wrote:
| Hehe, the only difference between what you and parent
| said, is that he is wiring it to their _next_ election
| campaign. Do it preferably in smaller sums so you can
| strong arm them multiple times before the next election.
| ipsin wrote:
| I was going to contact my senators. One of them is Dianne
| Feinstein, and... ugh, why is she always on the worst side when
| it comes to privacy? She's actually a sponsor of this thing.
|
| I've written her enough that I can already write my own reply
| from her office. Shorter Feinstein: "Thank you for your
| concerns, but you're wrong."
| coldpie wrote:
| > why is she always on the worst side when it comes to
| privacy
|
| Because she is a terrible Senator. Please, please, please
| stop voting for her already.
| catalogia wrote:
| She's 86 now and the next time she'll be up for reelection
| is in 2024. There's a good chance she won't be around long
| enough to ever lose reelection.
| yjftsjthsd-h wrote:
| > There's a good chance she won't be around long enough
| to ever lose reelection.
|
| No need to be so negative. Isn't it nicer to say,
| "There's a good chance that she won't win reelection*."?
| yingw787 wrote:
| I just filled it out! I didn't realize from the previous HN
| post Signal was threatening to leave the U.S. market
| altogether! I don't recall if they have ever done that before.
| So I'm taking this seriously.
| garyfirestorm wrote:
| Guns kill children!! Politicians - we need to defend ourselves
| and our rights. Keep the guns.
|
| Encryption is dangerous to children Politicians - yup...take it
| away guys.
| floren wrote:
| Feinstein, one of the co-sponsors of this bill, has a pretty
| good track record of going against _anything_ which could give
| power to the people rather than the government, including guns.
| Now, that didn 't stop her from being one of the only people in
| San Francisco with a concealed carry permit (up until 2012)...
| laws for _thee_ , but not for _me_.
| mirimir wrote:
| OK, instead of "dump US market", why don't they (or someone)
| create a clone that can't be fscked with? Maybe hybridize with
| Briar, or whatever. Take everything off clearnet, and have
| everything anonymous.
|
| I was thinking that Session/Loki was better protected, but the
| Loki Foundation is likely just as vulnerable.
| vibesngrooves wrote:
| With all the press around EARN IT, this would be a great
| opportunity for companies with even a mild focus on combating
| criminal activity on their platforms (Facebook, Mailchimp, etc.)
| to collaborate with bureaucrats and/or testify in congress.
|
| Thorn seems especially poised as mitigating child abuse is the
| essence of their organization. Whatever their stance, they appear
| to be an authority in the private sector spearheading technical
| efforts to combat child abuse. If any Thorn
| engineers/representatives - or any platform engineers focused on
| abuse prevention - are reading, I'd love to hear your take on the
| proposed legislation. It's imperative that we grant resources
| necessary to challenge such a horrific human issue without
| sacrificing our privacy and subsequent civil liberties
|
| For context... https://www.thorn.org/
| DenisM wrote:
| Interestingly, The term "interactive computer service" has the
| meaning given the term in section 230(f)(2) of the Communications
| Act of 1934 (47 U.S.C. 230(f)(2)):
|
| _The term "interactive computer service" means any information
| service, system, or access software provider that provides or
| enables computer access by multiple users to a computer server,
| including specifically a service or system that provides access
| to the Internet and such systems operated or services offered by
| libraries or educational institutions._
|
| It appears that a P2P app would be off the hook, at least for
| now, because there is no "server" in the picture.
| r3trohack3r wrote:
| > any information service, system, or access software provider
| that provides or enables computer access by multiple users to a
| computer server
|
| Wouldn't that mean every node on a P2P network would be
| considered a client, server, and interactive computer service?
|
| Another way of interpreting this, I think, is that everyone
| participating in a DHT or scuttlebutt network would be
| responsible for every other user's behavior on that network.
| DenisM wrote:
| I am thinking two phones knowing about each other's IP-6
| addresses. No central directory.
|
| You might be right though.
| viklove wrote:
| EARN IT will affect all encryption software, not just Signal.
| This bill is just the newest way Congress is trying to enforce
| required backdoors in all apps/devices. Last time it was under
| the guise of protecting us from terrorists, this time it's under
| the guise of protecting the children from pedophiles. I wonder
| what they'll try next time, when this inevitably fails again.
| null0pointer wrote:
| I feel like as soon as someone uses a "think of the children"
| argument they immediately invalidate any point they may have
| had. It's a total cop out argument. I wish more people could
| see through it.
| mywittyname wrote:
| There are a million better ways to help children.
| elliekelly wrote:
| The federal government enjoys a freely accessible and wide open
| back door to our _entire_ financial system under the guise of
| protecting us from terrorists. What makes you so sure the same
| trick won 't work again?
|
| Most Americans don't seem to know enough about how the
| government uses the backdoor to care.
| mcny wrote:
| That's a good point. I would like to plug taler here. There
| is no technical reason why the federal government needs to
| have access to all our financial information as far as I
| know.
|
| https://en.wikipedia.org/wiki/GNU_Taler
| GrinningFool wrote:
| > I wonder what they'll try next time, when this inevitably
| fails again. We're at a major disadvantage, so I'm not sure
| where that optimism is coming from.
|
| We have to stop it every time, and in every variation. On the
| other hand, they can keep trying over and over again.
|
| I'd much rather see EFF and others working with congress to
| introduce laws that _prevent_ this kind of thing, saving the
| long sequence of future fights as this resurfaces under names.
| One of those fights, we're bound to lose.
| kitotik wrote:
| > when this inevitably fails again
|
| May I ask where your confidence comes from?
|
| I'll actually be more surprised if this _doesn't_ go through,
| at least in some form.
| giancarlostoro wrote:
| With so many eyeballs locked up at home, bored, not paying
| attention to congress. I think this is definitely much more
| concerning.
| jimbob45 wrote:
| Not paying attention to Congress...until a big player gets
| taken down by this bill and makes a loud fuss about it.
| StillBored wrote:
| They just need to word it correctly:
|
| "This product is designed with the highest levels of
| security in order to keep you safe from criminals and
| other illicit actors on the internet. Because of this, it
| has been deemed inappropriate for use by citizens of the
| USA by the EARN IT act. Until this changes, it is only
| available outside of US jurisdiction. Please contact your
| congressional representatives for more information"
| Nasrudith wrote:
| To be fair even if they get what they think they it will fail
| and then they'll pout and try to move the goal posts again
| like how the DMCA failed to stop piracy or DRM from being
| cracked.
|
| Of course indulging their utter folly leaves us all worse off
| so we need to stop them. I notably haven't gotten even an
| email or after sending an email calling out EARN IT as
| downright nationally suicidal given the how much of the US
| economy is dependent upon secure cryptography, and the
| obvious relationship between GDP and power, and that if they
| gave a damn about the children they would be investing more
| in social services and investigation instead of trying to
| seize more power.
|
| Not sure if I reached them or got it put in a proverbial
| circular file or "enemies list/ban from volunteering as
| disgruntled" by a staffer but the fact they didn't send a
| "for the children" form letter bullshit is somewhat
| reassuring that it reached a real human and they at least
| recognized one case of "too pissed to even try to form letter
| bullshit" is a small victory and enough negative tickmarks to
| say "this is a bad plan" is the current win condition.
|
| Of course a large victory would be dropping from sponsorship
| but that would be near impossible even if I was a connected
| great speaker who called him out in person.
| vardump wrote:
| I hope it's not against people who vote "wrong".
| unknown2374 wrote:
| What is wrong with the wording of the title? The first line is
| "Signal is warning that an anti-encryption bill circulating in
| Congress could force the private messaging app to pull out of the
| US market." Being forced out of the market is different than
| "threatening to dump the market".
| thanksforfish wrote:
| The bill seems like it would result in forcing e2e out of the
| market. Each product that offers e2e would then need to make a
| choice. Remove e2e or keep e2e. If they keep e2e then either
| they proactively dump the US market or they face legal peril.
| It seems like the same thing to me.
|
| They don't want to offer a product that doesn't support e2e.
| dylan604 wrote:
| It might be a bit hyperbolic, but the end result is the same.
| Rather than compromising the integrity of their app, they'd
| rather no longer offer it to an entire country's market.
| Whether it is "dumping" the users or "pulling" out of the
| market, what's the difference? Lavabit shut their entire
| operation down once they were forced to compromise their
| system. While Lavabit didn't have much notice, Signal is
| signaling their intent to their users. If that signals their
| users to take action by contacting their congress critters to
| put pressure, then it seems like a good idea.
| einpoklum wrote:
| In Soviet Russia, government spy on everyone's phone.
|
| In Capitalist America, phone spy on everyone for government.
| LatteLazy wrote:
| You can't maintain democracy or the rule of law with these laws
| in place. This isn't about privacy, making it about that is
| missing the point. Privacy is a nice side benefit, something we
| give up routinely for safety. Democracy isn't.
| rlt wrote:
| > Although the goal of the legislation, which has bipartisan
| support, is to stamp out online child exploitation, it does so by
| letting the US government regulate how internet companies should
| combat the problem--even if it means undermining the end-to-end
| encryption protecting your messages from snoops.
|
| As usual, one of the Horsemen of the Infocalypse:
|
| https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
| GekkePrutser wrote:
| This is why something serverless is needed. Then there is nobody
| to sue.
| neets wrote:
| Well there is tox and other protocols that work through Tor
| network
| throwaway55554 wrote:
| This just kills me: https://arstechnica.com/tech-
| policy/2020/04/senator-backing-...
| RickS wrote:
| There's a coherent worldview where this isn't hypocritical:
|
| > Encryption is for hiding our comms from China and Facebook,
| which keeps you safe. Hiding your comms from America makes it
| harder for America to keep you safe. Encryption should be weak
| enough to let the US government have the knowledge it deems
| necessary, but strong enough to build a moat around that
| superiority.
|
| It's misguided for a bunch of reasons that HN well understands,
| but it holds water. That's what makes it scary: not that it's
| absurd, but that unless you're both well educated and
| skeptical, it sounds downright responsible.
| ummonk wrote:
| People keep saying that backdoors weaken security in general,
| but that's simply not true. If you create a cryptographic
| backdoor that only one third party entity can access (because
| only they have the private key to do so), this doesn't
| fundamentally make it any weaker than ordinary end-to-end
| encryption (where the recipient has the private key to
| decrypt the messages you send them).
| saagarjha wrote:
| It does, because the third party may share their keys with
| others.
| throwaway55554 wrote:
| > It does, because the third party may share their keys
| with others.
|
| It makes the store where the keys are kept a priority
| target as well.
| lonelappde wrote:
| If the US government can access zoom data, then China
| government can too.
| president wrote:
| Has anyone here actually read the full-text of the bill [1]? I
| don't see any mention of banning cryptography/encryption in it at
| all. In fact, the only thing that the bill proposes is the
| creation of a commission to establish best practices for child
| exploitation. Seems a bit unfair to call this an ANTI-ENCRYPTION
| bill.
|
| [1] https://www.govtrack.us/congress/bills/116/s3398/text
| mundo wrote:
| Scroll down to section 6 - it amends CDA 230 to strip
| protections from companies that don't follow the "best
| practices" (which might not involve backdoors, but are presumed
| to based on past statements by the commisioners-to-be,
| especially AG Barr) established by this commission.
| yingw787 wrote:
| So...assuming this bill passes and Signal pulls out of the U.S.,
| what can the average person do to continue to access Signal's
| servers in other countries? Can we VPN into an Apple computer
| based in the EU, build our own Signal client, and then somehow
| scp the files back to the U.S.? I think TestFlight would be out
| of the question, since you probably would need to sign Apple U.S.
| Terms and Conditions, and because Apple Developer Program is $99
| / year.
|
| Maybe I should get a Purism phone.
| paxys wrote:
| Thing is the VPN service would be subject to the same law, and
| so the connection would likely still be insecure.
| yingw787 wrote:
| Hmm, okay, so I can drive over to Canada, make a developer
| friend there, build an instance of the Signal iOS app using
| the licenses there, load it onto my phone via TestFlight or
| USB stick, then drive back to the U.S. and use it assuming
| TSA doesn't touch my phone?
| sudosysgen wrote:
| Smuggle the phone back using an electric dirt bike crossing
| the Canada-US border in the middle of the night, that way
| the TSA won't bother you.
| yingw787 wrote:
| I guess I should work on my bushwhacking skills.
| aspenmayer wrote:
| After you load TestFlight and Signal build onto your phone,
| make a full encrypted local backup via iTunes.[0] Upload
| that backup image somewhere. Turn off Find My (iPhone) to
| disable activation lock. Restore iPhone to factory
| setttings. Return iPhone to factory sealed box. Optional:
| mail phone to self at destination or other location of your
| choosing in destination. Cross border. When at desired use
| location, unbox phone. Fetch backup you made earlier.
| Restore backup to iPhone. Use Signal.
|
| [0] https://support.apple.com/guide/itunes/back-up-your-
| ios-devi...
| yingw787 wrote:
| That sounds much more feasible! I copied and pasted your
| tip into my notes app. Thanks!
| Nextgrid wrote:
| But if Signal is end to end encrypted then the VPN being
| compromised is not a problem.
| dilippkumar wrote:
| Signal would be end to "the other side of VPN end"
| encrypted. The VPN channel itself would have a backdoor and
| thus defeat the whole point.
| Nextgrid wrote:
| If Signal is end to end encrypted (or even _just_
| encrypted to a server that has no backdoors) then
| observing the network traffic towards that server (which
| is what the compromised VPN would do) wouldn't help. This
| is how even "basic" HTTPS remains secure against
| malicious attackers.
| PureParadigm wrote:
| I don't think that's true. If the VPN is compromised then the
| Signal traffic over it should still be encrypted (that's the
| point of Signal). As long as the VPN doesn't block your
| access to Signal you should be fine, and there is no risk the
| VPN would read your messages.
| paxys wrote:
| The connection needs to be secure at least initially when
| you are exchanging encryption keys.
| maqp wrote:
| This is an incredibly complex problem and it really
| depends on the details. which keys are used, which are
| pinned. Which keys the government has, and which
| certificates it can and will issue itself. Which clients
| it will backdoor, and where will it attempt MITM attack
| if necessary.
| PureParadigm wrote:
| On Signal you're encouraged to verify out-of-band (such
| as in person) with the "safety number" which allows users
| to verify each other's keys to prevent a man-in-the-
| middle attack. This way you'll notice if the initial key
| exchange has been compromised.
| alkonaut wrote:
| So this would be a complete ban on VPNs? How does that even
| work? It's enforceable in Uganda and China, but in the US?
| pgm8705 wrote:
| Presumably, this would affect Apple and iMessage as well,
| correct?
|
| Hopefully, Apple will publically denounce this act, putting
| stronger pressure on representatives and increasing public
| awareness.
| maqp wrote:
| Apple can already silently eavesdrop on all iMessages, because
| they control the public keys inserted to your device. There are
| no fingerprints to verify you're not under MITM attack so they
| can just start attacking everyone. Read my longer post on this
| topic here: https://news.ycombinator.com/item?id=21425897
| saagarjha wrote:
| Apple cannot do this "silently".
| maximente wrote:
| what evidence do you have to refute the longer post that
| the OP linked to where they explain the exact mechanism
| that this can be done silently?
| saagarjha wrote:
| The fact that adding a new key is no longer silent?
| iMessage will alert you when a new device is added to the
| account.
| cageface wrote:
| This kind of thing and the pulling of HKMaps are the main reason
| I'm running Android again. Being able to run apps on my phone
| that my government won't allow in an official app store is
| looking more and more likely to be an essential freedom.
| flattone wrote:
| The state of respect from law and corporations upon consumers is
| already the single most depressing thing and now earnit. Grew up
| wanting to live in the future now i just want out. Remember that
| 15 year joke 'dont be evil'?
|
| I believe i could self immolate a million times over in front of
| a variety of scenes and meanings, people could call, write and
| click, teach and learn. There is however an absolute, it seems,
| that there is no profitable path for relatively infinite powers
| (politicians and corporations) to allow any meaningful movement
| towards the more humanitarian, civil/passionate version of a
| culture.
|
| Instead we will visibly or not be corralled into a highly
| monitored and monetized form of drone happiness. Its cool.. as
| long as zoom always works, right? In a sort of twisted 'we will
| do things to them but it wont happen to us'. Perhaps quarantine
| brain is boiling over into my comment style.
| mirimir wrote:
| > The state of respect from law and corporations upon consumers
| is already the single most depressing thing and now earnit.
|
| After five decades of the bloody War on Drugs, I have _zero_
| respect for the rule of law.
| dTal wrote:
| >Perhaps quarantine brain is boiling over into my comment
| style.
|
| Quite honestly this comment sounds like you're entering a
| schizophrenic episode. I don't mean to be disrespectful and I
| am not a psychologist, but there's a characteristic tone and I
| recognize it. Quarantine is hard for brains. If you're in
| quarantine and you sense that your brain isn't working quite
| right, give your loved ones a call. Actually, do that anyway.
| soheil wrote:
| > and I am not a psychologist, but
|
| You probably should have just stopped there.
| flattone wrote:
| I appreciate your sharing this view... but i lack background
| as to why. This tone and line of thinking is quite regular
| with the exception of a few friends who prefer surrendering
| privacy for safety.
|
| Tell me more about your views? Basically im trying to get at
| does this non psychologist have valid insight or is this just
| a knee jerk disagreement+quarantine comment?
|
| And to better clarify my boiling over thing it is really to
| say that with the added time on our hands we all have so much
| time to read and think about our lives.
|
| Just in case you're right... hello from loony town. Haha.
| Sorry not funny.
| dTal wrote:
| >Basically im trying to get at does this non psychologist
| have valid insight or is this just a knee jerk
| disagreement+quarantine comment?
|
| Neither. I am only reacting to your writing style, which
| reminds me very much of some schizophrenic people I have
| known. If I had to describe it, I would say it is
| characterized by disjointedly jumping around a theme, often
| using sentence fragments instead of complete sentences. It
| makes sense to you, but it is difficult for others (well,
| me) to follow. Again I don't mean this as an attack at all,
| just as an encouragement to reach out.
|
| I don't have a lot to say about the actual content of your
| comment, except to say that it sounds awfully pessimistic
| and that life can surprise us with history's twists and
| turns. I'm sure things felt similarly hopeless in the early
| 20th century with the robber barons, or during the plague
| that immediately preceded the enlightenment. Chin up!
| lonelappde wrote:
| Why can't clients encrypt client side?
|
| Chat apps should support input plugins. If a user encrypts
| locally, there's nothing the network can do about it.
| t-writescode wrote:
| That is how E2E works. But that means the software you're using
| must be able to communicate with your client, unless you want
| to copy-paste every message into a decrypted. That's a pain for
| normal communication.
|
| Therefore, we have programs like Signal that do that for us.
| mLuby wrote:
| I wonder if a keyboard app could do it, since they sit
| between the user input and the chat app.
|
| It would be nice if message transportation were decoupled
| from composition and consumption. Default bundling is fine
| for ease of use, but allow first-class replacements.
| lisper wrote:
| If anyone here is interested in helping to develop E2E encryption
| that cannot be shut down by the government here is my effort
| towards that end:
|
| https://github.com/Spark-Innovations/SC4
|
| The project has been moribund for a while because it's hard to
| compete with Signal but it wouldn't take a lot of encouragement
| for me to take it up again. First on the agenda is adding a
| ratchet. Most of the heavy lifting is already done
| (https://github.com/rongarret/ratchet-js) it just needs to be
| integrated. I also have an iOS app that was kinda sorta working
| the last time I tried it.
| lambdasquirrel wrote:
| The sheer irony being that Federal workers have started using
| Signal instead of other apps, because it's encrypted.
| AlexandrB wrote:
| It's not really a "threat". I don't think Signal could legally
| operate in the US with this act in place. More like saying: "If
| you effectively ban end-to-end encryption, we can't offer our
| end-to-end encrypted chat app in your jurisdiction any more."
| FigmentEngine wrote:
| it is a threat. signal could still operate, they would just be
| at risk of being killed by a thousand cuts.
| mirimir wrote:
| > I don't think Signal could legally operate in the US with
| this act in place.
|
| I could do that, because nobody knows who I am.
|
| But then, I'm not technical enough. And I couldn't do that as
| Mirimir, because that persona has existed too long, and has
| been far too public.
|
| The point, though, is that I'm confident that it's doable.
| pacificmint wrote:
| > I don't think Signal could legally operate in the US with
| this act in place.
|
| Of course they could operate. They would just have to backdoor
| their encryption. Which, presumably, is what this legislation
| wants to achieve.
|
| They don't want a world with no chat apps, they want a world
| with chat apps they can listen to.
|
| What Signal is saying in this blog post is that they would
| rather give up the US market than weaken their encryption.
| Which is worth saying, because it's probably not true for most
| other apps. Most corporations would not give up the US market,
| no matter what compromises they have to make.
| AlexandrB wrote:
| > Of course they could operate. They would just have to
| backdoor their encryption.
|
| Is it even possible to have end-to-end encryption (in the
| technical sense of the term) with a backdoor? If your
| product's marquee feature is security via end-to-end
| encryption your product is a non-starter in a jurisdiction
| that bans end-to-end encryption, no?
| mumbisChungo wrote:
| ask the CEO of Zoom
| maqp wrote:
| Spot on. The thing is, content is still valuable and
| companies would like to access it on behalf of the
| government, but they now have to compete with private
| messaging apps. The big tech companies want the government to
| force them to make more profits on user data by forcing the
| backdoor. If this was something the tech companies didn't
| want, they'd be spending billions to lobby for the human
| right to privacy.
| ardy42 wrote:
| > It's not really a "threat". I don't think Signal could
| legally operate in the US with this act in place. More like
| saying: "If you effectively ban end-to-end encryption, we can't
| offer our end-to-end encrypted chat app in your jurisdiction
| any more."
|
| Could they operate, so long as they implemented a mechanism to
| scan for and report child pornography? Assuming
| (optimistically) that the government committee that the EARN IT
| act mandates adopts reasonable standards.
|
| I think this article gives a good background on the problem:
| https://blog.cryptographyengineering.com/2020/03/06/earn-it-...
|
| I (personally) think that client-side photo hashing and
| automated comparison against one of the child abuse databases
| should be sufficient. Alternatively, Signal could probably just
| disable features for sharing images in the US.
| toast0 wrote:
| > Could they operate, so long as they implemented a mechanism
| to scan for and report child pornography?
|
| Signal's model is that their servers are never able to
| understand any user content. You can't effectively scan for
| prohibited content on the client side for several reasons:
|
| A) someone who wants to send or receive prohibited content
| could alter the client to skip the checks.
|
| B) shipping the check to the clients makes it possible for
| distributors to run the checks and alter their content until
| it passes the checks.
|
| If client side filtering was effective, the ask should be for
| Google, Microsoft, and Apple to scan and report prohibited
| content on their operating systems, which together cover the
| vast majority of user terminals.
| ardy42 wrote:
| > You can't effectively scan for prohibited content on the
| client side for several reasons:
|
| I disagree. I think these scanners can only be good, but
| never perfect, so they're mainly effective against
| technically unsophisticated abusers. Weakness that are only
| exploitable by someone with advanced technical skills are
| not actually a problem.
|
| > A) someone who wants to send or receive prohibited
| content could alter the client to skip the checks.
|
| That's true in any kind of scanner. Server side checks
| could be defeated pretty trivially by using _any_ encoding
| scheme not anticipated by the scanner 's authors (e.g.
| sending an image as text messages encoded with rot13
| Base64). No scanner can be robust against even a mildly
| technically savvy opponent unless the scanner has complete
| end-to-end control over everything, including the clients.
|
| > B) shipping the check to the clients makes it possible
| for distributors to run the checks and alter their content
| until it passes the checks.
|
| My understanding is those databases and algorithms are not
| secret information, but are publicly available to provide
| low barriers to implementation, so someone could download
| one and do what you propose now.
| Paul-ish wrote:
| You're right that it wouldn't work technically. But legal
| compliance doesn't always make things work the regulators
| want them to.
| ENGNR wrote:
| They achieved this in Australia by saying "we don't care how you
| achieve both security and putting backdoors in, just have a
| 'capability'". If you don't have the ability to open a backdoor
| for them you've committed an offence
|
| The best counterargument I came up with at the time is the
| security of our children. Who the hell knows what teenagers are
| sending to each other these days? Do we even want to know? I
| don't, and it's weird that Attorney General Barr wants to open
| this door. Why risk letting the wrong person sneak into a
| position where they can see all of our children's messages,
| everyone deserves real security
| steindavidb wrote:
| Senator Feinstein (D-CA) is a do's-onshore of the bill. Here's
| the form to contact her office and encourage her to not support
| the bill:
| https://www.feinstein.senate.gov/public/index.cfm/e-mail-me
| tln wrote:
| do's-onshore = co-sponsor?
|
| Thanks for the link, I sent an email with it.
| mikece wrote:
| 1. The police are either lazy or incompetent if they say they
| cannot trace criminals because of E2E secure chat.
|
| 2. You don't need to know the contents of a chat to glean massive
| amounts of metadata. FB Messenger and WhatsApp going truly E2E
| encrypted will still put FB (and anyone serving them with
| warrants) to know in real time who is talking to whom, what their
| IP addresses are, and possibly real location (if they are using
| the app on their phone). This can be used to created a Signature
| profile... many Pakistanis and Yemeni have died from a Hellfire
| missile strike because they matched a pattern of activity. Google
| "signature strike" for more info.
|
| 3. The terrorists and pedophiles that are the most dangerous are
| using far more sophisticated means of communication than Wire,
| Signal, WhatsApp, Wickr, etc. Saying that this is "for the
| children" or "for our safety" is complete bullshit and anyone
| saying otherwise needs to prove it.
| the8472 wrote:
| > anyone saying otherwise needs to prove it
|
| Sorry pal, that's top secret intel. Just Trust Us(tm).
| ravenstine wrote:
| Maybe the terrorists. Anyone who's seen "to catch a predator"
| knows that most pedophiles are borderline mentally handicapped
| and are way more likely to get caught by their own
| incompetence; no extra laws necessary.
|
| But you're otherwise right that people running CP rings are
| probably using more sophisticated means that can't be stopped
| by conventional means.
| oconnor663 wrote:
| > The terrorists and pedophiles that are the most dangerous are
| using far more sophisticated means of communication
|
| The "most dangerous" part is doing a lot of work there. Just
| like I think law enforcement needs to admit what they can and
| cannot do (e.g. they cannot protect a golden key), I think we
| need to admit some things too. A lot of dangerous criminals are
| stupid. Maybe not the most dangerous ones, sure. But if law
| enforcement has a tactic that lets them catch, say, the
| stupidest 30% of terrorists, that's an _extremely_ valuable
| tactic that probably saves a lot of lives in practice. It would
| be wrong to claim that society loses nothing by engineering
| away that tactic.
|
| I think this sort of thing leads to a lot of frustration on
| both sides. As a programmer, I find it very frustrating that
| law enforcement and the media consistently get some of the most
| basic details wrong about how communication and encryption
| work, and about the negative side effects of the new laws
| they're proposing. But I assume that law enforcement folks also
| feel frustrated about how people like me have no idea how they
| actually get their jobs done day-to-day, or the negative side
| effects of the technologies we're building.
| tootie wrote:
| The 1993 WTC bombers got caught when they tried to recoup the
| deposit on the rented van they blew up. OTOH, we tapped bin
| Laden's sat phone.
| kevin_thibedeau wrote:
| The stupidest 30% are walking around with phones that are
| already easily tracked.
| strictnein wrote:
| I multihop VPN through service A. My criminal friends multihop
| VPN through service B, C, etc. All hops are through non-US
| friendly countries
|
| We then communicate over a secure messaging platform like
| Signal, Telegram, etc.
|
| Knowing just that I communicated with one or more people, how
| you would conduct your investigation to "trace" the
| participants in this conversation?
|
| The feds would be really put up to unravel this (and are on a
| daily basis), let alone the police.
| chatmasta wrote:
| Why are the feds watching these conversations in the first
| place? Has a crime been committed? If they're investigating a
| crime, surely there are more avenues of investigation than
| Facebook chats that didn't even exist ten years ago. Whatever
| happened to good old fashioned police work? Seems like they
| just expect everyone's chats to be handed to them on a silver
| platter when they ask for it.
| strictnein wrote:
| I'm responding to this statement and showing how it is
| rather ignorant: 1. The police are either
| lazy or incompetent if they say they cannot trace criminals
| because of E2E secure chat.
|
| As for the rest of your comments: The feds are watching
| criminals online because lots of crime is committed online.
| I do not think weakening encryption will help them in this
| pursuit.
| mywittyname wrote:
| > far more sophisticated means of communication
|
| Or far more simple means. It's trivial, really, to write your
| own app for encrypted communication or signaling. I bet I could
| build one in a day.
|
| Even without programming skills, you could set up a shared
| drive containing only a keepass file. Download the file, use
| your key and password to open it, then read the message.
| Monitor the last updated timestamp to see if there have been
| any changes.
|
| Securing your communications is not hard.
| Thriptic wrote:
| I think its better to just admit that freedoms / tech will
| always be misused by criminal actors, and that's just a price
| we agree to pay for privacy, security, and liberty. I don't
| think think that's a controversial statement, and we make such
| trade offs all the time unconsciously. The United States has
| largely agreed to accept a certain amount of criminal gun
| violence in the name of personal gun ownership. We agree that a
| certain amount of money laundering will occur due to shell
| corporations and foreign ownership of assets. We agree that
| police have to let a certain amount of crime go unpunished in
| order to protect against unreasonable search and seizure. The
| only difference between those things and this is that no one
| has the balls to stand up and admit that a certain amount of
| child abuse is an acceptable price given the stakes at hand,
| even though it is true.
| t-writescode wrote:
| Truly, this is a stance we have to have for everything.
|
| If we want criminal justice reform, too, for example, we have
| to agree that some criminals will come out of prison after
| their shorter sentences and they will get into positions and
| jobs where they will cause harm.
|
| Any lightening of sentences will come with bad people getting
| through and hurting others. But, this is an acceptable price
| to pay to allow the other felons redemption in this world.
| ngold wrote:
| And you need a warrant to go through a person's mail. How is
| that not defacto policy for digital privacy?
| lonelappde wrote:
| The EARN IT law enables warrants for digital privacy. The
| problem is that the choice is between "warrants are
| impossible due to encryption" and "warrants can be skipped
| by misbehaving actors".
|
| There's no way to guarantee a middle ground.
| caseysoftware wrote:
| Third-party doctrine. It is awful but well-established.
|
| If you want a good grounding in the legal precedents - both
| laws and decisions - that have gotten us here, read Habeas
| Data. Great book laying out all the terrible implications.
| lonelappde wrote:
| Not controversial?
|
| Liberty is what wars are fought over.
| code_duck wrote:
| Maybe flame wars. It would be nice if people believed in
| abstract principles that strongly, or rather, almost that
| strongly would be perfect. Empirically wars are fought over
| which groups get to control resources.
| mirimir wrote:
| > I think its better to just admit that freedoms / tech will
| always be misused by criminal actors, and that's just a price
| we agree to pay for privacy, security, and liberty.
|
| Yes! Also, one sure way to know that we have "privacy,
| security, and liberty" is that criminals are abusing them.
| And, as an added benefit, efforts to identify and apprehend
| criminals help identify weaknesses and OPSEC failures.
| marta_morena_23 wrote:
| > no one has the balls to stand up and admit that a certain
| amount
|
| Yeah no, that's not how this works. The reason they can't do
| this with guns is because that would pull out the rug under
| them, as most republican voters will stop voting for people
| who want to curtail their gun rights. Now try to find people
| who give a dusty fuck about online privacy, I am not even
| sure a noteworthy portion of HN gives a F __*, let alone my
| parents or granparents... Most people simply don 't
| understand what WhatsApp even is. They use it and send stuff
| but that is where their knowledge ends. That's also why Zoom
| can get away with their end-to-end encryption. People don't
| care. Period.
| faster wrote:
| It sounds like you accept the bill's authors' claim that
| EARN-IT is about protecting children.
|
| I'd be very interested in hearing from child abuse
| investigators how the controls in the bill line up with how
| tech is used in abusing children. My expectation is that
| there is very little alignment, because "for the children" is
| most often the rallying cry of politicians who want something
| that is not in the best interests of the people they are
| supposed to represent.
| zymhan wrote:
| > It sounds like you accept the bill's authors' claim that
| EARN-IT is about protecting children.
|
| No, you're putting words in their mouth.
|
| You have your head in the sand if you don't think people
| use perfectly legitimate encryption service to discuss
| illegal activity. But that is not a reason to ban
| encryption. The entire US constitution is built on the
| premise that people have rights.
|
| But it has always been true that some people use their
| rights to avoid having their criminal activity detected.
| That doesn't make our rights any less important.
| lukifer wrote:
| > The entire US constitution is built on the premise that
| people have rights.
|
| As much as I'm near-absolutist on civil liberties, I
| think it's also valuable to recognize that the intrinsic
| good of individual rights are only one part of the story;
| the other is the balance of power between government and
| the governed.
|
| I recently heard Sam Harris opine that from a utilitarian
| perspective, an absolutist right to privacy pales in
| comparison to allowing harm to come to children, and so
| the tech community needs to flex a little on the privacy
| question, and meet law enforcement halfway. Through that
| reductionist lens, it's hard to find fault in the
| argument.
|
| The problem isn't limited to privacy, though. Unbreakable
| digital locks exist, and they aren't going anywhere. [0]
| And there is _power_ in the ability to keep secrets. You
| can bet the Feds have little interest in a Panopticon,
| where they too are obstructed from keeping digital
| secrets, as "meeting us halfway" for some greater good.
| Rather, they want to hoard that asymmetric power as their
| exclusive purview. No matter how well-intentioned, that
| asymmetry of raw power is something We The People have a
| vested interest in taking seriously, far beyond some
| abstract notion of "I want to Google
| ${CONSENTING_ADULT_SEXUAL_ACTIVITY} without worrying the
| neighbors will find out".
|
| [0] https://www.youtube.com/watch?v=VPBH1eW28mo
| someguyorother wrote:
| > I recently heard Sam Harris opine that from a
| utilitarian perspective, an absolutist right to privacy
| pales in comparison to allowing harm to come to children,
| and so the tech community needs to flex a little on the
| privacy question, and meet law enforcement halfway.
| Through that reductionist lens, it's hard to find fault
| in the argument.
|
| I'd say it's pretty easy. For utilitarianism to make
| sense, it has to take the future into account. And what
| looks like an absolutist right to privacy might be a
| utilitarian argument of the type that if you grant a
| monopoly of power (private or public) the right to make
| use of your private information, then it could well use
| that private information against you later.
|
| An integral utilitarian might then say "it's worth some
| harm to children today to ensure there won't be great
| harm tomorrow". That kind of being able to trade off
| different scenarios of harm without regard to absolute
| principle is pretty much what characterizes (act)
| utilitarianism.
| Thriptic wrote:
| I don't believe that. I'm simply saying that if the stated
| logic for this bill is that we need to regulate encryption
| because there is an unacceptable risk of misuse, then my
| response is that I actually accept the current level of
| misuse risk given the current level of regulation.
| Instituting further controls in the form of regulation
| would cost us more than the perceived reduction of risk
| that it affords.
|
| Obviously this bill is about more than that, but I think
| that statement pretty much torpedoes their main public
| argument.
| exolymph wrote:
| This is my view, 100%. Yes there are downsides to strong e2e
| comms, but the downsides of _not_ having strong e2e comms are
| far worse.
| dwighttk wrote:
| > The only difference between those things
|
| You listed two things that easily and obviously line up with
| a Bill of Rights amendment... not sure there is one of those
| for encryption. Unless I'm just blanking...
| conradev wrote:
| https://cyberlaw.stanford.edu/blog/2020/03/earn-it-act-
| uncon...
| AnthonyMouse wrote:
| > I think its better to just admit that freedoms / tech will
| always be misused by criminal actors, and that's just a price
| we agree to pay for privacy, security, and liberty.
|
| It's possible for both things to be true at the same time.
|
| If Signal exists and is secure, will criminals use it? Sure
| they will, criminals are people and people want private
| communications.
|
| But if you ban honest citizens from using Signal, will
| _criminals_ stop using secure communications? No, they have
| an unusually strong incentive to use them and will seek out
| alternatives. The percentage of criminals who switch to
| insecure communications will be lower than the percentage of
| honest people who do.
|
| Which _increases_ the amount of crime, because the amount you
| 're helping law enforcement catch criminals is smaller than
| the amount you're helping criminals exploit victims. This is
| also compounded by the fact that there are more honest people
| than criminals.
|
| There is a theory of bureaucracy ("an institution will
| attempt to preserve the problem to which it is a solution")
| that says law enforcement agencies will ask for this even
| when they know full well that it will increase the overall
| amount of crime, because more crime is good for them since it
| means more law enforcement.
| null0pointer wrote:
| I agree that criminals will use secure communications
| regardless of the law. I don't understand what you mean
| when you say it will increase crime though.
|
| Regardless, I feel like there's a deeper motive from
| governments/law enforcement. It would allow them to claim
| that anyone using secure comms must have something to hide
| and is thus a criminal. Combine that with mass surveillance
| and anyone you see sending encrypted traffic can
| automatically be assumed to be a criminal. I'm not saying
| this is right, it's certainly not right. But I'm sure
| that's the argument that will be used by those trying to
| push it.
|
| The only way to fix this is secure-by-default comms, such
| that all traffic looks the same and you cannot make any
| claims of criminality based on that alone.
| AnthonyMouse wrote:
| > I don't understand what you mean when you say it will
| increase crime though.
|
| Suppose you're a criminal organization or a foreign
| government. You break into AT&T or Amazon or whomever and
| get access to a bunch of data streams. If they're all
| E2EE, you have a bunch of inscrutable ciphertext. If
| they're not, you have everybody's passwords, trade
| secrets, credit card numbers, information useful for
| blackmail etc. Lack of strong encryption enables crime --
| that's why honest people use strong encryption.
| [deleted]
| mikece wrote:
| Just because an Ethernet cable _can_ be used to strangle
| someone doesn 't mean that failing to stand in opposition to
| network wiring is to accept a certain amount of murder by
| strangulation. Don't focus on the tool being used for the
| crime but on the tool committing the crime.
| notJim wrote:
| There are degrees to which tools are useful for committing
| crimes, and it's naive to pretend otherwise. Encryption is
| obviously an incredibly useful tool for committing a number
| of crimes, and I think it's better to argue that it's worth
| it than to act like there's no connection.
| tehjoker wrote:
| The government wants to expand surveillance so that way
| potentially disruptive social movements can be monitored
| and disrupted. Activists use signal too.
|
| In case you hadn't noticed, the government is currently
| on its backfoot and disruptive social policy reforms are
| back on the table. They want to make sure that
| corporations get everything and the people get nothing.
|
| The encryption fight has been going on for decades, but
| at root their complaints about terrorists and child
| trafficking are covers for expanding a lazy version of
| COINTELPRO. Lazy meaning that they can just sit in an
| office and see everything. Let's not forget the FBI's
| role in trying to get MLK to commit suicide. These
| shadowy agencies are not in any way the good guys.
| rapind wrote:
| I think this depends on the tool. Certainly we could see
| the tool being a problem if it was a mini nuke or Anthrax
| (I don't for the record think encryption rises to this
| level).
|
| I'm very concerned that technology will put something
| devastating (at scale) in people's pockets and then we're
| kind of screwed (do we choose big brother and all that
| entails, or indescribable mass destruction?). I don't have
| a solution but it keeps me up some nights.
| andai wrote:
| > far more sophisticated means of communication than Wire,
| Signal, WhatsApp, Wickr
|
| Like better apps, or something homebrewed?
| lonelappde wrote:
| > The terrorists and pedophiles that are the most dangerous are
| using far more sophisticated means of communication
|
| Terrorism is mostly opportunistic radicals communicating via
| YouTube and Twitter and Fox News, or national / quasinational
| governments that are brazen and flagrant and don't need to
| worry about being noticed.
| cvwright wrote:
| Sometimes these idiots have posted on Facebook about their
| planned attacks. And we still did not manage to stop them.
| formercoder wrote:
| Yep, we know the CIA makes kill decisions based on metadata.
| blfr wrote:
| Perhaps I'm not hip enough but I'm pretty sure there is nothing
| more sophisticated than Signal.
| upofadown wrote:
| Signal is all about making good cryptography usable for the
| general public. If you actually use the "safety numbers" to
| verify the identity of who you are communicating with then
| you have real guaranteed end to end encryption. Unfortunately
| not everyone does that.
|
| People that really really need to be sure probably use
| something super simple like PGP after they take the time to
| learn how.
| mikece wrote:
| Session -- it just doesn't have as many features.
|
| BTW, one of Signal's weaknesses is that you MUST use a phone
| number with it. If you're savvy you realize this can be a
| Twilio number you control making your account immune from SIM
| hijacking. However, unless you override a bunch of defaults
| Signal is not immune to other attack vectors like attempting
| to unfurl a URL sent in a message -- which can expose your
| true IP address -- or generate a thumbnail of a video --
| which can launch a malware attack -- which is the method of
| attack alleged to have been used by Saudi intelligence to
| hijack Jeff Bezos' phone (via an E2E encrypted WhatsApp
| message no less). A more sophisticated messenger system would
| turn off lots of "convenience" features by default and let me
| pick a random username and NOT make me enter a phone number
| or email address. People who care about security don't need a
| way to reset their randomly generated 128 character
| passwords.
| tialaramex wrote:
| Beyond the (slightly behind trend) enthusiasm for
| blockchains Session is the same punt on contact discovery
| as lots of other systems that went nowhere. This works
| great for little secret decoder ring cliques but doesn't
| actually secure real people's day-to-day messages due to
| lack of discovery - your local butcher and the guy your
| sister went to college with never find out that you have
| the same secure messaging app, and so their messages to you
| aren't secured.
|
| In contrast to your disinterest in convenience features,
| Session does have a bunch of things that presumably its
| principles felt were non-negotiable but clearly harm
| security. The "Open Groups" feature for example is
| basically "Eh, this is hard, we give up" for larger groups
| (500+ people). No end-to-end encryption and you're given
| either a moderator tool that doesn't work ("Ban"
| pseudonymous people who can for zero cost just create a new
| pseudonym) or one that's onerous ("Invite" everybody
| manually).
| rsync wrote:
| "BTW, one of Signal's weaknesses is that you MUST use a
| phone number with it. If you're savvy you realize this can
| be a Twilio number you control making your account immune
| from SIM hijacking."
|
| Does Signal not ever send messages from, or otherwise use,
| SMS shortcodes ?
|
| I ask because no twilio number can receive an SMS shortcode
| (because no twilio number is classified as a "mobile"
| number).
|
| Genuinely curious.
| phaer wrote:
| The do it once for the initial setup. But iirc, one can
| also get an automated call for the pin.
| UncleMeat wrote:
| > BTW, one of Signal's weaknesses is that you MUST use a
| phone number with it.
|
| This isn't a weakness, it is a tradeoff. You use phone
| numbers (downside) but the server does not have to store
| any information about who is talking to who (upside). Other
| tools reverse this choice and don't use phone numbers but
| do need to maintain the communication metadata.
| baybal2 wrote:
| It's not a tradeoff, it's a weakness by design. All
| features you mention are 100% doable without a phone
| number
| _wldu wrote:
| Signal is not built for anonymity. It's built for message
| privacy. It's a lot like PGP in that the government know
| who emailed whom, but they cannot read the email. That's
| the whole point. If you are trying to hide your phone
| number, Signal is not going to help you and it's not
| meant to.
| nebulous1 wrote:
| I believe it is both a weakness and a trade-off
| maqp wrote:
| Sure, and Signal is already working on usernames. Here's
| the kink: When you have low latency (video) calls, you
| can't route via Tor. When you can't route via Tor, you
| leak your IP to the server. When you leak your IP you're
| not anonymous, and when you're not anonymous, the server
| having the hash of your phone number isn't adding too
| much data to them.
|
| When the server knows who you are, the app can use your
| existing contact list to discover contacts. This means
| unlike e.g. Telegram, Signal server doesn't store your
| contact list.
|
| I e.g. constantly see people whose phone number I've
| already deleted appear on my Telegram contact list "X
| joined Telegram". Telegram knows I had the number at some
| point. This would never happen with Signal.
| kosievdmerwe wrote:
| > the server having the hash of your phone number isn't
| adding too much data to them.
|
| Wait how big is the hash of the phone number?
|
| If it's enough bits (e.g., a full sha hash) then it's not
| that secure to hash at all. 10^10 or even 10^11 is just
| 10 or 100 billion. I can easily try all phone numbers
| until I find the one that matches the hash.
|
| It maybe protects against attacks against lots of people,
| but it really doesn't protect an individual.
| mirimir wrote:
| > Here's the kink: When you have low latency (video)
| calls, you can't route via Tor.
|
| Sure, but you can use VPNs. Or Orchid, which is a multi-
| hop VPN that routes through multiple VPN providers.
|
| Or you can just use VoIP, which can be done via Tor, as
| long as you can force TCP mode.
| UncleMeat wrote:
| Then why has nobody done it?
| mikece wrote:
| To be fair, "Signal the App" and "Signal the Protocol" are
| two different things. If you were talking about the later
| then your statement is quite possibly correct.
| uoaei wrote:
| Why not Keybase?
|
| https://keybase.io/
| QUFB wrote:
| The lack of PFS is a big negative about keybase.
| brobinson wrote:
| I was just looking into keybase, and.... deleted. Thanks
| for the heads up.
| urxvtcd wrote:
| I was under the impression it's the same for Signal.
| Quick duckduckgo led me here:
| https://signal.org/blog/asynchronous-security/ The more
| you know!
| cristoperb wrote:
| You can set messages to expire in keybase:
|
| https://keybase.io/blog/keybase-exploding-messages
| majewsky wrote:
| That looks completely orthogonal to Perfect Forward
| Secrecy.
| harikb wrote:
| Can we please have new articles at least state the law correctly
| as anti-security instead of anti-encryption?
| hiq wrote:
| Thread of the blog post (source of the article):
| https://news.ycombinator.com/item?id=22815112
___________________________________________________________________
(page generated 2020-04-09 23:00 UTC)