[HN Gopher] Germany opposes EU plans for client-side scanning
___________________________________________________________________
Germany opposes EU plans for client-side scanning
Author : CharlesW
Score : 535 points
Date : 2023-03-02 15:08 UTC (7 hours ago)
(HTM) web link (tutanota.com)
(TXT) w3m dump (tutanota.com)
| wazoox wrote:
| French Senate also announced it will reject this directive.
|
| https://www.nextinpact.com/article/71087/le-senat-propose-re...
| say_it_as_it_is wrote:
| We simply can't have encryption in a world of online child
| predators. Think of the children.
| r00fus wrote:
| s/encryption/the internet/
| rootusrootus wrote:
| In that case, maybe we should think of the children for real.
|
| (a bit /s, a bit not)
| [deleted]
| [deleted]
| themitigating wrote:
| I can't tell if you are being sarcastic because there is
| currently a massive paranoia over child predators.
| msm_ wrote:
| Since they wrote literally "think of the children" I think
| it's pretty safe to assume they're sarcastic.
| moremetadata wrote:
| What online child predators?
|
| I was a child before the internet and was used for pedo hunts
| before the internet, usually having to try on underwear in the
| UK store Littlewoods, the number of adults that attracted, who
| struck up conversations with my state employed masonic parents
| was quite astounding!
|
| Ergo, I think parents should be put under the spotlight!
| snapcaster wrote:
| What? I'm having trouble what you're saying but sounds pretty
| disturbing
| moremetadata wrote:
| When you consider innuendo and not just the initial
| message, you'll find a lot of communication takes place
| this way, but innuendo isn't taught to most people so they
| are oblivious to what's really going on around them and its
| really quite disturbing.
|
| Throw in a variety of drugs which can make people forget
| stuff or put them into a chemical trance if its not
| hypnosis, and people of all ages can be manipulated into
| actions they wouldn't have otherwise. What age can you
| start hypnotising kids? Some of these drugs are found in
| pharmacy and supermarket shelves with no checks if paying
| cash.
|
| This is why I say people need to have 24/7 unhackable
| surveillance on them at all times, in order to prove whats
| been done, as victims, especially those drugged wont know
| or realise whats been done to them, sometimes for decades
| if at all.
|
| Drugs/chemicals have been used to hack people for Millenia.
|
| And some parents just see their kids as cash cows, after
| all the mindset used to be to have a big family so they
| could look after you when you got too old, and this was
| before the socialist elements of the state in todays sense
| introduced things like state pensions and benefits
| payments.
|
| Thats why I say the state is virtue signalling when they
| claim to be protecting kids, but dont teach kids how to
| protect themselves or teach them the law to know what
| activity's are criminal. This isnt anything new either, its
| been going on for thousands of years, but history gets
| sanitised under the pretence of not giving anyone any
| ideas.
| xt00 wrote:
| Anything that includes client side scanning is a slippery slope
| to fully controlling your device. Will it be illegal to somehow
| disable the client side scanning? If so then how long until you
| are breaking the law when you turn off the government scanner --
| or are caught "installing a new hard drive" in your computer..
| etc..
|
| Is the problem that people can send encrypted things back and
| forth to each other? Requiring that companies put snooping
| software on their device is basically the thought police. Not
| hyperbole but the actual thought police. Today it's saving the
| children, tomorrow it's basically any problem the governments of
| many nations want to try to solve.
| slackdog wrote:
| > _Will it be illegal to somehow disable the client side
| scanning? If so then how long until you are breaking the law
| when you turn off the government scanner_
|
| And once they've normalized _" your computer will spy and
| inform on you"_, is there any reason to think that won't expand
| to things which aren't colloquially "computers" but in fact are
| now computers?
|
| What about "smart houses"? All your IoT toys are computers.
| Once phones, laptops and PCs as mandatory reporters has been
| normalized, is there any reason to think all the other
| microphones and cameras already in people's houses won't become
| mandatory reporters too? If they make it illegal to disable
| client-side scanning on computers, might they also make it
| illegal to remove the crime-detecting cameras in your own home?
|
| Modern cars already narc on people, logging and uploading GPS
| traces that can be fed into police dragnets, just like phones.
| Cops can ask for a log of who's been inside a 'geofence' and
| where does that data come from? Phones and cars reporting on
| their owners, generally without their owners knowing anything
| about it. The 'slippery slope' isn't actually a fallacy if you
| have enough datapoints to legitimately draw a trend line. And I
| think we certainly do.
| trompetenaccoun wrote:
| My friend, these are dangerous thoughts! Once we have our
| wifi-enabled brain interfaces you will get punished for
| thinking this. Please train yourself to forget about it now
| before you get in trouble.
| connicpu wrote:
| But will we be punished for thinking it? Or will the chip
| simply cut off such trains of thought in the first place?
| :) "Revolutionary new brain implant improves mental health
| by suppressing damaging* trains of thought"
| snerbles wrote:
| There have already been experiments in altering personal
| biases and beliefs through transcranial magnetic
| stimulation [0][1]. Direct electrical stimulation will
| eventually permit a greater degree of control.
|
| > We presented participants with a reminder of death and
| a critique of their in-group ostensibly written by a
| member of an out-group, then experimentally decreased
| both avowed belief in God and out-group derogation by
| downregulating pMFC activity via transcranial magnetic
| stimulation. The results provide the first evidence that
| group prejudice and religious belief are susceptible to
| targeted neuromodulation, and point to a shared cognitive
| mechanism underlying concrete and abstract decision
| processes.
|
| [0] https://pubmed.ncbi.nlm.nih.gov/26341901/
|
| [1] https://www.sciencedaily.com/releases/2015/10/1510140
| 84955.h...
| [deleted]
| akomtu wrote:
| The former, in a couple centuries. Centralized monitoring
| of common thoughts will be a solved problem, and the
| means to circumvent it won't be known by many. This ideal
| oppression machine will last for a few centuries.
| miohtama wrote:
| In Orwell's 1984, the TV was watching you.
| JW_00000 wrote:
| Can you provide a source for that last paragraph (the cars
| uploading GPS traces and cops asking for logs)? I'm
| interested in knowing more, e.g. which country this happens
| in, are there any checks and balances, is this
| constitutional?
| slackdog wrote:
| In America:
|
| Cars logging their location history and police getting that
| data: https://www.forbes.com/sites/thomasbrewster/2021/04/0
| 1/these...
|
| Geofenced dragnets:
| https://harvardlawreview.org/2021/05/geofence-warrants-
| and-t...
| est31 wrote:
| Not giving owners (or their lawyers) access to data on
| what the Autopilot thought: https://eu.detroitnews.com/st
| ory/business/autos/2020/02/26/c...
| slickrick216 wrote:
| Show us E-papers please
| bboygravity wrote:
| > Requiring that companies put snooping software on their
| device is basically the thought police.
|
| There is already snooping software on most company devices:
| Microsoft software and Google software and _the Western
| internet_.
|
| It's already snooping on everybody for the government (through
| at the very least NSA).
|
| It already makes sure the traffic is (hopefully/maybe) only
| encrypted for everybody else.
|
| This goes for the EU as well. Most Western countries legalized
| and extended what Snowden revealed about government
| surveillance.
|
| It's already being used in a dragnet surveillance thought
| police type of way for decades. At least no doubt in my mind.
| Call me paranoid, don't care.
| junipertea wrote:
| I definitely agree surveillance is happening and I don't mean
| to do a whataboutism, but why such emphasis on Western
| internet? Are you implying this does not happen elsewhere? If
| we take a counterpoint to West, India and China both have
| significant surveillance of their citizen and they account
| for the other third of the world population.
|
| Let's just agree it's a problem everywhere?
| peoplefromibiza wrote:
| > Let's just agree it's a problem everywhere?
|
| In some places they say you are free and have rights, but
| you don't.
|
| In other places you know you don't have certain rights and
| act accordingly, because people are not stupid, if they
| know there's a potential danger ahead, they become more
| cautious (or they carefully comply, because there are no
| alternatives).
|
| I would say the first group of counties is more dangerous,
| because it gives people a false sense of security, lowering
| their natural defenses, while corporations profit from
| knowing everything about them, things they said they should
| never have had access to in the first place, because you
| have rights, right?
| CyanBird wrote:
| > Let's just agree it's a problem everywhere?
|
| Let's just not, because the ones carrying the baton of
| "liberty" are the ones that ought be measured by that same
| stick
|
| China or other countries do not fall on the hypocrisy of
| saying that your info won't be part of the dragnet, this is
| not the case with said western govs which then proceed to
| decry the evil non-western countries for doing the exact
| same thing and expecting their populations to somehow do
| something about it?? ?? ? It is indeed nauseating
| zirgs wrote:
| Also how do they prevent this from being exploited by hackers?
| If there's a backdoor it's naive to think that only the "good
| guys" will use it.
|
| Also what if some hackers put something on my phone to
| intentionally trigger this in order to blackmail me or ruin my
| reputation?
| hulitu wrote:
| > If there's a backdoor it's naive to think that only the
| "good guys" will use it.
|
| Yet we have learned nothing from KGB, STASI, CIA etc.
|
| > Also what if some hackers put something on my phone to
| intentionally trigger this
|
| "We just found 5 gramms of Mary jane in your pocket".
|
| Religion will come back. "Repent or god will punish you" /s
| legrande wrote:
| > If there's a backdoor it's naive to think that only the
| "good guys" will use it.
|
| This is the thinking behind NSA's 'Nobody But Us' saying. If
| you hoard 0day, assume someone else will discover it given
| enough time.
|
| [0] https://en.wikipedia.org/wiki/NOBUS
| zirgs wrote:
| Except in this case everybody knows that there's a backdoor
| that can be exploited.
| hot_gril wrote:
| > Today it's saving the children, tomorrow it's basically any
| problem
|
| This is how most rights get taken away, not just encryption.
| Also, we're talking about countries that already have pretty
| restricted _speech_. Encryption has to consistently remain
| popular to survive there, and there are plenty of ways to
| undermine that.
| ultrarunner wrote:
| And it's completely obvious bullshit. Consider any more
| salient issue affecting children: the leading cause of death
| for children under 18 is car crashes. The response to this
| large and growing problem is to a) blame the victims (they
| shouldn't have been in the road / they should have walked a
| mile out of their way to return to the spot 100 feet across a
| road / they weren't wearing construction vests & waving flags
| / walking to school isn't allowed in the first place) or to
| wave it away as the cost of doing business.
|
| Were there a shred of consistency in actually advocating for
| children's quality of life, I could forgive those who are
| duped by these underhanded tactics. As it stands, there's no
| actual concerted "save the children" bandwagon that we're
| being invited to hop on to.
| epicureanideal wrote:
| > As it stands, there's no actual concerted "save the
| children" bandwagon that we're being invited to hop on to.
|
| Maybe one should be created, with a prioritized list of
| issues, and loudly inform people that if issues at the
| bottom are being prioritized the proponents may have other
| motives than the ones they claim.
| eastbound wrote:
| Impossible. If you rank avoidable deaths by quantity, men
| arrive in all the top 10 categories, so I'm pretty sure
| no-one would want to make this list anyway.
| hanselot wrote:
| Don't say that out loud.
|
| Clearly nobody is suggesting that on average men flock
| towards more dangerous higher paying professions which
| until recently also meant higher wages.
|
| Wouldn't want people to make the connection between risk
| and reward as a factor in economics.
| hot_gril wrote:
| Yeah, but I don't know what this has to do with children.
| hot_gril wrote:
| If there were a political bandwagon around reducing child
| deaths, I'd probably still suspect ulterior motives.
| Also, if it were based on just death counts, I view
| murder differently from accidents. It's like when people
| try to compare lung cancer and 9/11.
| dunham wrote:
| Also a potential security issue. Many client side virus
| scanners have accidentally introduced remotely exploitable
| security holes.
| hasseldahoff wrote:
| > Is the problem that people can send encrypted things back and
| forth to each other?
|
| I think this is the case, except it's a feature not a bug. The
| predictable characters will shoehorn in the concern angle[1].
|
| [1]:
| https://en.m.wikipedia.org/wiki/Four_Horsemen_of_the_Infocal...
| matthewdgreen wrote:
| The only client-side scanning proposal we've ever seen (Apple
| and NCMEC's 2021 photo scanning proposal) didn't even address
| encrypted messaging. It worked on private photo libraries _on
| your phone_. I think it's very important to reiterate that the
| targets here aren't communications between criminals: it's your
| private data.
| hulitu wrote:
| You forgot about Google. (Dad sends child photo to doctor)
| zirgs wrote:
| What's especially fucked up in that case is that Google
| suspended his account and didn't restore it even after the
| cops closed the case and said that it wasn't a crime.
|
| So the lesson is clear - avoid Google as much as possible
| and use services from separate companies. Email from one
| company, Chat/IM from a different one and so on. So that if
| one of your accounts gets suspended for one reason or
| another - it would not affect the rest.
| jodrellblank wrote:
| It would scan photos you were uploading to iCloud, not
| private photo libraries on your phone. I'm sure you'll agree
| it's important to correct such a misunderstanding as one of
| those is a lot more invasive than the other.
| giantrobot wrote:
| It would _start_ at only scanning content that was going to
| be uploaded to iCloud. There 's literally nothing stopping
| the process from scanning all images whether they're going
| to be uploaded to iCloud or not. Such an expansion would
| use the exact same justification as the iCloud-bound
| content scanning.
|
| It's a slippery slope that ends up with your phone/computer
| snooping on texts, call contents, or anything else and then
| submitting your "crimes" to the authorities.
| eastbound wrote:
| > It would scan photos you were uploading to iCloud, not
| private photo
|
| There was no way to separate the private photos from
| iCloud-uploaded photos. It was all-or-nothing, like Android
| permissions: "Allow govt to scan all your private pictures,
| or do you wish to have no backup?"
|
| I was perfectly feasible to design the ability to have
| private photos, but Apple chose not to. Or Apple, in
| collaboration with the government, chose not to.
| ssss11 wrote:
| If you have iCloud backup setup, does it upload all photos
| from your private photo libraries to iCloud?
| hot_gril wrote:
| Yeah, important to mention that. Still, I don't want my
| phone to even be capable of doing that, nor do I see the
| reason behind it when iCloud could just do the scanning
| itself. That's one big step closer to the described full-
| private scanning (and just a flag flip away).
| bombcar wrote:
| The supposed argument was that they wanted to keep the
| scanning they do in iCloud now (I believe they do it) and
| yet make iCloud encrypted so that they can't see the
| images once they leave your device.
|
| So they move the scanning to the device.
| hot_gril wrote:
| Did Apple actually say they wanted to do e2ee iCloud
| photos when they announced CSAM scanning, or were people
| only speculating this? I don't remember / can't find an
| announcement on that. Also curious if there's some law
| preventing them from doing e2ee without the scanning.
| bombcar wrote:
| I believe it was speculation based on them saying they
| wanted e2ee (and now it's available IIRC).
|
| It honestly seems to me like they thought they could
| negotiate a middle ground without pissing off the Feds or
| the customers, but they maneuvered it quite badly.
| hot_gril wrote:
| > now it's available IIRC
|
| Oh cool, didn't know that. It's this new "advanced data
| protection" feature that makes everything in iCloud e2ee
| except the classic mail/contacts/calendars combo that
| wouldn't really work with that.
| https://support.apple.com/en-us/HT202303 is a nice
| resource on this, and I wish more companies would publish
| things like this.
| bombcar wrote:
| It's a technologically impressive feat, and honestly
| they've done it well.
|
| I'm a bit too chickenshit to try it, as losing my devices
| is all too likely, but I'm glad it's available for those
| who need it.
| jodrellblank wrote:
| > " _Still, I don 't want my phone to even be capable of
| doing that,_"
|
| Not capable of what, running software? Communicating with
| a HTTPS endpoint? Having library code? Running stuff in
| the manufacturer's interest rather than your interest?
| All those things happen already in some form or other,
| and there isn't a cutoff to make the phone incapable of
| it without hobbling the phone.
|
| > " _That 's one big step closer to the described full-
| private scanning (and just a flag flip away)._"
|
| iPhone already does scan offline private photos for face
| and object recognition purposes. And run big blobs of
| unknown Apple-provided code. It's only your trust in
| Apple that makes you think it doesn't report anything
| back now - and nothing at all stopping them from being
| arm twisted by the authorities to make that scan for
| something the government dislikes and report on it, as
| you say a flag flip away. It already does send your
| location and your surrounding WiFi signals and your voice
| when you use Siri unless you toggle the privacy settings,
| and that all came in quietly on regular updates.
|
| Apple walked a fairly narrow line when they announced it,
| and when they publicly stated that if the authorities
| asked them to extend the scope of the scanning that they
| would refuse.
|
| I don't know why they chose to do it on the endpoints
| rather than in the cloud, but acting like doing it on the
| cloud would give you any level of protection from them
| putting intrusive software on your phone is not reality.
| (Same with Google, Samsung, et al).
| hot_gril wrote:
| > Not capable of what, running software?
|
| Not loaded with trained models on illegal content and
| wired up to alert the authorities if it finds a match,
| with presumably several teams within Apple built around
| that feature. I'm thinking about more than the technical
| aspects of this.
|
| > It's only your trust in Apple that makes you think it
| doesn't report anything back now
|
| Yeah, exactly. I trust them enough right now to run tons
| of stuff without my knowledge on my phone. I don't have
| the time or knowledge to audit my phone, even if it were
| Android. If they announced that new feature is going live
| like it's a thing customers are meant to be ok with, I'd
| trust them a lot less.
| hot_gril wrote:
| Not the only one. At the same time, they announced a separate
| scanner for incoming inappropriate photos over iMessage as a
| parental control feature. Unlike the photo library scanner,
| this one actually got released. https://www.apple.com/child-
| safety/
| resfirestar wrote:
| I'm a bit confused, is the German government formally opposing
| client-side scanning requirements or not? The article is about
| civil society groups voicing their concerns at a parliamentary
| hearing and notes that the parliament doesn't have a say in EU
| legislation. But it specifically says the government wants
| client-side scanning removed without any specifics on that part.
| timgo wrote:
| Yes, the German government is strictly against chat client side
| scanning. This is part of the coalition agreement.
|
| https://www.tagesschau.de/inland/innenpolitik/chatkontrolle-...
| EntrePrescott wrote:
| Though it's not the whole government who's against but really
| the two smaller parties in the coalition: the FDP (liberal
| party, 11.5%) foremost, and to some extent currently also the
| green party (14.8%)...
|
| ... whereas the largest party in the government coalition,
| the SPD (25.7%) of chancelor Scholz is not only largely in
| favor of such client-side scanning (of course there are also
| exceptions within the party), but also the party that holds
| the relevant ministry (interior) and thus the participation
| in the EU-side negociations.
|
| The current coalition contract kinda forces the SPD to oppose
| such client side scanning at the EU level - and we'll see to
| what extent they keep their word or try to play foul against
| the contract, but there is no doubt imho that if the next
| government was again a "grand coalition" of SPD and CDU
| without the liberals to block such stuff, then such client
| side scanning would be waved through by the same SPD that
| currently is contractually bound to oppose it.
|
| The danger of such attacks against our liberties is still
| very much there, and it takes a constant watchful fight for
| our liberties to prevent the authoriarian statists from
| getting through with such stuff. They never stop trying to
| push through ever more of their liberticide ideas.
| unity1001 wrote:
| > The current coalition contract kinda forces the SPD to
| oppose such client side scanning at the EU level - and
| we'll see to what extent they keep their word or try to
| play foul against the contract
|
| You cant 'play foul' against coalition protocols. The
| moment you do, the government falls.
| luckylion wrote:
| Yeah, reads like clickbait that is intentionally confusing
| "Germany, the country" with "Germany, as represented by these
| six people who were heard by a parliamentary committee
| yesterday".
| rat9988 wrote:
| That's the same no? They are their representatives. They act
| with the german power. It's like saying this is trump and not
| usa, while his ratification is equal to the us power. It
| doesn't matter for the other side. (I took trump as an
| example as I often see him used as an example in such cases)
| slackdog wrote:
| They're not the same. There is a big difference between
| heads of state and and elected representatives, and an even
| bigger difference between heads of state and the rando
| activists/etc that elected representatives might invite to
| share their point of view.
|
| Heads of state, like the POTUS, are meant to officially
| embody the state itself. So if Trump while President says a
| thing, it is reasonably conventional to describe that as
| "America said..." But that isn't what happened here. In
| this case you don't have a head of state saying anything
| about the subject. The article is about various people
| (including _" IT experts, civil libertarians, law
| enforcement officials and even child protectors"_ who
| aren't even elected representatives at all) giving their
| opinions to German Parliament. This is not a _" Germany
| says.."_ situation.
| shjake wrote:
| The government of Germany does officially support it. So
| I guess if they are serious about it we're sort of safe
| for the next few years.
| luckylion wrote:
| No, these are just experts explaining their opinions to a
| small group of MPs, but they're (a small) part of the
| legislative, not the executive (which does the negotiations
| on the EU level), and parliament usually votes along the
| government. So whatever 10/736 members think isn't "what
| Germany will do". It might be, but it probably won't.
| orcajerk wrote:
| These are the same rulers that wanted to ban memes. We all know
| what this is really about - banning wrong think and criticism of
| them.
| JW_00000 wrote:
| They never wanted to ban memes. In fact, the so-called "meme
| ban" and accompanying "link tax" has already been approved in
| 2019, and implemented in several countries, including Germany.
| By now it must be clear that this directive does not in fact
| ban memes or tax links, and that that was always an exaggerated
| reading by internet zealots.
|
| More information at
| https://en.wikipedia.org/wiki/Directive_on_Copyright_in_the_...
| LinuxBender wrote:
| Rather than client side scanning, I'm surprised they have not
| implemented Meta's solution [1] '[?]
|
| [1] - https://www.diyphotography.net/meta-wants-teens-nudes-to-
| sto...
| hermanb wrote:
| If the image doesn't leave the device and only the hash does...
| What is stopping one from uploading existing public images,
| banning a whole lot of innocent people?
| LinuxBender wrote:
| You have a very good point. It's not clear to me how
| Facebook/Meta planned to verify images. Maybe they have a
| team of people swiping left/right.
| sjaak wrote:
| <dusts off OpenBSD and GrapheneOS>
| rendx wrote:
| CDC:
|
| * About 1 in 4 girls and 1 in 13 boys in the United States
| experience child sexual abuse.
|
| * Someone known and trusted by the child or child's family
| members, perpetrates 91% of child sexual abuse.
|
| https://www.cdc.gov/violenceprevention/childsexualabuse/fast...
|
| WHO:
|
| "1 in 2 children aged 2-17 years suffered violence in the past
| year"
|
| https://www.who.int/health-topics/violence-against-children
|
| It's a sad joke that child protection is the driving argument for
| surveillance. The actual numbers are _horrifying_, but almost
| nothing is done about it even in "developed countries". _None_ of
| the organizations looking into _actual_ violence against children
| is advocating for such measures. It is a completely fake and
| bullshit argument.
| lifeinthevoid wrote:
| How will it work on computers? Will browsers do the client-side
| scanning? Will Apple and Microsoft implement it in their OS'es?
| What about Linux, will Linux be forbidden? (let's not get in the
| discussion that Linux is the kernel, you know what I mean).
| squarefoot wrote:
| Governments have access to what is precluded to normal citizens
| and hackers. All they need to do is telling the
| phone/router/CPU/chipsets/NIC manufacturers: "if you want to
| have business here, from now on you put into your firmware this
| small blob that will help us to catch pedophiles and
| terrorists", and see how quick they will comply. Open Source in
| software would be tolerated because hardware runs at high
| privileges, and if you tamper with that at production level to
| insert backdoors, no Open Source operating system and software
| can prevent them from working.
| ethbr0 wrote:
| The "invisible supply chain attack by intelligence agencies"
| angle is a plausible vector, but doing so pervasively and
| repeatedly in a democracy with open records is unlikely.
|
| Room 641A was leaked in 3 years. And that was one room with
| one domestic telecom provider.
| https://en.m.wikipedia.org/wiki/Room_641A
|
| To keep a secret that spans supply chains, across multiple
| companies, many with substantial international ownership
| and/or interests? Not gonna happen.
| salawat wrote:
| How many common people really understand room 641A though?
| There's the case to be made that the level of signal
| propagation and uptake is still "low enough" where even
| though it is public, it is still effectively secret.
|
| From a CAP theoretic point of view, the info is Available,
| but there is still a hefty Partition in that there is a
| significant degree of the population that isn't Consistent
| on this fact.
| JohnFen wrote:
| My experience is that a large percentage of ordinary
| people have heard about 641A, but the overwhelming
| majority of them think it's just another crazy conspiracy
| theory.
| irusensei wrote:
| My APU2C2 from 2016 running OpenBSD can.
| slackdog wrote:
| This sort of argument seems similar to _" but I can
| manufacture my own gun in my garage machine shop"_ That's
| great for you, but it says little about the ultimate
| efficacy of a policy on a general population level. Japan's
| gun ban is generally effective, even though you
| occasionally have somebody who successfully makes their own
| homemade gun. And regulation requiring computers to spy on
| their owners could become generally effective, even if a
| few people like yourself have the technical know-how and
| inclination to opt yourself out.
| irusensei wrote:
| I don't think such controls on software and data are as
| enforceable as fire arms. And older router that can run
| OpenWRT is way easier to procure than a 3d printer or a
| cnc machine.
| slackdog wrote:
| Why not? Anybody can make a homemade shotgun with
| standard tools and hardware store parts, but very few
| people do. Very few people simultaneously have _both_ the
| technical know-how _and_ the inclination, therefore gun
| bans are generally effective by simply banning the
| easiest and laziest way of getting guns (buying them.)
| Even people with overt criminal intentions _rarely_ make
| their own guns.
|
| I think the same will likely be true for legally-enforced
| client side scanning. It is already the case that few
| people simultaneously have both the knowledge and
| inclination to "jailbreak" their phones. Throw in stiff
| legal penalties for doing so and even fewer people will
| do it. A few people still will, but if most people don't
| then the ban will still be effective even though it's
| possible to squeeze through the cracks. In both cases,
| instructions for circumventing the law may be found
| online by anybody that cares to look. But most people
| won't.
| irusensei wrote:
| Like piracy? It's ilegal and fines are often hefty so
| shouldn't it deter people from pirating movies or
| downloading roms etc?
|
| I don't think it's a good comparison. It's pretty much
| unenforceable outside of apple cellphones and very hard
| to detect.
| slackdog wrote:
| > _Like piracy? It 's ilegal and fines are often hefty so
| shouldn't it deter people from pirating movies or
| downloading roms etc?_
|
| Yes, and it mostly works! Bans on piracy work well
| already, _most_ people don 't torrent games or movies.
| And locked down platforms exist, demonstrating the
| technical feasibility of even greater control. Software
| piracy in particular is much more difficult on the sort
| of computers that manufactures deliberately design to be
| locked down, like modern video game consoles and iOS
| devices. It is still possible, but has been made
| sufficiently difficult to stop the majority of the
| population from doing it.
| irusensei wrote:
| Plex works on iOS and video game consoles doesn't? You
| can install VLC or similar software on your iOS device
| and watch a downloaded mkv. People are often caught when
| selling or seeding a torrent file, which is easily
| avoidable by using a VPN or seedbox not by playing a rip
| of Dune.2020.4k.en.it.h264.mkv on their phone.
|
| Piracy has been mitigated through better services at
| competitive prices offered by the likes of Steam, iTunes,
| Spotify or how Netflix used to be and not at all by law
| enforcement.
| slackdog wrote:
| > _Plex works on iOS and video game consoles doesn 't?_
|
| As long as that remains permitted by Apple/Sony and your
| government, yes. If either of them decide to ban Plex or
| VLC, it will become effectively impossible for most
| people with normal levels of motivation and technical
| know-how.
|
| > _You can install VLC or similar software on your iOS
| device and watch a downloaded mkv._
|
| Presently, you can. And yet presently, relatively few
| people do.
|
| These sort of bans aren't ever 100% effective; you'll
| probably always be able to squeeze through the cracks if
| you try hard enough. That guy in Japan managed to make a
| homemade shotgun that was good enough to kill the ex-PM,
| but the simple fact remains that gun control _generally
| works_ in Japan. And so do anti-piracy measures even
| today, before the full technical means of authoritarian
| control have even been brought to bear.
|
| Locked bootloaders exist and mostly work. The fact that
| you can presently buy computers without locked
| bootloaders doesn't change the fact that the technical
| means of control have been demonstrated to work.
| Political policy is all that protects us today.
| zirgs wrote:
| Game piracy doesn't work on game consoles. In order to
| pirate you have to jailbreak it (and risk bricking it in
| the process). Jailbroken consoles also don't work online.
| And not all firmware versions are vulnerable. Basically -
| it's a mess and most console players don't bother.
|
| And as far as I know - XBox One, Series X and PS5 haven't
| been jailbroken at all.
| throwaway8689 wrote:
| Piracy may have been displaced into Netflix password
| sharing, or diminished and replaced by bona fide
| streaming subscriptions (why pirate if you can get what
| you want at a low price). But falling real incomes and
| Netflix tightening up on 'free' users could see more
| pirating.
| shjake wrote:
| Software has close to zero cost and very low barrier of
| entry. Also it's much harder to enforce, the police can't
| really "raid" your computer (yet) the same way they could
| an illegal gun making workshop.
| throwaway8689 wrote:
| I agree about the cost, but it is common to seize
| computers during raids police raids.
| slackdog wrote:
| > _the police can't really "raid" your computer (yet)_
|
| > _yet_
|
| Key word.
|
| The technical means for that sort of thing have also been
| demonstrated. The only thing holding us back from a
| highly effective digitally-enabled police state is
| political policy. Software piracy is presently easy on
| _some_ platforms, but much more difficult on others. With
| the right political impetus, those controls could be
| extended to the presently free platforms. _" Just buy an
| Android"_ doesn't work when the law requires Google to
| implement the same sort of controls as iOS. _" Just buy a
| PC"_ stops working when the government permits or even
| compels Microsoft, Dell, etc to implement locked
| bootloaders like a Sony Playstation and only permit
| applications to run if they've been signed by an
| organization accountable to the law.
| squarefoot wrote:
| Same as my WRAP boards from a few years earlier, but as
| with any other device out there, you may indeed protect
| yourself but have no guarantees the people you're talking
| to can or will do the same, unless they're privacy
| conscious and know how to protect themselves. Unfortunately
| all it takes is one of the endpoints to be compromised.
| Yours however is still a very valid point on why we should
| keep at hand an old device from before every chip could
| contain a backdoor, if only just for texting over serial
| port, just in case, although this could bring other
| problems like not having enough power for heavy encryption.
| lifeinthevoid wrote:
| Did some minor research, apparently it's for all providers of
| email, chat and messaging apps.
|
| edit: How will it work in practice? Say I make some Open Source
| messaging app. Now I need to add some/the government approved
| algorithm to detect malicious content and then feed this to
| some government instance. I guess the government will provide
| me some key/certificate to ensure that my reports of malicious
| content are legit. But how will this work if this is public,
| the signing stuff can be abused to file false reports. I have
| no clue how this will work in practice. The death of Open
| Source email, chat and messaging apps?
| hadrien01 wrote:
| So, a law in France prevents POS (point of sale) software
| from allowing users to modify or delete transactions and
| other data. To make sure they don't, software needs to be
| certified.
|
| For three years (2016-2019), open-source software couldn't be
| certified, but since 2019, they consider any 'major
| modifications' of the software by any user, including the
| end-user, a reason to certify that forked software. So you
| can use and modify open-source software for your POS, with
| that condition if you want to use it for professional
| reasons. (though I have no idea how it's enforced)
| patrickaljord wrote:
| > The death of Open Source email, chat and messaging apps?
|
| Not if you compile it yourself. Clearly bullish for gentoo
| and arch users.
| junon wrote:
| Then chip makers will make money selling chips without
| secure boot. And when those are outlawed, people will start
| to make their own bootleg chips. This is _already_ starting
| to happen, it 's just in its infancy. They won't be as nice
| as the current chipmakers but at least they wouldn't be
| beholden to crazy legal restrictions.
| hex4def6 wrote:
| I'm sorry, it appears your OS image isn't signed. Please
| submit it to the certification authorities along with the
| inspection fee of $25,000 to ensure that it complies with
| all necessary regulations.
|
| Computers are going to become more like cell phones with
| locked bootloaders. TPM is already a mandatory feature
| thanks to Windows 11.
| supriyo-biswas wrote:
| Well, conveniently the EU has a proposal for certifying
| open source projects.
| throwaway8689 wrote:
| What's the certification fee looking like?
| chongli wrote:
| Well then we'll build our own computers at home. Sam
| Zeloof [1], a high school student at the time,
| demonstrated the possibility years ago. Are they going to
| outlaw electronics knowledge? At that point we're beyond
| a dystopian society, we're post-apocalyptic.
|
| [1] https://www.youtube.com/@SamZeloof
| hedora wrote:
| Richard Stallman sleeps on a couch in Terry Gilliam's Brazil.
| The police find out SSH and console emacs exist, as do /tmp
| and multi-user unix. Hilarity ensues as they knock down the
| door and arrest him.
|
| Years later, we find out the mind crime courts use ~IRC over
| SSL~ (edit: emacs org mode over sshfs) to organize their
| docket, and they eventually have to give RMS access to a
| libre terminal from his jail cell, so he can help them finish
| his own processing.
|
| At this point, the backstory is established and our story
| begins...
| shjake wrote:
| It's probably gonna be closer to how they enforce GDPR. So
| open source developers whose apps have very little market
| share will mostly be ignored.
|
| Of course it doesn't really matter the few big companies
| which control 99%+ of the market will end up complying..
|
| Seems like EU is set on reenacting 1984 for some bizarre
| reason...
| t344344 wrote:
| Make no mistake about this law!
|
| EU already has quite strong child protection laws, but does not
| enforce them! In many cases it sides with child traffickers,
| abusers and pedophiles!
| Kognito wrote:
| Quite a strong statement to make, not one that I know enough
| about to argue either way.
|
| Do you have any references you could link to to back up your
| statement? I'm genuinely curious what you're referencing.
| irusensei wrote:
| https://en.wikipedia.org/wiki/Vienna_swimming_pool_rape
|
| > On 2 December 2015, at the Theresienbad swimming pool in
| the Austrian capital Vienna, a 10-year-old boy was raped.
|
| > The perpetrator, ..., claimed that he was motivated by not
| having sex for four months
|
| > In October 2016, the Austrian Supreme Court overturned the
| man's conviction of rape, ordering a retrial, while upholding
| his second charge of aggravated sexual assault of a minor.
| The rationale was that the prosecution had not provided
| evidence that the man did not know that his victim did not
| consent
|
| > In May 2017, judge Thomas Philipp reduced the sentence to
| four years in a final decision by the Supreme Court, saying
| that the rape was a "one-off incident" and "you cannot lose
| your sense of proportion here"
|
| Serious clown world material here.
| jll29 wrote:
| This is shocking and disgusting, but should not be taken as
| a motive to spy on everyone. Spying on everyone implies
| general assumption of guilt covering the whole population,
| which is unlawful in most jurisdictions (proportionality)
| and also unconstitutional in many (e.g. Germany).
| irusensei wrote:
| Agreed.
| t344344 wrote:
| Lets just say EU is not very family friendly compared to
| individual states. I do not think this discussion belongs on
| HN. Just pointing BS in this law.
| flangola7 wrote:
| Isn't the EU just a sum of the states' desires?
| shjake wrote:
| Not really. They are usually a sum of some clique of
| useful idiot/lobbyists and somewhat competent busybody
| career bureaucrat desires.
| germandiago wrote:
| No. It is an agenda imposed on all EU citizens without
| direct representation.
|
| It goes top-down instead of bottom-up unfortunately and
| that is why there are so many fights. It is also
| increasingly invasive even of the sovereignity of
| constitutions of individual countries.
| [deleted]
| gavinhoward wrote:
| Here's a link arguing for encryption, in case people need it.
|
| https://everyoneneedsencryption.gavinhoward.com/
|
| Comments and feedback welcome. I'd like to make these arguments
| irrefutable.
| fleddr wrote:
| Whatever happened to concepts like "probable cause" and "innocent
| until proven guilty"?
| auggierose wrote:
| I am wondering, who in the EU commission is exactly pushing for
| this, and why?
| belter wrote:
| Ashton Kutcher, Demi Moore...
|
| "European Security Officials Double Down on Automated
| Moderation and Client-Side Scanning" -
| https://www.lawfareblog.com/european-security-officials-doub...
| [deleted]
| dvngnt_ wrote:
| follow the money
| Kognito wrote:
| Wasn't sure if you were being serious but sure enough:
|
| "Thorn, a U.S. 501(c) (3) organization founded by Hollywood
| star-turned venture capitalist Ashton Kutcher and his former
| partner Demi Moore, has been a central force lobbying for the
| legislation."
| ClumsyPilot wrote:
| what the fuck? are they front men? For whom?
| trompetenaccoun wrote:
| He is a professional actor - so there's that.
|
| On a more serious note though I'd also like to know. I
| never paid attention what Hollywood actors do in their
| spare time, but it's well known around the world that
| there are politicians and lobby groups pushing for
| authoritarian measures under the guise of doing it "to
| protect the children".
| jai_ wrote:
| Ashton Kutcher and Demi Moore have been campaigning to
| address child sexual exploitation for a while.
| https://en.wikipedia.org/wiki/Thorn_(organization)
|
| I would guess they are simplying sponsoring this
| legislation sincerly without understanding the privacy
| ramifications if it passed.
| wewxjfq wrote:
| The initial link claims they are lobbying for client-side
| scanning while they are offering a _commercial product_
| for client-side scanning.
| jonnybgood wrote:
| What commercial product are they offering?
| whstl wrote:
| According to this article, it seems they want to sell it
| directly to chat applications.
|
| _" There's a company called Thorn that is lobbying for
| the scanning contract and would love to get a government
| mandate for its software to be installed into your chat
| clients," he said._
|
| Apparently Apple didn't want to pay and developed their
| own in-house, only to scrap it after complaints from the
| public.
|
| https://www.theregister.com/2022/10/13/clientside_scannin
| g_c...
| unity1001 wrote:
| Wow this is literally textbook crap.
| belter wrote:
| Problem is Ashton Kutcher in real life, always seems to
| play the role of the useful fool:
| https://www.cnbc.com/video/2019/01/14/watch-cnbcs-full-
| inter...
| slackdog wrote:
| My guess is that _the actors are actors_ , being paid to
| represent the interests of others who don't care to be
| famous themselves.
| wkat4242 wrote:
| Weird. I thought you were joking but you're not. What do some
| second-rate American actors have to do with EU Digital
| policy? They have no tech knowledge and they aren't even
| European.
| krona wrote:
| Influence peddling in the EU is a feature, not a bug.
| Gustomaximus wrote:
| Kutcher works with Thorn to help reduce peodophilia
|
| https://en.m.wikipedia.org/wiki/Thorn_(organization)
| jll29 wrote:
| These people perhaps have hidden financial motives (e.g.
| share holdings in scanning software companies), or they
| lack the technical expertise to judge the impact, and
| they may actually think what they want to do is a good
| idea.
|
| In any case, they must be stopped at all cost. Freedom is
| priceless in the literal sense of the word, or people
| would not be willing to die for it.
|
| Germany has a historic responsibility (after two
| totalitarian regimes that spied on its cities in its
| past), which thankfully means a substantial part of the
| population was educated in school enough about the
| dangers that they would not support any party who let
| that kind of nonsense creep in, probably even regardless
| of which party is in power.
| throwaway8689 wrote:
| Simpler financial motive: residual payments on their old
| movies.
| foxhill wrote:
| more likely: they are victims.
|
| which makes sense. but there's a reason why victims of
| crime aren't allowed to be jurors of their own case.
| thg wrote:
| > Germany has a historic responsibility (after two
| totalitarian regimes that spied on its cities in its
| past), which thankfully means a substantial part of the
| population was educated in school enough about the
| dangers that they would not support any party who let
| that kind of nonsense creep in, probably even regardless
| of which party is in power.
|
| I wish it were so, but alas no. We have strong historic
| privacy laws, data protection authorities with teeth and
| a working court system constantly overturning new anti-
| privacy laws. Most of us Germans simply do neither care
| about privacy nor understand why "it all has to be so
| hard". The parties most people here vote for are also the
| parties that constantly enact laws eroding our privacy,
| only to then have them overturned by the courts. If not
| for those safeguards, Germany would again be on its best
| way on turning into an authoritarian police state again.
|
| The only reason Germany is opposing this right now is
| that we currently have both the Liberals and the Greens
| in the government coalition. The Social Democrats (SPD)
| would have just winked it through and the Christian
| Democrats (CDU/CSU) would have fiercely supported it.
| gambiting wrote:
| OP question still stands - what does some random American
| actor know about technology and why is he trying to
| influence EU law? To "protect children"?
| MrDresden wrote:
| The article points to it. Thorn has a commercial product
| they call 'Safer' that they have been pushing.
|
| I'm not going to be cynical and say this is just about
| the money but... Ah who am I kidding, this is just about
| the money.
|
| Just like it always is.
| shjake wrote:
| What does some random EU bureaucrat know anything about
| it?
|
| The commission is even worse. Most countries just send
| their loudest/incompetent/etc idiots to get them out of
| the way for a few years. Just look the commission
| president...
| gambiting wrote:
| At least they are an EU bureaucrat not an American actor.
| They are paid to make these decisions, whether I agree
| with them or not. A random American actor is just butting
| their head in where it doesn't belong. It's like as if
| Daniel Radcliffe was trying to influence the American
| congress - even if he had the best intentions in mind, he
| should still be told to piss off.
| throwaway8689 wrote:
| Shouldn't be a bureaucrat. With an elected official, at
| least I have the option to vote against them.
| timeon wrote:
| Like with positions in government, they are nominated by
| ruling parties.
| gambiting wrote:
| Parliament is elected. Comission isn't, like any
| comission in any country anywhere in the EU(and outside
| of it you include the UK). If you don't like the
| comission then make sure your vote for the parliament
| matters.
| peoplefromibiza wrote:
| that's a common misconception.
|
| Commissioners and the President of commission are
| appointed (elected) by the Parliament who is in turn
| elected by the people.
|
| Same way the American president is elected by "electors"
| who are chosen by the parties, which are voted by the
| people. People only vote directly for the congress in the
| US.
|
| It's the same thing for the European institutions, I
| don't see the problem here.
| peoplefromibiza wrote:
| We vote them.
|
| Might not give the best of results sometimes, but people
| in Europe go to the ballots and cast a vote to send
| people there.
|
| It's not like the board of Amazon or Elon Musk buying
| Twitter.
| unity1001 wrote:
| The commission is elected by the European Parliament from
| among the candidates presented to them. The Euparl is
| elected directly by the European people with proportional
| representation.
| croes wrote:
| You mean child abuse.
|
| To reduce pedophilia they would need therapists not chat
| control.
| 0xDEF wrote:
| Neurotic Americans who claim they are fighting against "child
| pornography".
|
| I am not kidding. Ashton Kutcher and Demi Moore are involved.
| lock-the-spock wrote:
| I think the issue here is more that the legal text could be
| interpreted as going quite far, even if this was not
| necessarily intended.
|
| Here the _proposal_ , scroll down to 'Article 1' for content.
|
| https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM%3A20...
| trizuz wrote:
| [dead]
| marcodiego wrote:
| My half freetard stallmanian brain says: "I wouldn't mind a law
| forcing client-side scanning if it affected only proprietary
| software."
|
| The other half of my brain says: "Indeed... I really need to be
| able to control which software runs on MY devices."
| slackdog wrote:
| As demonstrated by iOS, the technical means to effectively
| frustrate the installation and use of Free Software already
| exists. We (the tech industry) have already built the walls of
| our own prison. All that remains now is for politicians to herd
| us in and slam the gates shut.
| zirgs wrote:
| ANd yet - Google is making one of the best phones that can
| work perfectly fine without any Google software installed.
| (Pixel series).
|
| Nobody forces you to use Apple softeware. I have never owned
| a single Apple device and never will.
| slackdog wrote:
| Nor have I. But I'm afraid you're not getting it.
|
| The point is that the technical means for control have
| already been demonstrated by iOS, not that anybody is
| forced to use iOS specifically. Governments could require
| that Google and other manufacturers implement similar
| controls. The walls of this sort of prison have already
| been designed and shown to work, all that remains is the
| political will to herd people in and lock the gates.
| zirgs wrote:
| Locked down computing devices existed well before before
| the iPhone was a thing. Pretty much all gaming consoles
| are locked down. I'm fine with them existing as long as a
| non-locked down option is available.
|
| And controls like that would mean death to open source
| OSes like Linux, because you can't develop and test an
| operating system on a locked down device.
| slackdog wrote:
| You're still not getting it. iOS and the locked down game
| consoles that preceded it _all demonstrate the technical
| feasibility_ of these controls. All that prevents it is
| political policy.
|
| I didn't say iOS was the first to do it. I didn't say
| that you are presently forced to buy such devices. And I
| certainly didn't say that desktop Linux would survive the
| sort of totalitarianism the tech industry has invented
| the means to implement. You're missing the point so
| severely that it's hard for me to understand where my
| explanations could be falling short. Are you trying to
| get a rise out of me?
| int_19h wrote:
| The other thing that iOS demonstrated is that not only it
| is technically feasible, it is also _socially_ feasible -
| to the point where the majority of people willingly use
| such devices in some countries.
| legrande wrote:
| > I really need to be able to control which software runs on MY
| devices
|
| Well if you're running an Intel powered device, there is the
| Intel Management Engine[0], which is a minus ring zero backdoor
| with unfettered access to everything. It even runs MINIX! It's
| not really _your_ computer.
|
| [0] https://en.wikipedia.org/wiki/Intel_Management_Engine
| fsflover wrote:
| Fortunately, Intel ME is disabled and then neutralized on my
| Librem 15.
| beebeepka wrote:
| Weird. The system reports that you're still connected and
| the beacon is functioning normally.
| blue039 wrote:
| You might be able to handwave some things in politics. They're
| either too old, too lazy, etc. They're just politicians trying to
| find a nice box to put everything into because otherwise you
| can't make laws. It's the fundamental problem with legislators
| that take a salary and are not volunteers for a short period.
| When you need people to justify their pay they start finding
| heuristics, no matter how awful, to create more laws.
|
| The problem is the precedent, globally, of killing encryption is
| well documented. There is _no_ good solution that doesn 't harm
| everyone. Here in the states, the Clipper Chip [0] was the
| textbook example of politicians trying to legislate mathematics.
| You wouldn't even be able to do something like "give us a copy of
| your private keys" because then you'd go down the path of playing
| wackamole with every distribution, every slightly recompiled
| GnuPG, etc. It's an intractable problem. We, in the US, would've
| gone a long way by stripping Dorothy Denning's CS PhD from her
| [1] after her outspoken support of such measures. Instead she has
| received many awards for her "work" in the field of rights
| erosion.
|
| The US seems to have settled on making attempts at Clipper 2.0
| every decade or so. In the meantime encryption is considered a
| weapon legally which is how the DAs get their fill. Germany
| appears to have flat out opposed it...but it's only a matter of
| time. The EU will force them to bend the knee because
| historically they always have. It's a fantastic effort.
| Unfortunately, done by one of the biggest pushovers in Europe.
|
| There's no hope for the technical among us. The people with power
| who do understand, the technocrats, are behind these efforts. The
| people that don't understand are behind these efforts. It's only
| the intractability of the problem that makes legislating it
| dangerous. Once someone clever enough makes it tractable there
| won't be encryption anymore. Pre-crime is the way the world has
| worked since 9/11 and encryption is #0 on the list of things to
| legislate to death. In the US, there are likely hundreds of
| billions of taxpayer dollars being spent to store every last bit
| of communication in Utah for this eventuality.The EU has a
| similar program. Those tax dollars have to be justified somehow.
| So when you ask "who would support this"... just follow the
| money.
|
| [0] https://en.wikipedia.org/wiki/Clipper_chip
|
| [1] https://en.wikipedia.org/wiki/Dorothy_E._Denning
| the_af wrote:
| I cannot find information on Wikipedia about Denning's PhD
| being stripped away from her. She's listed at Purdue as having
| one. Where can I read about this alleged stripping of her PhD?
| blue039 wrote:
| I meant that we _should have_ stripped it away. Sorry that
| was not clear.
| flangola7 wrote:
| You misread. She wasn't stripped of them
| snapcaster wrote:
| I think you misread the comment, the OP was advocating for
| removal of the PHD not saying it happened
| chihuahua wrote:
| I find it unlikely that taking away someone's Ph.D. would
| accomplish anything positive.
|
| How do you envision this would work in general - an angry
| Twitter mob demands that academic degrees are revoked, and when
| the mob gets sufficiently large and angry, the university who
| awarded the degree buckles under the pressure?
|
| If not a Twitter mob, then who makes these decisions? The
| Central Committee of the Party? The Committee for the Promotion
| of Virtue and the Prevention of Vice?
| blue039 wrote:
| The ACM has a strict code of conduct. If an engineer commits
| an atrocious error their PE will be stripped. Violating the
| computing rights of _literally the entire planet_ should be
| similarly egregious.
|
| It is not twitter mobs. Its about holding people to a
| standard and not allowing them to corrupt the meaning of
| computing for financial, or tyrannical, gain. In recent
| history we have done almost nothing to hold _anyone_
| accountable for their actions. Academia being the most
| impervious to such punishments.
|
| The ACM and ABET would make the decision. The same people who
| issue the certifications to the schools who award the
| degrees. Yes, these organizations are generally spineless
| cowards, but in a perfect world it would be them. Iron-fisted
| responses to tyrants is the only way you can insure the
| purity of a field and freedom from their destruction. I
| assume you will take this to it's natural conclusion and say
| any CS degree holder working for the NSA/Military/FBI/etc
| should also be similarly stripped of their title. To that I
| say, yes, if they are violating the computing rights of
| others willfully we as a society cannot allow such people to
| hold the credential. Otherwise a code of conduct is simply a
| list of suggestions. In which case it should not exist at
| all.
| skeaker wrote:
| I'd imagine it would be similar to how the (former) doctor
| who kicked off the anti-vaccine thing had his Ph.D. revoked,
| which involved a whole board of his peers reviewing his
| claims and actions and determining that he caused
| irredeemable harm. The problem in this case is how CS is such
| a new field that we don't really have boards and such that
| will scrutinize to that extent in an academic context, at
| least as far as I know.
| Jyaif wrote:
| [flagged]
| lhoff wrote:
| > Hartmann either does not understand encryption, or client-
| based content scanning. There's a good chance Hartmann doesn't
| understand either :-(
|
| I think that is debatable and depends on your viewpoint. If you
| only look at the technical process of end-to-end encryption it
| is, indeed, not weakend by client-side scanning since that
| happens prior to the encryption. If you, however look at it
| from the perspective of the use case (sending information
| privately without information leakage) it is weakened. Client-
| side scanning only makes sense if, in case of a match, some
| authority is informed. This is by definition information
| leakage. On a first glance it looks like a ok compromise in the
| case of CSAM but if the technology is in place it can only go
| downhill from there and the next step is usually terrorism
| followed by capital crimes. The later two categories can be
| abused depending on the definition which heavily differs
| depending on which European country we are talking about. Also
| if the technology is forced in place by the European market,
| there is very little that stops other less liberal countries to
| use the same technology against whatever they don't like. So
| it's the usual slippery slope argument with the additional
| caveat that a lot of child protection agencies are not
| convinced that it would make an important difference and that
| the resources should be allocated elsewhere.
| gchq-7703 wrote:
| False positives / false negatives are important to note. It is
| likely that they're saying that out of 100,000 scanned files,
| 10,000 to 20,000 will not include child sexual abuse.
| devmor wrote:
| If every agency and government with access to this technology
| could be trusted to only use it for CSAM it would be the
| easiest no-brainer to approve and turn on immediately.
|
| But they can't. It can easily be used to target people for
| political and social reasons just as easily, and once that
| Pandora's Box is opened it can never be closed.
|
| For the most topical example, imagine it being used in a
| conservative US State to target images of people not conforming
| to the gender they are expected to.
| slackdog wrote:
| Even if the government exercised restraint and only used this
| technology in the manner they presently advocate for, a 10%
| false positive rate, presumably each resulting in an invasive
| investigation, is way too high.
| hexo wrote:
| id say 10-20% of all content is expected to be misclassified
| hnhg wrote:
| You would have to look at it from the perspective of the base
| rate (for low incidence) to properly understand what that means
| for the wider population:
| https://en.wikipedia.org/wiki/Base_rate_fallacy
| wkat4242 wrote:
| The problem is that for it to actually work you will need to
| take control away from the users over all their computing
| devices. Otherwise they can simply circumvent it.
|
| It would mean a model as closed as iOS, but for all mobiles and
| desktop platforms.
|
| I will personally never let that happen. This is way too
| draconian a measure to solve a problem that will not go away
| anyway. The predators will just go offline again or find
| workarounds, while it will be severely restricting all citizens
| in their computing freedom.
| amadeuspagel wrote:
| I hope that one day germany will gain some influence in the
| european union, to counter the influence of great britain and
| protect end-to-end encryption.
| ttctciyf wrote:
| Guess you haven't been following the Brexit news?
| justinclift wrote:
| Was probably meant sarcastically. ;)
| jll29 wrote:
| > to counter the influence of great britain and protect end-to-
| end encryption.
|
| In 2016, a voting majority of the UK population decided to give
| up their valued influence in the EU, and we miss them dearly
| (not sarcasm - they were a much-needed voice for common sense).
| This event is commonly referred to as "Brexit" or Britain's
| exit from the European Union, and eventually from the European
| Council, which it once was a founding member of.
| InCityDreams wrote:
| > and we miss them dearly (not sarcasm - they were a much-
| needed voice for common sense).
|
| Ha! That voice for 'common-sense' you dearly miss voted
| itself out.
| beebeepka wrote:
| And is a champion of the surveillance state
| germandiago wrote:
| Iam spanish. I fully support Germany. No more and more
| surveillance.
| solarkraft wrote:
| I don't use Tutanota anymore (main reason: no bridge to other
| clients), but I'm not mad about having paid up-front for another
| year. Thanks for keeping this topic visible.
| sebzim4500 wrote:
| Will CSAM be killed by AI art? Hard to believe that producing it
| the conventional way can be economical when you can make an
| almost identical product without risking serious prison time (or
| any at all in some jurisdictions).
| mouse_ wrote:
| That, or AI art will be killed/somehow heavily regulated due to
| CSAM.
| avidiax wrote:
| AI art has a problem that it can reproduce the training data,
| or at best, still requires the training data.
| wkat4242 wrote:
| Uhhh yeah, obviously I don't want my devices spying on me. If
| Apple had gone ahead with their ridiculous plan I would have
| dropped them if I hadn't done so already the year before (I went
| from macOS to FreeBSD for more control and I dropped iOS years
| before)
| sn_master wrote:
| I've seen at least half a dozen cases in the US for people
| arrested for child abuse material where all of them came up to be
| because of Google scanning their messages (not just emails).
| There was even a case where it was a photo sent to the child's Dr
| because the child had a rash, and Google's algorithms identified
| it and that was enough for the police to get a warrant for ALL of
| the user's Google account.
| varispeed wrote:
| It's funny that I was saying the EU is going to implement this
| like 10 years ago and people were calling me crazy conspiracy
| theorist, that the EU would never have done anything like that
| and that EU is totally not evil. Look how Overton windows is
| moving. Today it's a thing and nobody calls it conspiracy theory
| anymore and suddenly people no longer talk about good EU.
| Tomorrow you'll have these scanners on you device. From then your
| life will be micromanaged by bureaucrats and you'll become a
| slave. As ideology EU is built upon is slavery.
| teekert wrote:
| I don't understand these laws. What if I don't want client side
| scanning? I'll just get a Librem or PinePhone or a pixel 6 with
| GrapheneOS. How are they going to stop me? Think about it really,
| how are they going to stop me? The implications are pretty insane
| if you ask me.
| mschuster91 wrote:
| For once, we're blocking the right thing. Good that the CDU/CSU
| is no longer in charge of the Interior Ministry, but still Nancy
| Faeser (SPD) is _barely_ better than the Conservatives.
| trizuz wrote:
| [dead]
___________________________________________________________________
(page generated 2023-03-02 23:00 UTC)