Cant you just make a keyboard app that encrypts it for the recipient while you type it? Will they even ban that?
There are logistical problems with that. Such as how you plan to get the key out to recipients.
When someone wants to start a conversation they send their public key unencrypted (no need for it to be encrypted) and then you send your public key It will be one more message but the keyboard could have some sort of “profiles” for every persons public key, that you could select (This is just an idea, I have no coding experience)
Okay, but how do you then make sure that key isn’t intercepted? Anyone who has the key can read your messages
They are talking about asymmetric encryption which has a keypair, private key (kept secret only by the owner) and a public key that is used by everyone that would send them a message. You can’t decrypt the message with the public key when it is encrypted using the public key, you must use the private key to decrypt it.
Ah, I missed the public key part.
That is true, you could do that
Yeah, they’re a bit cart ahead of horse on that one.
No they won’t. The bill is against social media companies, not your own encryption measures. Where the line exactly falls between hand-coding your own cypher; using good old PGP; using an app to encrypt but sending via a separate service; using an e2ee messaging app+service; being on a community/group-focused e2ee service; normal unencrypted-on-server social media… Going by the Reuters article (I haven’t read the actual bill) it seems mostly aimed at main social media platforms, with a to-be-explored relationship with private messages.
Like this one https://github.com/amnesica/KryptEY?
Yes, like that, thanks for it. was thinking about something that captures the screen and uses OCR to take the encrypted text and then decrypts it. But that would be complicated and would need to be adapted for every app
Not even the United States is as determined to become a third-wonld shithole as the UK is.
I don’t get it - where did all these idiots come from in the western developed worlds? It’s like half have forgotten history, and are hell bent on sending us into this fascist dystopia where we’ve forgotten that freedom comes with a price. Nobody likes the darker side of the internet, but punishing regular users and businesses isn’t the answer. Everyone loves to pick on the USA, and we deserve it, but it’s happening seemingly everywhere.
Where there is money to be made, and influence to be pedaled, Capitalism will find the person to do it for them. If you are doing it because you are evil you are a conservative, if you are doing it because you think you are actually helping the children, you are a liberal. But the outcomes are the same either way.
Because these people are always there, always waiting. We got lazy about stomping them down.
republicans: “hold my beer”
The common thing here is conservatism. It has no borders and thrives on hatred, which is fundamentally human. It will alway exist as an evil. It just varies on how much power they have and is under slightly different names, but they have a common thread of beliefs that always come back. No country or person is immune to this as morally superior they think they are.
After Brexit there’s Digital Brexit
This is the best summary I could come up with:
LONDON, Sept 19 (Reuters) - Britain’s long-awaited Online Safety Bill setting tougher standards for social media platforms such as Facebook, YouTube and TikTok has been agreed by parliament and will soon become law, the government said on Tuesday.
“Today, this government is taking an enormous step forward in our mission to make the UK the safest place in the world to be online,” she said.
Once the bill receives royal assent and becomes law, social media platforms will be expected to remove illegal content quickly or prevent it from appearing in the first place.
They will also be expected to prevent children from accessing harmful and age-inappropriate content like pornography by enforcing age limits and age-checking measures.
Instead it will require companies to take action to stop child abuse on their platforms and as a last resort develop technology to scan encrypted messages, it has said.
Earlier this month, junior minister Stephen Parkinson appeared to concede ground, saying in parliament’s upper chamber that Ofcom would only require them to scan content where “technically feasible”.
The original article contains 334 words, the summary contains 174 words. Saved 48%. I’m a bot and I’m open source!
There must be exceptions for banks. Otherwise, brb gonna steal some easy £
Will this lead to companies ditching E2EE?
Unlikely; more likely it will lead to UK politicians finding out that, like Russia, the UK isn’t as big a deal internationally as they assume it is at home.
To take a recent example, Microsoft considered just completely leaving the UK gaming console market if it fully blocked the buyout of blizzard activision, as it already won elsewhere and had good trial against the FTC in the U.S.
Big corporations threaten shit all the time and then they do a complete 180 two weeks later. Take any “threat” from a corporation with 5 metric tons of salt. They’ll all whatever PR statement they think will generate the most shot term buzz.
And something as bad (if not worse) is coming to the EU too https://www.patrick-breyer.de/en/posts/chat-control/
Jesus christ. Thanks for sharing, I had no idea about this.
This is by design; they’ve been very quiet about this. It’s going to pass, and once it does I doubt it’ll only be used for scanning for CSAM
“we want to break https, SSL, TLS, SSH…”
Man, operating servers in the UK is going to be FUN!
First of all, these protocols don’t allow for backdoors so good luck with that. Are they going to ditch all those and run their own private internet or something?
Seriously, what they want isn’t even possible, and even if it were, it won’t. fix. anything.
Real criminals will just continue using these real encryption protocols that you cannot break, so this just ends with the state being able to spy on the common people.
And nobody will abuse this, if 50.000 pounds disappears from yout bank about then fuck you, shut up, you never had that…
Politicians are stupid.
First of all, these protocols don’t allow for backdoors
Doesn’t matter, tbh. The entire problem of giving governments (or whoever) a backdoor is that there’s no way to make it only available to the “good guys”.
If Apple and co did put in backdoors to satisfy the Brits, the first thing every other government on earth would do is legislate itself access to the backdoor.
With or without a proper backdoor, this law breaks the tech.
Yeah, the title of this post is misinformation. If you read the article it says: “The government, however, has said the bill does not ban end-to-end encryption.” Even in extreme cases it says scanning will be required where “technically feasible.”
People need to relax and pay attention.
Uh it’s not impossible, just illegal.
So, looking at this article, there is no mention that they made end-to-end encryption illegal.
Tech companies have said scanning messages and end-to-end encryption are fundamentally incompatible.
Earlier this month, junior minister Stephen Parkinson appeared to concede ground, saying in parliament’s upper chamber that Ofcom would only require them to scan content where “technically feasible”.
So they would basically be scanning information WITHOUT end-to-end encryption
No no this is Reddit, I mean lemmy, we don’t read articles we just react.
Well, it’s more than that since OP even changed the title of the article.
Okay so how would this be enforced? Highly unlikely any messaging service that offers E2E is going to release a version without it just to satisfy the UK government. So this will basically be easily thwarted by using a VPN?
The bill was changed so it no longer bans e2e encryption, it’s now the responsibility of tech companies to provide protection “where technically feasible” which basically means fuck all
where technically feasible
It gives something that can be argued about later, right? After other parts of the bill have begun to be implemented. So, further down the road if gvmt considers e.g. WhatsApp or Signal as having CSAM and not taking appropriate steps, then they can put pressure and WA/Signal can argue back about feasibility and merit.
Does that mean that when you’re sitting on a bench in the middle of a city, you could in theory snoop the passwords and banking details in clear text from the WiFi networks around you?
No. Why would it mean that?
Eliminating all forms of encryption would get rid of SSL and WPA encryption also, so yes you would be able to snoop out passwords from a park bench.
Yeah but they’re not in any way doing that.
That’s the lovely bit about putting a bill out there. The enforcement and feasibility is not the problem of the politicians anymore.
Are VPNs in the UK getting banned? If e2ee is getting banned for “online safety,” many apps are at risk, but doesn’t that mean that you could just install the apps via a VPN?
Encryption isn’t banned. The government could just ask service providers to decrypt content at any time, allegedly so that it can be scanned for child abuse. This is impossible with e2ee, so such services may become impossible to operate in the UK.
Very 1984 of them
Very 1984 and also very 1894
I like your PROBLEM light.
It’s on! It’s off! It’s on! It’s of! It’s on! It’s off!
Sigh, that’s called blinking!
Literally facial recognition cameras at every single stop light in UK.
Literally not. Unless you think the UK doesn’t exist outside of London.
I wonder where the book was written and set, i wonder
Kinda makes you wonder
The thumbnail for this article really bothers me. They just copy pasted the same string of 1’s and 0’s throughout the entire screen and colored it lime green on a black background for that Matrix effect.
I thought it was apropos… just as fake as the encryption solution now enshrined in law in the UK.
If governments the world over were as obsessed with solving things like the climate crisis and cost of living as they are with undermining encryption techs, we’d be living in a utopia by now.
They tried this here in Australia, luckily for us it got voted down. Iirc there’s been other countries trying the same BS
What? It didn’t get voted down, it literally passed and is law under the Telco Act. The fact we passed it gave the UK ammunition to do the same thing.
it is my understanding that our sucky Assistance and Access Act, is fundamentally different, it compels developers provide back doors where it will not systemically undermine the system. To my understanding the UK one requests “breaking” e2ee in its entirely - which is why services like Signal were considering full exiting the region?
