Hacker News new | ask | show | jobs
by resf 3254 days ago
Anybody who cares about the privacy of their communication can still use an open source stack. So yes it works as a tool for oppression and for catching extremely inept criminals, but it doesn't do much else for national security.
1 comments
CJefferson 3254 days ago
When using an open source stack to do illegal encryption leads to XX years in prison, not many people will use it.
link
petre 3254 days ago
You can hide messages in pictures of lolcatz.
link
ams6110 3254 days ago
There's something in cryptology called "plausible deniability" that addresses this.
link
PeterisP 3254 days ago
Plausible deniability only works if any doubts are actually interpreted in your favor (which, as history shows, isn't guaranteed in practice even in legal systems where it should be in theory), and it's easily possible to make laws that turn most practical options into crimes.

Yes, it's plausible that the non-approved software stack on your phone isn't doing any illegal encryption, but that fails if having non-approved OS on your phone a crime by itself.

Yes, it's plausible that the TrueCrypt volume you have doesn't contain anything bad, but that fails if mere possession of TrueCrypt tools is a crime by itself.

Yes, it's plausible that the encrypted traffic sent to/from your phone didn't contain anything bad, but that fails if having any encrypted traffic not going through state-approved MITM https is a crime by itself.

Etc ad infinitum. Don't underestimate the coercive power of gov't if they actually want to restrict something. Technical means can protect you only if you physically live outside of their reach.

link
grumio 3253 days ago
They may as well ban all files of random data of unknown origin. If it passes diehard tests with flying colors, confiscate it and arrest all known possessors of it.
link
PeterisP 3253 days ago
And they may actually do just that eventually.

The point I'm trying to make is that in an oppressive regime the only thing that actually provides plausible deniability is having and using the exact same hardware/software as everyone else uses; a rooted phone with an opensource OS, unusual chat apps or cryptography tools won't give you any plausible deniability but actually make everything even more risky for you.

link