[fsh]

I find it quite surprising that government agencies around the world are even considering using a US/Chinese-hosted video-conferencing system. Both countries have a long history of spying on pretty much all foreign nations wherever possible.

[athenot]

One way to solve this is to not ask customers to trust blindly.

For Webex Teams, the customers can run their own key management server[1]. Traffic gets decrypted using customer-controlled keys running on their own hardware.

For Webex Meetings the media traffic can be encrypted end to end[2]. Of course it breaks all cloud-based features (network recordings, transcriptions, join via web...) but for some users that is the better choice.

[1] https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cloudCol...

[2] https://help.webex.com/en-us/WBX44739/What-Does-End-to-End-E...

[piiswrong]

US also used German companies for spying. So I guess there is no escape.

[zajio1am]

Escape is self-hosted system

[gruez]

AFAIK Crytpo AG was swiss

[catalogia]

The 'escape' is for governments to have their own semi-competent IT departments that can maintain the digital infrastructure needed to run the government.

It almost seems like a pipe dream.

[cracker_jacks]

Do you mean exactly what China has done with its semi-nationalized technology companies?

[fsflover]

What about free software?

[eitland]

I'm all for free software bjt it doesn't necessarily help so much against surveillance.

I.e. if Facebook was completely open source it still wouldn't prevent governments from demanding access to all data stored there.

Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1].)

[0]: VPN, Signal or possibly Tor (I haven't studied that option too closely) seems like the most approachable solutions options.

[1]: For example WhatsApp seems like a nice option since it uses E2EE but on closer inspection one realizes that it uploads all data to Google Cloud, obfuscate but not encrypted.

[fsflover]

> I.e. if Facebook was completely open source it still wouldn't prevent governments from demanding access to all data stored there.

I disagree. If Facebook was completely open source, people would create alternative servers compatible with the original implementation and steal the users who disagree with the surveillance. Only the proprietary walled garden keeps Facebook alive now.

> Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1].

But how can you trust that a proprietary software actually implements E2EE? You need the source code to verify that.

[eitland]

> If Facebook was completely open source, people would create alternative servers compatible with the original implementation and steal the users who disagree with the surveillance. Only the proprietary walled garden keeps Facebook alive now.

It's called network effect. Just because it is open source won't magically make it federated and it certainly won't - magically or otherwise - convince a majority of users to leave their friends behind for a new network.

>> Afaik the only thing that really helps if you want to keep communicating over the internet and can't trust anyone is E2EE (End To End Encryption)[0] (and more opsec than almost anyone is prepared to deliver[1]. But how can you trust that a proprietary software actually implements E2EE?

> You need the source code to verify that.

That doesn't help unless you have a verifyable build process.

[fsflover]

> It's called network effect. Just because it is open source won't magically make it federated and it certainly won't - magically or otherwise - convince a majority of users to leave their friends behind for a new network.

That's why I wrote about alternative compatible servers creation. Do you think it would be impossible?

> That doesn't help unless you have a verifyable build process.

This is true, and reproducible builds are getting better every day: https://reproducible-builds.org/

[chapium]

Everyone spies on everyone. Governments know this. The necessity of using home grown communication is obvious.