[ios14]

Frictionless E2EE at scale is cancerous on society and the FYEV/JP alliance know this all too well.

As this subject has been iterated over many times, will keep this comment short.

* FB deploying frictionless, unbreakable encryption at scale makes the job of law enforcement harder, and makes it easier for less sophisticated criminals to get away with conspiracies (a word which, by the way, simply refers to two or more people secretly collaborating on criminal activity).

* As math cannot be stopped, more sophisticated criminals, as well as those with general concerns about privacy from big brother can still use their own open source tools.

Long before the internet, comms via telephony were anything but secure. We’ve tested the waters post-Snowden with E2EE which likely resulted in numerous secret case studies on the effect E2EE has on an orderly society.

* Don’t bring gizmos into your home if you want a modicum of privacy at home

* FB offering a frictionless, global private network out of reach of law enforcement isn’t a constitutional right. We can still gather in a home, use strong encryption when it matters (in more extreme cases, on an offline device, with write-only outgoing media transported via sneaker net to the transmission device).

* I’d rather have hardened devices and lawful access to the deployed encryption by major service providers, rather than flawed by design consumer device architecture. Then I can employ strong encryption software on those devices and have more confidence in preventing big brother from snooping at all.

[meekmind]

I think society ought to address the fundamental issues that create criminality rather than build some panopticon control-grid that assumes everyone is a criminal by default.

I sympathize with law enforcement, most of them just want better tools with the genuine desire to catch as many of the bad guys as they can. The problem isn't that, it's that those tools once established and ubiquitous represent a lever of control so powerful that the temptation for the bad guys to obtain them will be so great as to be unavoidable.

If someone could guarantee to me that such tools would be used for good with practically impenetrable safe-guards against abuse, okay I could probably live with that. But no one can make that guarantee in good faith.

[0xy]

Law enforcement can't even prevent a mass shooting when the shooter is repeatedly reported to federal law enforcement (Pulse nightclub shooter). How do you think this level of access will allow them to solve crimes?

[ios14]

Bananas and bowling balls.

Based on your description, the situation you described is a shame and a failure of law enforcement to keep us safe. Not an encryption issue.

[0xy]

If law enforcement are this inept and incompetent, why should they be given easy-to-abuse access to private communication?

Especially given we know that those with access regularly use it to spy on ex-girlfriends and other innocent civilians.

[ios14]

One unfortunate example doesn’t make for a case either way.

My understanding is that FB (for example) would hold the keys and turn over only when compelled via warrant. Not mass surveillance.

Also, Snowden’s propaganda has worked like a charm in sowing discord in American society. Without a doubt, even if you support his actions and cause 100%, concurrently the Russian government consider the NSA to be the crown jewel of the IC. And Snowden’s actions and ongoing politics support Russia’s long term “Active Measures” campaign against the United States.

[saagarjha]

Law enforcement isn’t perfect; this is exactly why we would like privacy.

[jimbob45]

Face-to-face talking is also unbreakably encrypted. Is that a threat vector we need to address? Really, we should start sewing mouths closed to close that vector permanently, am I right?

[ios14]

Not following your slippery slope argument.

[bccdee]

If by "less sophisticated criminals," you mean "anyone too stupid to google 'encrypted chat app'," then I doubt they were ever much of a threat, especially for any kind of serious criminal conspiracy beyond selling a few baggies of drugs.

[ios14]

We would need statistics to assert one way or another. I suspect it’s the opposite: give people the means to easily maintain their own communication networks completely out of view of the government, and some will abuse it for other kinds of low level crimes beyond petty drugs: stalking, for instance.

I’d also bet that many criminals (those beyond petty drug pushers) aren’t even sophisticated enough to understand what’s at play here, and will use FB messenger regardless of the encryption implementation. In this case, offering a means to recover encrypted comms in exceptional, warrant-backed circumstances would only be of help towards criminal investigations.

[morpheuskafka]

> makes the job of law enforcement harder

Do I want to make it harder for the law enforcement of the CCP occupation in Xinjiang to do their jobs? Hell yes. Law enforcement of the DPRK (North Korea)? Law enforcement of the Iranian regime? The law enforcement that lynched George Floyd and many other Black, Indigenous, and PoC Americans? What about the law enforcement that seizes people's cash in the airport without charging them with any crime? The Chicago law enforcement who terrorized public housing residents and profited off the drug trade, and operated a secretive detention site at Holman Yards that allegedly operated as a black site, not registering the names of inmates? The law enforcement of Bull Connor who brutalized civil rights protestors? Absolutely, I want to make their jobs harder.

Point is not to say that all law enforcement everywhere is bad--but rather, that it is quite often right and just to resist or frustrate the efforts of those who enforce a given law. Just like we have the right to bear arms and speak freely to check the power of unjust government, so too we need the right to secure communications in the digital age. It's good for the government to have to work hard to do their job--it will keep the resourced focused on real crimes that threaten our safety, not political, economic, and other crimes that have no victims.

> makes it easier for less sophisticated criminals to get away

Up until 2003 (!) it was a crime in some parts of the US to have intimacy in a same-sex relationship--and it still is today in 70+ countries, with the death penalty in 12.

In Thailand it is a crime to insult the king, and criticism of the state is criminalized de facto or de jure in countless other countries. In Iran, defense lawyer Nasrin Sotoudeh was sentenced to 38 years and tortured for fairly and effectively defending clients when the regime violated its own constitution to punish them for political and religious crimes. Here in the US, another woman legal trailblazer, Lynne Stewart, was the subject of a surveillance campaign against her attorney-client communications for passing messages from her client, who was banned from all communication with the outside world under a SAM order, resulting in a 10-year prison sentence.

In North Korea, it is against the law for anyone to leave the country without an exit permit, which is not granted to civilians. In Saudi Arabia, women cannot leave the country without their wali's permission via a mobile app. Crossing the border without permission is a crime.

In fact, of all types of criminals, political and "morality" criminals tend to be the least sophisticated in terms of financial, technical, and social capital. The rich and powerful, whether or not they are on the right side of the law, won't be affected by this.

Someone like Epstein is more than capable of getting E2EE/secure communications, even if he doesn't understand a thing and has to pay a million dollars for someone to set it up for him. The Mexican drug cartels have their own network of cell towers (mostly atop existing towers they have illegally attached to) for their communications. Take that, lawful intercept. But everyday people whose only crime is having a prohibited opinion or identity will never be able to do that.

[ios14]

Sorry, not following how this counters any of my points. Shenanigans via anachronistic laws or corrupt cops isn’t related to encryption, and we know sophisticated criminals can employ their own privacy tools.

[ponker]

Interesting points but I’ve never seen a comment like this anywhere but downvoted to oblivion.

[MaikuMori]

Because it's quite extreme view.

Apps should protect users and police should seek to end crime. Only when these two needs cross we get something fair. If one side gives in we all lose.

[ios14]

Offering lawful access to widely deployed encryption is hardly an extreme view. Our IC and their partners, as well as our bureaucrats, are mostly in agreement.

An extreme view might entail banning certain forms of math on the internet entirely, rather than simply regulating the widely deployed frictionless math.

[morpheuskafka]

https://en.wikipedia.org/wiki/Illegal_number

[metadatabad]

Encryption cannot and will not ever be stopped due to it being math.

Oh, and make sure to use steganography when appropriate.

[bccdee]

Legally mandating government wiretaps in every major method of online communication, subjecting every citizen to having their private life potentially scrutinized with no trial, is fairly extreme, yes.

[ios14]

If I understand right, in this example FB would hold the keys to recover the cleartext and turn it over to law enforcement only when compelled to do so with a warrant.

This isn’t extreme at all.

[ios14]

Forgot to add: I don’t trust the consumer devices including a fully patched brand new iPhone. I am far more concerned about the various private interests abusing data access, data brokers, hackers potentially getting into my endpoint directly or to any of my consumer cloud assets, than I am about lawful access to recoverable encryption

[markus_zhang]

This. I'm also more concerned of private parties gettingy info than the gov. Gov is going to get whatever they want one way or another, but private parties getting my info is far worse.