[gruez]

>Put more simply: the modern internet doesn’t work without encryption, it is a fundamental part of the technology. Without it, anyone could log into any of your accounts, take your money, messages, photos, anything.

I'm pretty pro encryption, but even this is pretty dishonest. Phones (ie. PSTN, not iPhones) aren't "encrypted" by any means, but there's plenty of sensitive information sent over it. Lawyers fax each other important documents, and doctors fax each other medical recorcds. There was (is?) even telephone banking where you could do basic transactions over the phone. Even today, some banks/brokerages require you to phone in to do certain high risk operations (eg. high value transfers or account resets). All of this happens without encryption. While that's less security that I'd like, it's safe to say that "anyone could log into any of your accounts, take your money, messages, photos, anything" isn't true either.

[kube-system]

I’m not saying every layer of the onion is individually encrypted. But there are plenty of layers that are.

There is plenty of encryption used when you send any sort of message from an iPhone, even SMS. You can’t even turn the dang thing on and unlock it without encryption. Then when you send it, it’ll be encrypted by the radio before transmission. Then in transit it may or may not be encrypted at various points.

And POTS is not the internet.

My overall point is that encryption is used all of the time when people use the internet for routine tasks that they expect to work, and would not work in a modern reasonable way without it.

People use these technical implementations details to muddy the water of this conversation and demonize encryption, when the reality is that everyone uses it literally all the time for almost everything.

[gruez]

>There is plenty of encryption used when you send any sort of message from an iPhone, even SMS. You can’t even turn the dang thing on and unlock it without encryption. Then when you send it, it’ll be encrypted by the radio before transmission. Then in transit it may or may not be encrypted at various points.

If your argument for encryption is "we need encryption because if it's banned overnight all our phones will turn into bricks!", then yeah sure I guess it's true. But even the diehard encryption opponents aren't arguing for this. My point is that you can very much have no encryption, but not "anyone could log into any of your accounts, take your money ...".

[kube-system]

Colloquially, there is a perception among some that encryption is a thing that only the military, criminals, etc use.

Many people are unaware that they use it in everyday life.

If you listen to discussions on this topic outside of technical forums, this perception is not uncommon. It’s important to be clear to laypeople about the ubiquity of encryption, because they are the majority of voters.

[OhMeadhbh]

Another aspect is traditionally the administrative burden for state actors to receive permission to eavesdrop on POTS technology is relatively high. Or at least it was before the Patriot Act. I would argue it is still higher than eavesdropping on modern digital communications (IPCMS, Email, web browsing, etc.)

[nradov]

Allowance for using faxes to send protected health information (PHI) as defined under HIPAA was essentially grandfathered in for practical reasons, not because it is at all a secure enough communications system for sensitive data. If faxing medical records had been banned then the healthcare system would have come to a halt, which would have been worse then the privacy risk. But if fax was invented as something new today it would never be allowed for PHI.

It's only recently that more secure alternatives to faxing have become practical, like DirectTrust Secure Direct Messaging.

[HDThoreaun]

1. How often are people saying their bank login on their phone calls?

2. Is there a way for phone call man in the middlers to get that info without wasting a ton of time listening to calls? With internet MITM it is very easy to set up a program that scrapes unencrypted login info.

[gruez]

>1. How often are people saying their bank login on their phone calls?

Have you ever called into a bank or brokerage? Most ask "security questions", often ones that you can't even choose, like your address or how many accounts you have with them. It's arguably far worse than speaking your password into the phone.

>2. Is there a way for phone call man in the middlers to get that info without wasting a ton of time listening to calls?

Automated speech recognition has been around for decades. Even before that signals intelligence agencies have shown that widespread wiretapping/eavesdropping is possible and effective.

[HDThoreaun]

Its about threat levels I guess. I was man in the middling passwords in high school without knowing much of anything about technology. Setting up speech recognition alone is a task that most people are incapable of doing. If youre worried about the type of people who can set that up you probably shouldnt be giving that info out on a phone call.

[seyebermancer]

“Setting up speech recognition alone is a task that most people are incapable of doing”

If you were MITM is HS- your modern day equivalent is way stronger than you think. Easy for kids to clone voices and deepfake these days. Anybody can ask any one of the free chatbots out there for a step by step guide to implement this- they will even write the Python script for you, tell you what IDE to download and how to run it out of the terminal.