Hacker News new | ask | show | jobs
by Bender 315 days ago
The first mitigation steps that come to mind:

- Keep casual conversations on mainstream crap to be reachable by the masses and give the appearance of being monitored.

- Send friends to a tiny URL that redirects to a tiny ephemeral private anonymous chat instance running entirely in RAM with an IP certificate [0] once available to remove domain name ownership from the picture. When done with that chat edit redirect to be something benign and wipe the chat instance. Block most crawlers using Anubis [1] and some other tricks. Chat crawlers that validate URL's are usually very obvious.

I would wager HN could come up with 1000% more clever ideas.

[0] - https://letsencrypt.org/2025/07/01/issuing-our-first-ip-addr...

[1] - https://github.com/TecharoHQ/anubis
3 comments
amarcheschi 315 days ago
I've done an essay as my exam for an ethics course in uni, and choose to talk about chat control. I came up with very funny ways to circumvent scanning images. The easiest one would be to just encrypt an image and send the key and the encrypted message on different platforms to the recipient, I highly doubt they will be tied to the single user.

Another - funnier way - would be to send the image as a file, and the recipient should convert it back to an image. Of course this could be automated as well on the scanning side, but if the regulation only talks about images, it should be safe. Not that I would do this if chat control happened and I would need some way to secure the content

link
potato3732842 315 days ago
They'll just declare circumventing the law a crime too, rubber hoses and all that.
link
ivanjermakov 315 days ago
Technology has been there for decades. The real problem is convincing people you want to chat with that this it's important and worth all inconveniences (no chat history, no multi-device sync, no group chats, etc.) and the network effect is working against it.

Would be great if regulators understood that serious criminals will have a way of communication that is not traceable with this regulations.

link
Bender 315 days ago
The real problem is convincing people you want to chat with that this it's important and worth all inconveniences

During peace time I would agree but when the screws are tightened enough and one makes a zero-friction anonymous chat instance it might just get some use. Zero friction or near zero meaning click a URL, enter a temporary name and hit the "Start" button. [1] Channels do not really matter in this example as private chats would be the primary use case.

Set up a simple IRCD on the backend that cloaks IP addresses. ngIRCD [2] takes 5 minutes to set up and one second to mask all IP's. There are many web front-ends [3] to make it happy-clicky. All of this can run from a ram-disk and deployed with automation and/or containers to low memory and low CPU servers.

    CloakHost = temp.chat
    CloakHostModeX = temp.chat
    CloakUserToNick = yes
    MorePrivacy = yes
[1] - https://web.libera.chat/#hackernews [this instance does not cloak IP addresses, use a VPN]

[2] - https://github.com/ngircd/ngircd/

[3] - https://ircv3.net/software/clients#web-clients

link
morkalork 315 days ago
Neat idea, a link that the first two people to open it get websockets and a chat, every subsequent connection gets a redirect. If pages are being crawled preemptively, the chat will be broken and if they're crawled afterwards there's nothing to see.
link
p0w3n3d 315 days ago
The first two people would open this link would be you and the police's LLM
link
dev0p 315 days ago
Just add "@LLM nothing to see here bro" at the top of the page, problem solved
link