I am all for laws designed to protect children, and stop terrorism. But these 'back door' laws are nearly always very poorly thought out and offers new avenues for 'normal' people to come to harm.
This isn't true on the whole in this context. How does the UK's OSA target journalists, activists and whistleblowers?
I think this conspiratorial view of these laws is doing more harm than good and ignores the entire issues that these laws are designed to address.
The problem is we create overly broad laws because:
- There is a problem with child predation / terrorism
- There is a lack of understanding on how technology works
- There is faith that the system works and won't ever be abused
- There are too few people in community self policing these issues.
Addressing any one of these in a different way will negate the need for laws like the UK were trying to implement.
Creating broad gives the police more ability to enforce their spirit. I think that's generally a bad thing when the laws are to do with civil liberties. But maybe a good thing when dealing with, for example, domestic abuse.
>How does the UK's OSA target journalists, activists and whistleblowers?
The general context is it targets "anyone who angers the government". Being able to ban your entire internet if this becomes widespread becomes a very powerful deterrent to opposition. \
>Creating broad gives the police more ability to enforce their spirit. I think that's generally a bad thing when the laws are to do with civil liberties.
Given the histories of "enforcing spirits" for both the US and the UK police forces, I'm not sure how or why you'd have faith in their interpretations.
The police can bring up your info themselves without needing the ability to cut off someone's entire digitial landscape.
The article is talking about the UK's RIPA and demanding backdoors into encryption. My comment was not in response to anyone else's, and I never mentioned OSA, although that is also problematic as a censorship vector.
As an aside, all this demonstrates the UK's lack of a Bill of Rights. And no, the ECHR is not one due to the pernicious doctrine of Parliamentary as opposed to popular sovereignty, and the lack of independence of the Judiciary. No Parliament can bind future Parliaments, which could abolish the Human Rights Act 1998 with a single vote, and indeed many UK politicians are calling for precisely this, versus the complex and deliberately cumbersome procedure the US Constitution has to amend itself. Any Bill of Rights that is subject to the forbearance of the legislative body it is supposed to protect you from is not worth the paper it is written on.
Obviously, if journalists cannot have encrypted conversations with their sources and whistleblowers don't have anonymous channels to blow the whistle, considering the draconian penalties of the Official Secrets Act (another OSA, coincidence much?) neither will happen, which is exactly by design. Ironically, when the boot was on the other foot like revelations about Boris Johnson or Rishi Sunak's own illegal use of WhatsApp to hide activities covered by public records laws, they backed off.
Unfortunately, I'm highly confident that 90% of the intelligence community looks at us insisting that crypto standards be inviolable, and thinks we're all as infuriatingly naïve as a ChatGPT comment.
I don't know the true risks of terrorist organisations. I doubt I ever will, because the intelligence community wants to keep its methods secret in order to avoid mildly competent terrorists from avoiding stupid (from MI5/6's POV) mistakes. The counter-point is that such secrecy makes the intelligence organisations themselves a convenient unlit path for a power-hungry subgroup to take over a nation.
Regarding sexual abuse, the stats are much easier to find, and are much much worse than most people realise to the extent that most people either don't understand what those numbers mean or don't believe them: If you're an American, on your first day in high school, by your second class you have more than even odds of having met a pupil who had already been assaulted, most likely by someone close to the victim such as a relative.
I don't see how any level of smartphone surveillance will do anything to stop that. Or indeed, any surveillance that isn't continuous monitoring of every kid to make sure such acts don't find them.
I think the problem with terrorism is it's simultaneously more and less than they think. More from the groups they don't expect, and less from the ones they expect it to come from and are surveillance and infiltrating.
For example, looking back over the history from what has been declassified in my country, the intelligence services spent a huge amount of time and resources infiltrating and surveillance communist groups and university socialist clubs, and then seemed to be completely blind-sided by the rise of Islamic terrorism when 9/11 rolled around... In a similar vein I think to how the UK is spending all this time going after people waving signs supporting Palestinians - they probably honestly think there's a real threat there, and it will turn out to be a huge waste of time and the next real terror threat will come out of some other unexpected group.
As for assault - yes, it's usually someone they know. Which is why it's ridiculous the resources they spend trying to backdoor private messaging etc. in the name of "protecting the children" when much of it's happening in person...
>If you're an American, on your first day in high school, by your second class you have more than even odds of having met a pupil who had already been assaulted, most likely by someone close to the victim such as a relative.
You're saying that the rate of sexual assault is.. a few percent?
Too high! I agree. But it's bad form to give convoluted examples in order to give the impression that the actual number is worse than it is.
> Unfortunately, I'm highly confident that 90% of the intelligence community looks at us insisting that crypto standards be inviolable, and thinks we're all as infuriatingly naïve as a ChatGPT comment
Until they can prove this is the case, and not just fear mongering to justify their massive budgets, overreach and assaults on civil liberties, I am happy to continue being considered naïve by them.
I am very much against laws designed to protect children and stop terrorism.
By now, "think of the children" is a tired cliche of anti-freedom laws. If "protecting children" requires sacrificing freedom for everyone, then children should not be protected.
Every time I come across another anti-freedom law wrapped in an excuse of "think of the children", I question whether the worshippers of Moloch had the right idea after all.
> If "protecting children" requires sacrificing freedom for everyone, then children should not be protected.
Agreed. It all goes back to the famous quote "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." (granted, the quote was about taxation but the principle applies here)
Much like cybersecurity, it's always a trade off between absolute freedom and absolute safety. You don't get both. Every "safety" measure that gets put in place reduces your level of individual freedom. Go to far in the safety direction and you lose all your freedoms, and that trade off IMO is not worth it.
> I am very much against laws designed to protect children and stop terrorism.
This can't be true. You're against a law that says a convicted child rapist cannot work in schools? You're against a law that says people can't take bombs onto planes?
I think you're being dishonest in your statements, or do not care about anyone else in society.
>You're against a law that says a convicted child rapist cannot work in schools?
I'll be the devil's advocate: for how long and in what way? You can be on the child predator list because a minor caught you peeing on the side of a road. Do they deserve to be blocked out of an industry because of bad luck over something many people have done?
>You're against a law that says people can't take bombs onto planes?
Well that led to me not being able to bring a normal stick of deoderant in my bags. So maybe we should review the TSA oversight after 20 years.
>I think you're being dishonest in your statements, or do not care about anyone else in society.
and I think you're arguing in bad faith comparing the ability for government to track society's entire digital footprint to imprisoning a convicted criminal.
I do think that both TSA and modern airport security in general should be dismantled. And that any law that claims to "protect children" or "stop terrorists" should be scrutinized as if it was written by Satan himself, with assumed malicious intent.
This is true for existing laws, and true twice over for anything that's being proposed. It's long overdue for the "safety" plague of "think of the children" to die.
Cold logic dictates otherwise. The UK is part of Five Eyes: total data sharing between intelligence agencies. If that were the case, why would the UK need a law to get data it already has?
It wouldn’t need the law, but putting the proposal up and then, after the predictable backlash, retract it could be a ploy to make the criminals/us think they don’t have access to the data now.
WW2, the Allies used all sorts of fake outs to lead the Germans to believe that the Enigma machine remained secure. Many people died for the sake of the secret.
Given the lengths the government has gone to monitor its citizens, I could believe the technology stack has already been compromised.
Upvote from me. Your point is completely valid and simply stated, and yes, I agree that they very possibly could do exactly this sort of thing for the sake of play-acting a government blindness that doesn't really exist as such.
Truly this site is crawling with anal-retentive man-children who downvote over any silly self indulgent bullshit they can think of.
It’s not really a secret; it’s by design and it’s public. iCloud is not end to end encrypted by default. Apple and the state can read the on-by-default iCloud Backup which contains your iMessage sync keys and all your historical iMessages and attachments. iCloud Photos, Contacts, and Mail are all similarly not e2ee and trivially readable by Apple, DHS/FBI, and anyone else under FAA702 (aka PRISM, aka the #1 most used US intel source) without a warrant.
Apple processes FAA702 orders on upwards of 80,000 Apple IDs per year per their own annual transparency report.
Snowden himself said that they see so many nudes that they got desensitized to it.
This clever setup allows them to claim iMessage is e2ee while still escrowing keys in effective plaintext to Apple in the iCloud Backup, rendering the e2ee totally ineffective.
I think “backdoor” is probably an appropriate term for it, but they have made no secret whatsoever of it.
It’s terrifying to think that the US federal government can read every iMessage in the entire world across a billion devices (except China, where the CCP can do the same) in effectively realtime. The power that that enables (if only in blackmail ability) is staggering.
I don' think so, but, even with advanced data protection on - if you communicate with someone via iMessage, for example, that does not use advanced data protection, and then they use iCloud backup, then it nullifies it essentially. Feds could get your messages via the recipients iCloud backup.
Advanced Data Protection needs to be turned on for both you, and everyone you communicate with if you want the full chain to be E2EE. Your communications are only ever as secure as its recipient.
Also, what regular criminal, let alone terrorist, would leave iCloud backup turned on after all the hacks and leaks over the years. I assume that most in the HN community, like myself, have iCloud backup turned off.
The usual suspects:
* https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...