- cross-posted to:
- news@lemmy.world
- cross-posted to:
- news@lemmy.world
Real encrypted apps, …or just the ones their own government can use to spy on them?
Use something where the client is open source.
In the voice of Nelson Muntz: “Nobody spies on our citizens but us!”
The reporter mentioned signal, though the gov spokespeople didn’t seem to recommend any specific app
until the republicans ban them so they can find queer kids and pregnant people getting healthcare and people reading books
All that happens under Dems, too. Stop giving them a pass.
The Snowden leaks came out when Obama was president. Obama was the one who said, “The only people who don’t want to disclose the truth are people with something to hide”. The republicans and democrats are the same fucking people.
Only if you look at it in the most general, limited, pov. Are they the same people on corporate greed? Not all, but mostly yes. Are they the same people on encryption? Yes. Are they the same on human rights? Absolutely fucking not. If the only thing important for you is encryption, voting isn’t going to change the government’s policy decisions. However, if things other than encryption and corporate greed are important, then voting for a Republican is voting against your interests. History is filled with people who can’t see past their own fucking biases and look out for the greater interest… So you have a lot of historical company.
Are they the same on human rights? Absolutely fucking not.
The outcome of the 2024 election, according to the liberal pundits, was that trans-rights and Palestinian liberties cost Harris the election.
according to the liberal pundits
Sounds more like the centrists’ line.
Dude we’re talking about encryption here. Stay on fuckin topic.
I’m just responding to your comment. If you were only talking about encryption, then maybe word your comment more clearly… Especially if you want to cast aspersions towards other about staying on topic.
The post is about encrypted apps and cyberattacks not human rights violation. By default the topic of conversation is the post.
Isn’t a valid use for encrypted apps to protect from human rights violations?
Taking a narrow myopic view leads to single issue voting, and that has caused ridiculous levels of damage to the public.
Technical problems and political problems can be related, and discussing one in the context of the other can be useful.
The republicans and democrats are the same fucking people.
In many cases, literally. From Michael Bloomberg and Liz Cheney to Donald Trump and Joe Manchin, the number of cross-overs and turn-coats who end up getting into leadership in their opponent’s parties is absolutely crazy. The Nixonian Southern Strategy did one thing brilliantly. It completely crossed the wires of the partisan voter for three generations to the benefit of the corporate oligarchs who get to play both ends against the middle.
It goes on long before that. The Dixiecrats were as conservative as the Republicans, and more racist than some Republicans.
As if most of the legal provisions for widespread surveillance were not done under Clinton administration.
All that happens under Dems, too
Fucking what? Which democrats are banning books and putting together lists of trans children?
And no, I’m not a fan of the DNC, I’m just not a fucking dishonest piece of shit.
Which Dems are stopping it?
And there it is. Blame the Democrats for not stopping the Republicans from doing their misdeeds.
Of course. Because they pretend they will stop the Republicans, and then they fund and vote for the Republican plans.
Democrats are a right-wing party intended to absorb and dispel leftist energy in order to prevent change and reform. They’re protecting Republicans by design. Absolutely blame them for that.
Those downvoting need to learn about the PATRIOT act and FISA “courts”.
Those downvoting aren’t the type of people who enjoy challenging their worldview. That won’t look at shit.
Absolutely right. Their echo chamber is their safe space so don’t threaten it!
Dumb people are down voting you despite the fact that you’re 1000000% correct.
Leftists need to stop defending the Democratic party so hard, it’s making them look like neo liberals
It’s just treated like team sports for so many people. It doesn’t matter what the team does, it’s offensive to them to criticize it at all.
Leftists need to stop defending the Democratic party
The joke of it is you’re either with the Democratic Party or you’re a hyper-authoritarian anti-democratic Russia/China loving Tankie. You will eat your police state and you will like it, because otherwise the Bigger Fascists will win.
Wait what? You know that leftists dislike Democrats, right?
Are you really not aware they are two different things?
I’m aware yet I’ve been seeing so many so-called lefties going crazy for the DNC.
I think the desperation and need to defeat Trump has led to a lot of “blind acceptance” of Democrats
You know that leftists dislike Democrats, right?
They’re classic Frienamies. Every two years, they hold their noses while screaming “I hate this! I hate this! I hate you all!” and pull the lever for the party. Then the party either wins, thanks to all the Michael Bloombergs and Liz Cheneys who guided the party successfully to the right. Or the party loses, thanks to all the civil rights activists and environmentalists and train lovers who made Whitey McDickweasel look like a Communist.
Leftists are the Dems’ most loyal voters and their most bitter enemies.
Yup. The Apple-FBI encryption dispute started under Obama, as did the Snowden leak.
Neither party is particularly pro-encryption, because governments in general see encryption by the public a hurdle for their operations (i.e. you don’t need encryption if you have nothing to hide).
Encryption isn’t a partisan issue, and my understanding is that both major parties suck about equally on this issue.
It’s a wonder they’re not also trying to outlaw printing presses at this point. They openly believe that we are not entitled to private conversations.
Printing press is okay. One-time-code books are tantamount to treason!
https://en.m.wikipedia.org/wiki/Solitaire_(cipher)
Or a deck of cards
It seems we’re moving that direction. Physical media in video games is becoming less and less common, more and more stores are digital only (and Google made a deal w/ Mastercard to get that data), and ebooks are likely to overtake physical books in the near-ish future.
Guess where all that data ends up? The government can just pay retailers to get transaction data, so if the police wants to dig up dirt on you, it’s easier than ever.
That’s pretty messed up IMO, and I’m not happy with this trend given where privacy protections are at these days…
Yep. We need a very strict law to prevent the government from partnering with private companies to get around the fourth amendment. The third party doctrine has obliterated our privacy rights.
Agreed. If there’s anything we should collectively push for, it’s a constitutional recognition to a right to privacy. That’s what Roe v Wade was based on, and it was overturned because it wasn’t constitutionally defensible. The 4th amendment sadly isn’t sufficient, we need to take it a step further.
The Ninth Amendment, if actually followed, would put the burden on the government to prove that something was not a right, rather than just denying it because it wasn’t enumerated in the Constitution. The current Supreme Court has directly contradicted the Ninth by claiming that only enumerated rights are really rights. Except when they make up new ones like corporate personhood.
A good advice: start learning how to self host, specially a matrix instance.
How does that help me hook up on Grindr?
There’s no fediverse replacement for Grindr yet? I’m honestly surprised.
There should at least be an OSS one though right? Like an OpenGrindr? Or a LibreGrindr?
We were looking into federated+floss MatchGroup alternatives last week, and didn’t find much of anything.
Most compelling was that some people are using matrix spaces to facilitate dating/hookups, but I imagine those spaces have similar pitfalls to Discord “dating”.
Something akin to OkCupid back when it was owned by Humor Rainbow would be pretty popular, imo.
I’m afraid you’re going to have to cruise irl
It let you send videos to someone over the grindr limit.
Please don’t ask how I know that grindr only let you send 10 short videos per day.
Like Signal?
Or alternatively, Molly
I read Molly is forked from Signal. Can I message Signal users from Molly, or do all parties need Molly?
From my experience parties are always better with Molly
Molly connects to Signal’s servers, so you can chat with your Signal contacts seamlessly.
Yes, like Signal!
Which does not only use end-to-end encryption for communication, but protects meta data as well:Signal also uses our metadata encryption technology to protect intimate information about who is communicating with whom—we don’t know who is sending you messages, and we don’t have access to your address book or profile information. We believe that the inability to monetize encrypted data is one of the reasons that strong end-to-end encryption technology has not been widely deployed across the commercial tech industry.
Source: https://signal.org/blog/signal-is-expensive/
I haven’t verified that claim investigating the source code, but I’m positive others have.
No, BPs are a risk. Better to avoid apps that require phone numbers
Everybodies aunt at thanksgiving:
“I should be fine. I only trust the facebook with my information. Oh, did I tell you? We have 33 more cousins we didn’t know about. I found out on 23andme.com. All of them want to borrow money.”
Guess that confirms that E2EE is effective against these backdoors.
We’ve long had NSA slides that showed Tor and e2ee solutions as “disastrous” to their visibility.
The same people who want to get rid of encryption
What i read [and corrected] from the article :
“The hacking
campaign[group], nicknamed [ by Microsoft ] Salt Typhoonby Microsoft,
[ this actual campaign of attacks ] is one of the largest intelligence compromises in U.S. history, and not yet fully remediated. Officials in a press call Tuesday [ 2024-12-3 ] refused to set a timetable for declaring the country’s telecommunications systems free of interlopers. Officials had previously told NBC News that China hacked AT&T, Verizon and Lumen Technologies to spy on customers.”Thanks I thought from reading this maybe Salt Typhoon was the codename for the next version of windows.
No, that’s Salty AI
Just stop using your electronic devices. Not like they don’t all have monitors built in already anyway. Every connected device could be sending screenshots home and we’d never know. I mean, I guess you could use something like Wireshark to monitor your home network, but something tells me nowadays there are ways around even that. I’m not a certified network tech or even a script kiddie, but I don’t trust my tech as far as my dog can throw it. I just try to secure through obfuscation as much as possible. Everyone thinks I have carbon monoxide poisoning, but it’s a small price to pay for peace of mind - even a small one.
You & others might be interested in this:
https://insights.sei.cmu.edu/library/field-stripping-a-weapons-system-building-a-trustworthy-computer-video/
and maybe this:
https://en.wikipedia.org/wiki/Intel_Management_EngineDo what the Germans did in ww1 when they knew their diplomatic code was broken but couldn’t change it. They put the important stuff in plain sight and treated it like junk mail and encoded the boring stuff.
There’s really no law against using geofencing, just laws allowing admissability. Have a 2nd phone without a SIM and use it at hotspots for encrypted stuff, leave the main one at home if you’re feeling fat and sassy
I’m just saying that, unless you built the device you’re using, and you know what every component does, and you know what it’s doing when, and you know it wasn’t manufactured by a foreign state-owned manufacturer with a penchant for putting spy chips in their devices, then you can’t truly trust anything you do on it, encrypted or not. It doesn’t really matter if the software is being encrypted by backdoored hardware.
Yeah, we’re in agreement, but also, if any device can be traced back to you in any way (ie: cell phone bill), it’s 100% sus, regardless of what you have installed or what preventative measures you’ve taken. If you ping some towers there’s a non-zero chance someone notices, and you’d be better off not having some easily-tracked signature behind it.
It’s basically just an addendum, leave all personal devices at home when doing anything remotely sketchy, or for the sake of privacy, but a burner phone off ebay with no sim in airplane mode is about as hard to track as anything
Oh yeah for sure. Gang gang.
End-to-end encryption is indispensable. Our legislators (no matter where we live) need to be made to understand this next time they try to outlaw it.
“So it’s like a filter on the tubes?” - Our legislators
“you wouldn’t put a dump truck full of movies on a snowy road without chains on the tires would you?”
I’m a cryptographer in Florida, and now I’m more confused
Ew.
Think of it like this:
- no encryption - sending a postcard
- client to sever encryption - dropping off the postcard at the post office instead of the mailbox
- end to end encryption - security envelope in the mailbox
- read receipts - registered mail
Hopefully you’re less wrong now Mr/Mrs legislator.
“I didn’t have my pills today. Can you explain that to my staffer? They’ll make a note of it.”
On January 20th: The cyberattack is coming from inside the house!
Dumbfuck and his cronies now have access to PRISM and ECHELON. Again.
The US Govt 5 years ago: e2e encryption is for terrorists. The govt should have backdoors.
The US Govt now: Oh fuck, our back door got breached, everyone quick use e2e encryption asap!
The Australian government tried to straight up ham encryption some years ago.
I laughed so much at that. Encryption is literally just long complicated numbers combined with other long complicated numbers using mathematical formulae. You can’t ban maths.
If I remember correctly, there’s also a law in Australia where they can force tech companies to introduce backdoors in their systems and encryption algorithms, and the company must not tell anyone about it. AFAIK they haven’t tried to actually use that power yet, but it made the (already relatively stagnant) tech market in Australia even worse. Working in tech is the main reason I left Australia for the USA - there’s just so many more opportunities and significantly higher paying jobs for software developers in Silicon Valley.
I laughed so much at that. Encryption is literally just long complicated numbers combined with other long complicated numbers using mathematical formulae. You can’t ban maths.
Now laugh at banning chemistry and physics (guns and explosives and narcotics). Take a laugh at banning murder too - how do you ban every action leading to someone’s death?
and the company must not tell anyone about it
Any “must not tell” law is crap. Unless you signed some NDA knowing full well what it is about.
Any kind of “national secret disclosure” punishment when you didn’t sign anything to get that national secret is the same.
It’s an order given to a free person, not a voluntarily taken obligation.
That said, you can’t fight force with words.
You can’t ban maths.
tell me about it; it tried that against my teacher in middle school
You can try, and in the US, we have export restrictions on cryptography (ITAR restrictions), so certain products cannot be exported. But you can print out the algorithm and carry it on a plane though, so I’m not sure what the point is…
More like 23 years ago when the Patriot Act was signed, and every time it has been re-authorized/renamed since. Every President since Bush Jr. is complicit, and I’m getting most of them in the previous 70-ish years (or more) wish they could’ve had that bill as well.
Different parts of the government. Both existed then and now. There has for a long time been a substantial portion of the government, especially defense and intelligence, that rely on encrypted comms and storage.
FBI has definitely always been anti-encryption
I have never understood why electronic communications are not protected as physical mail
Lobbying as well as developmental issues I would assume. I’m no real developer just yet but I’d imagine creating robust security protocols is time-consuming and thinking of every possible vulnerability is not entirely worth it.
No, security is pretty easy and has been for decades. PGP has been a thing since 1991, and other encryption schemes were a thing long before. ProtonMail uses PGP and SMTP, the latter of which predates PGP by about a decade (though modern SMPT with extensions wasn’t a thing until 1995).
So at least for email, there’s little technical reason why we couldn’t all use top of the line security. It’s slightly more annoying because you need to trade keys, but email services could totally make it pretty easy (e.g. send the PGP key with the first email, and the email service sends it with an encrypted reply and stores them for later use).
The reason we don’t is because servers wouldn’t be able to read our email. The legitimate use case here is searching (Tuta solves this by searching on the client, ProtonMail stores unencrypted subject lines), and 20 years ago, that would’ve been a hardship with people moving to web services. Today, phones can store emails, so it’s not an issue anymore, so it probably comes down to being able to sell your data.
Many to many encryption is more complicated (e.g. Lemmy or Discord), so I understand why chat took a while to be end to end encrypted (Matrix can do this, for example), but there are plenty of FOSS examples today, and pretty much every device has encryption acceleration in the CPU, so there’s no technical reason why it’s impractical today.
The reason it’s not uniquitous today is because data is really valuable, both to police and advertisers.
Because the USA has been a broken fascist husk ever since the red scare and has been in slow decline ever since.
Because physical mail can be easily opened with a warrant. Encryption can be nigh impossible to break. The idea of a vault that cannot be opened no matter how hard you try is something that scares law makers.
There’s been a lot of good research done lately on how to achieve trusted communication on untrusted platforms and over untrusted channels. Encryption is a big part of that.
And there are a number of scenarios where the ISP creates a hostile environment without having been compromised by an external actor. A malicious government, for example, or an ISP wanting to exploit customer communications for commercial reasons.
Hey you guys remember that big AT&T breach recently?
Hear me out, maybe we should update pots and sms to have optional end-to-end encryption for modern implementations as well…Optional as backwards compatible and clearly shown as unencrypted when used that way to be clear.
Att won’t make money off that unless they offer it as a paid service. No reason to give that away for free and the other cell carriers can just pay off (bribe with campaign contributions) legislators to understand encryption is “too costly to implement at such a scale”
FBI: Here’s some communications security tips from the Sureños: tell someone you’ll meet them and leave your phone in a nightstand