• Skull giver@popplesburger.hilciferous.nl
    link
    fedilink
    arrow-up
    17
    arrow-down
    2
    ·
    1 year ago

    After about thirty years, politicians have realised that you can’t break encryption without also leaking their own secrets, eventually.

    If the system was transparent, open, and provided an easy way to get false positive sorted, I wouldn’t necessarily even have a problem with the concept.

    If the choice is between this or banning E2EE like the EU and UK tried to do, I would prefer client side scanning. However, this fake binary is exactly what politicians want you to think of.

    You know how illegal shit gets shared to the masses? Telegram channels. Unencrypted, tied to phone numbers, publicly available if you just know the link. Sure, a bunch of pedos will use top of the line encryption and try to get perfect OPSEC, but that’s extremely hard to pull off, even for seasoned professionals.

    Automatic scanning isn’t a solution to a lack of knowledgeable officers and a lack of public prosecutors getting their shit together. Politicians don’t like the idea of someone using encryption to get away with disgusting shit, and that’s enough for them to come up with ridiculous laws.

    • ExtremeDullard@lemmy.sdf.org
      link
      fedilink
      arrow-up
      21
      arrow-down
      1
      ·
      edit-2
      1 year ago

      If the system was transparent, open, and provided an easy way to get false positive sorted, I wouldn’t necessarily even have a problem with the concept.

      How can you even say that?

      This is what baffles me the most: how does anyone even entertain the idea of letting a third-party scan their own files on their own device uninvited? Even if the process is transparent and there’s a 100% fool-proof way of taking care of false positives, the very idea of letting anyone scan anything on my computers in the first place is completely unacceptable!

      People would have never deeemed anything like this even remotely acceptable 25 years ago. But in 2023, enough people have internalized the idea enough that this actually has a chance to become law without creating an outrage. I am utterly distressed by what society is willing to accept nowadays.

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        arrow-up
        4
        arrow-down
        4
        ·
        1 year ago

        That’s why I put the conditions “if the system was transparent, open, and provided an easy way to get false positive sorted” on there. That’s like saying “if people were good, I’d believe in communism”. In the real world, these conditions will never be met.

        We have antivirus software and it works just fine without sending samples to the mothership (though it does work a lot better if you let it upload stuff to their sandboxes). The theory behind the system is solid and well-intentioned people working together can make a real difference.

        A big problem I’m seeing with this debate is that politicians aren’t going to give up on trying to enforce scannability of all messages. “I don’t want nothing of the government on my device!” is how you get a 2030 law banning Linux on the desktop. Every politician of every political party has heard every argument by every activist. Everyone in the general public has heard how bad the concept is. Nobody is capable of stopping the inevitable legal attack on properly private messages.

        I think we can get more people behind this if messenger apps are willing to work together and show people the implications in terms they understand. If WhatsApp shows “Ursula von der Leyen (EU) has been added to the chat” to every chatroom and adds a label “No problem, only x% chance of child porn content” on every image or meme shared (where x is just the percentage of pixels with a skin color hue), people would riot. Maybe add random emoji responses by “Ursula” too just to remind everyone that she’s watching. Of course no app will ever want to spook their users like that, but I think it’s the only way to stop this movement.

        I’m very pessimistic about the future. We’ve had useful encryption for about 20 years after it being considered a military secret for hundreds or even thousands of years, and I think we’ll eventually lose it again.

        • ExtremeDullard@lemmy.sdf.org
          link
          fedilink
          arrow-up
          6
          ·
          1 year ago

          Your entire line of thinking hinges on the premise that the politicos (and presumably, whichever oligopolies their do the biddings of) will have their way one way or the other. What you’re saying is, if we don’t make concessions on the client-side scanning and accept some implementation of it, the privacy-respecting tools we have now will be banned.

          My question is this: why is any of this inevitable?

          None of what’s being proposed here solves any problem. Pedo material can be fought with the legal and technical tools we have now, as demonstrated by the news of entire pedo rings being dismantled, and pedophiles going to jail as a result on a regular basis.

          The fact that you’re willing to make compromises on solutions to a fake problem means that you’ve already acknowledged we’ve already lost.

          The truth is, if people today were as outraged as people of my generation are over this, this false choice wouldn’t have to be made at all. Things are just fine the way they are today, and you don’t have to give up anything if you don’t assume you’ll have to give something up.

          • My question is this: why is any of this inevitable?

            At what point have we gained freedoms and reduced government control over the internet since OpenPGP broke the international ban on cryptography? I only remember a downward curve.

            Maybe it’ll take 50 years, maybe it’ll take 5, but I haven’t seen any attempt at all to protect end-to-end encryption by law. There have only been attacks on it. The EU’s upload filter made it into law, intelligence services are gaining more and more power to tap the internet all over the world, and gen-Z’s perception of privacy will let the big corporations win. The boomers and older gen-X’ers who don’t understand the internet are easily swayed with “think of the children” and gen-Z didn’t grow up with the core concept of privacy that previous generations knew.

      • Depends on the criminal. Some are smart enough to use Signal, but many others buy special crypto phones (which then get hacked by law enforcement because law enforcement isn’t dumb either).

        You won’t catch the smartest criminals, but you will catch up the dumb ones who can provide you with information about criminal networks.