E os governos parecem estar ressuscitando as #cryptowars, novamente com a desculpa de proteger crianças de crimes sexuais. Acho interessante que resolver casos, punir culpados e investir em prevenção ninguém quer
"Any EU member state has the ability to designate cryptographic keys for distribution in web browsers and browsers are forbidden from revoking trust in these keys without government permission."
Hypothetically. said browser publishers could tell said EU governments to fuck off.
The users of said browsers could probably do the same. And remove those certificates themselves.
Doesn't Chromium use the OS level certificates anyway? Only Firefox has its own cert store?
The EU would have to tell Microsoft, Google and Apple to do the certificate fiddling and I suspect they would tell the EU to fuck off as well (but more diplomatically, probably)
@simonzerafa I hope the browser vendors would object. However, the EU seems to position itself to fight exactly that. I don't know how but maybe they could force major vendors indeed. But I think it is better to make sure the law does not pass in the first place.
Most users don't even know what a certificate is...
O #ChatControl é apenas o mais recente capítulo da longa história das #CryptoWars, tentativas de interferência estatal nas comunicações privadas dos cidadãos através da sabotagem, ilegalização ou limitação ao uso de encriptação nas comunicações.
Em 2021, fizemos um apanhado das "Guerras da Encriptação" na era digital, que já vêm desde os anos 70, e que de tempos a tempos voltam a estar na moda:
Very much thinking of Phil Zimmermann who fought previous battles in the 90s and won, just to see it comeback every few years in another form.
"The statement is set to outline that Ofcom, the tech regulator, will only require companies to scan their networks when a technology is developed that is capable of doing so, according to people briefed on the plan."
People are saying they dropped the clause on requiring scanning. That’s not the read I have which is more concerning.
They are passing a legal basis now for it and are handing the judgement over to Ofcom for “when it is feasible” to do so. Which is much more dangerous because now implementing this will be in the hands of the executive branch who can change their mind at any point in time and pressure encryption providers separately.
@bodomenke Gab es schon mal, z.B. konnte centericq (entgegen dem Namen ein Multi-Protokoll-Messenger) mit gpg verschlüsseln und mcabber auch. Hab ich vor Jahren wieder aufgegeben, nachdem die wenigen Leute, die verschlüsselt kommuniziert haben, quasi alle auf OTR/OMEMO umgestiegen sind.
Habe meine letzte PGP-Email vor > 20 Jahren versandt.
Mein persönlicher Schutzbedarf ist gering im Vergleich zu dem von Oppositionellen in autokratischen Systemen. Google Workspace & die Cloud im allgemeinem finde ich prima & nutze ich intensiv. Meine Chats könnten auch gänzlich unverschlüsselt sein, so belanglos wie sie sind.
Wenn aber die EU die E2E-Verschlüsselung zerbricht, dann werde ich wohl auf Layer 7 verschlüsseln & Chat nur noch als Transportschicht nutzen.
The #UK#OnlineSafetyBill is a poorly written proposal which would have devastating effects for privacy and availability of online services in the UK, breaking end-to-end encryption. Please sign this petition and boost for visibility.
@barsteward It seems obvious, to reasonable people, that these proposals are unreasonable, but that won't stop conservatives pushing this kind of thing thru.