During the debate on the Online Safety Bill in the UK House of Lords, Lord Moylan laid out the dangers of the encryption-busting clause that threatens our privacy and security.
Take action to stop the spy clause as the Bill moves into its final stages.
Good for Signal! If a willfully misguided government regulation fundamentally breaks your product in a way that compromises user safety, it doesn’t make much sense to continue offering it in the affected market. #E2EE#ForeverCryptoWars#CryptoMeansCryptography
“While the UK government has admitted it’s not possible to safely scan all of our private messages, it has granted Ofcom the powers to force tech companies to do so in the future.”
🇬🇧 To enable #ChatControl mass surveillance, 32 European police chiefs call for halting end-to-end encryption #E2EE. This is an attack on our security and digital privacy in violation of fundamental rights!
The Messaging Layer Security (MLS) protocol has been published as RFC 9420 today! MLS is the first standardized and fully specified end-to-end encryption protocol. The specification is freely accessible, and its security has been analyzed in numerous academic publications.
Check out our blog post for a high-level overview of MLS, its practical applications, and why it matters. https://blog.phnx.im/rfc-9420-mls/
Glad to hear Apple has killed its plans to implement privacy-destroying on-device scan and snitch into its devices (although it will make autocrats like Erdoğan unhappy to hear it because they likely had plans for it).
Fascinating ... Apple joins Signal to provide the most secure end-to-end encrypted messaging protocols. Note: Apple engineers created their own “Levels” and magically theirs is the highest. ;) But regardless, this is obviously strong encryption.
"Support for PQ3 will start to roll out with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4, and is already in the corresponding developer preview and beta releases.”
Without ridding the Online Safety Bill of powers that 'open the door for mass surveillance' and 'the nullification of end-to-end encryption' it'll create a 'significant vulnerability' and 'effectively salt the earth' for any UK tech development.
Unbelievable double-think happening here. The UK government is going full-throttle in its war on encryption, with the Online Safety Bill the vanguard in exposing the security of everyone's device.
Encryption protects us from cyber-criminals, keeps our messages private, and stops governments and corporations from spying on us. It is online safety for kids and everyone.
As end-to-end encryption becomes more popular (yay! :rainbowdance:),
Celebrate yes,
But also remain skeptical about how this word is used and if this claim warrants your trust.
Do not trust blindly.
End-to-end encryption is a wonderful protection when well implemented. But not all apps that use end-to-end encryption are equals.
Verify that:
The provider is trustworthy :blobcatthinkingglare:
Trustworthy third-parties have verified and confirmed the provider's claims 🔍
Metadata is also encrypted and/or that, ideally, its collection is minimized :blobcatpeekaboo:
Solid security measures protect the data as well (For example, if your data is end-to-end encrypted from your password but your password is vulnerable then your data is vulnerable as well) 🛡️
Encryption is truly end-to-end, meaning only the sender and the receiver can access the data and nobody else :ablobcatpeek:
Finally keep in mind that even if a service uses minimal encryption (for example one that still collects a lot of unencrypted metadata) it is still better than the same service using no content encryption at all,
BUT there are almost always much better services that offer truly complete and well implemented end-to-end encryption for their services.
"End-to-end encryption keeps our data and our communications safe and secure. The proposed reforms to the Investigatory Powers Act are the government's latest attack on this technology."
People in the UK may be left in the wilderness without secure messaging services, if the #OnlineSafetyBill retains its encryption busting clause.
Forcing platforms to comply with client-side scanning is state-mandated private surveillance of the kind that we see in authoritarian regimes. Platforms will leave rather than compromise #security and #privacy.
It'll particularly harm journalists, campaigners and activists who rely on #e2ee to communicate safely. #ukpolitics
The government knows and has admitted it cannot scan messages without undermining or breaking encryption, but wants to pretend otherwise. It is playing us for fools. #onlinesafetybill#encryption#e2ee