Post AXv1eamIVQyDB3GOno by mansr@society.oftrolls.com
(DIR) More posts by mansr@society.oftrolls.com
(DIR) Post #AXuqP4dUczuXeQXj1s by neil@mastodon.neilzone.co.uk
2023-07-21T06:13:04Z
0 likes, 0 repeats
"UK amends encrypted message scanning plans"Where "amends" means "fiddles around at the edges".If Apple, Signal, Meta, and other companies remove their communications services from the UK, and many people's private chats are subject to widespread warrantless suspicionless spying, I wonder how many of the bill's avid proponents will quietly drop their papers / work from their CVs and profile pages?#OnlineSafetyBillhttps://www.bbc.co.uk/news/technology-66240006
(DIR) Post #AXuqP5QlfnKI7Fb4pk by mansr@society.oftrolls.com
2023-07-21T10:13:05Z
0 likes, 0 repeats
> If Apple, Signal, Meta, and other companies remove their communications services from the UKThey won't. They say they will, but they won't.@neil
(DIR) Post #AXuqP6VPg0dVRwmIiG by neil@mastodon.neilzone.co.uk
2023-07-21T06:19:11Z
0 likes, 0 repeats
When the first age verification scam happens, and someone is tricked into handing over their passport info to a scammer?The first compromise of an age verification service, leaking loads of sensitive ID documents?The first time a backdoored chat service is exploited, and someone's private messages are obtained?When the UK loses data protection adequacy?#OnlineSafetyBill
(DIR) Post #AXurShkbkyKZmoAMXQ by rob@openshare.me
2023-07-21T10:24:55Z
0 likes, 0 repeats
@mansr @neil They won't have any choice, they will have to.They can't break a key feature of their products for the entire world because one tiny backward principality thinks it is King Canute.On the other hand, it is a real Law, any of their managers operating (or just visiting) here can be thrown in jail if they continue to offer those services here.They only have one way to comply.
(DIR) Post #AXusSdwQ1JRHvRE14a by mansr@society.oftrolls.com
2023-07-21T10:36:08Z
0 likes, 0 repeats
@rob @neil Are you really naive enough to believe that they'd give up all the profit they make from the UK just to make a point? They'll huff and puff a bit, then weaken the encryption for UK accounts.Signal might stick to their word. For the rest, the only question is how they'll dress up the explanation to their UK users.
(DIR) Post #AXutI23g74JNUZ7niS by rob@openshare.me
2023-07-21T10:45:25Z
0 likes, 0 repeats
@mansr @neil Problem is it wouldn't just be UK accounts, it would be anyone worldwide who communicates with a UK account, or is in a chat group with just one UK user. They have to consider what fraction of the worldwide user base they will lose to products that don't cave. Nobody seriously trusts Meta anyway, but Apple makes a big thing of E2E, and it is the only thing signal has.
(DIR) Post #AXuwfSPwZmzHlZOv3I by JonnyT@mastodon.me.uk
2023-07-21T11:11:40Z
0 likes, 0 repeats
@rob @mansr @neil Not to mention that there have already been many features in e.g. iOS/macOS across the years that have not been available in the UK. Did this have any impact on Appleās ability to keep selling things in the UK? No, none at all. Apple would remove access to FaceTime and iMessage here in the UK in a heart beat. The impact on their profits would be minimal. It would be nothing if Google and FB did likewise.
(DIR) Post #AXuwfTEHYdFmHgx7Vw by mansr@society.oftrolls.com
2023-07-21T11:23:17Z
0 likes, 0 repeats
@JonnyT @rob @neil I'll believe it when I see it.
(DIR) Post #AXuxNSKyEfwIG83T2e by rob@openshare.me
2023-07-21T11:31:12Z
0 likes, 0 repeats
@mansr @JonnyT @neil You will probably never see it because Ofcom doesn't currently stand a chance of having any measures survive contact with reality. My money is on it hanging around as a bad smelling suspended power in the hope the noises being made in other legislatures come together into concerted action.
(DIR) Post #AXuy9kdbUvpIuvncky by mansr@society.oftrolls.com
2023-07-21T11:39:56Z
0 likes, 0 repeats
@rob @JonnyT @neil That's probably what Meta et al are betting as well, that they won't have to do anything at all while making grand statements now gives them an appearance of being the good guys.
(DIR) Post #AXv0f4Tdz9pxKjCeDA by revk@toot.me.uk
2023-07-21T06:25:09Z
0 likes, 0 repeats
@neil I was wondering if a separate app that just does message encryption, but does not send messages, is in scope. Ideally linking to your messaging app of choice underneath.
(DIR) Post #AXv0f5Vo8bA6XjDtDs by neil@mastodon.neilzone.co.uk
2023-07-21T06:28:51Z
0 likes, 0 repeats
@revk Like PGP?
(DIR) Post #AXv0f6Kr4nzl636en2 by revk@toot.me.uk
2023-07-21T07:10:22Z
0 likes, 0 repeats
@neil yea but was thinking slightly easier to use and slightly more integrated with underlying messaging apps.
(DIR) Post #AXv0f6zybut99aLUsy by neil@mastodon.neilzone.co.uk
2023-07-21T07:14:35Z
0 likes, 0 repeats
@revk Yes, sure - I just wanted to check I understood the principle.A standalone encrypter is not a user to user service, and is out of scope of the #OnlineSafetyBill, but in-scope services may feel compelled to block encrypted content which they cannot scan. Including password protected PDFs, zip files etc.
(DIR) Post #AXv0f7l7mcbPVoP9NI by revk@toot.me.uk
2023-07-21T07:15:59Z
0 likes, 0 repeats
@neil OK so it needs to use steganography, sending images that are impossible to determine if they have encrypted content or not.
(DIR) Post #AXv0f8asgC0E6KcU2y by penguin42@mastodon.org.uk
2023-07-21T12:07:56Z
0 likes, 0 repeats
@revk @neil I wonder about something like a QR code; you couldn't block them for normal uses, but then I don't see a way to tell if they contain encrypted data or not.
(DIR) Post #AXv1K6qe4hpuYlWwG8 by rob@openshare.me
2023-07-21T11:38:44Z
0 likes, 0 repeats
@mansr @JonnyT @neil In the meantime, the uncertainty will trash swathes of the UK tech industry. Think about folks like @element - a UK tech success story selling encrypted messaging products to many of Europe's governments. Once regulations are established, their UK based founders and employees could be thrown in jail for continuing to do so.
(DIR) Post #AXv1K7n8ZEclUAteQi by kentindell@mastodon.social
2023-07-21T12:08:31Z
0 likes, 0 repeats
@rob @revk @mansr @JonnyT @neil @element Genuinely think the tech industry should retaliate against the Tory Party: block their web sites, throttle their connectivity, throw them off email, block them from social media, deny them apps. They want to attack technology, make them live without it.
(DIR) Post #AXv1K8nsnwoacmFlEO by mansr@society.oftrolls.com
2023-07-21T12:15:25Z
0 likes, 0 repeats
@kentindell @rob @revk @JonnyT @neil @element Excellent idea.
(DIR) Post #AXv1eZRhSWtr2scR3g by rob@openshare.me
2023-07-21T12:17:12Z
0 likes, 0 repeats
@kentindell @revk @mansr @JonnyT @neil @element It isn't a Tory Party thing, it is a populist politician thing. @UKLabour broadly support the legislation and in fact tabled a particularly insane amendment which urged the government to go further and ban VPNs in the UK. All of the main parties have their fingers in their ears chanting "think of the children" without any critical thought or engagement with the industry about the reality of the issues and viable solutions.
(DIR) Post #AXv1eamIVQyDB3GOno by mansr@society.oftrolls.com
2023-07-21T12:19:08Z
0 likes, 0 repeats
@rob @kentindell @revk @JonnyT @neil Do it to all the politicians then, except perhaps any who openly oppose the nonsense.
(DIR) Post #AXvekwRskCDAKzjVEu by tomstoneham@dair-community.social
2023-07-21T18:34:43Z
0 likes, 0 repeats
@neil @revk If I read the bill correctly, *email* is not a regulated service, ever. Full exemption. Doesn't that seem rather stupid if you are trying to stop bad actors? There are loads of e2ee email services already and will be more as soon as bill passes. They can even advertise as ways to get around #OSB
(DIR) Post #AXvekx6IJwXOMKdmEK by webmink@meshed.cloud
2023-07-21T19:35:25Z
0 likes, 0 repeats
@tomstonehamBright future for Delta Chat then. https://delta.chat/en/@neil @revk
(DIR) Post #AXvfq68MGKlnmGchuq by tomstoneham@dair-community.social
2023-07-21T19:47:24Z
0 likes, 0 repeats
@webmink @neil @revk Is it possible to 'do a Delta Chat' for SMS, which is also exempt?