[HN Gopher] The UK Is Trying to Stop Facebook's End-to-End Encry...
___________________________________________________________________
The UK Is Trying to Stop Facebook's End-to-End Encryption
Author : gunwithdots
Score : 114 points
Date : 2021-04-04 14:19 UTC (8 hours ago)
(HTM) web link (www.wired.com)
(TXT) w3m dump (www.wired.com)
| Lammy wrote:
| Do UK and the four other Eyes play musical chairs or something to
| decide which of them takes a turn attacking privacy and
| confidentiality online? Sneaky headline wants me to think of them
| in a vacuum.
| account-5 wrote:
| So if I use HTTPS and encrypted DNS what's my risk here? What are
| they able to record?
| intricatedetail wrote:
| They want to compromise entire country security, just to make it
| easy for LE. Problem is that I doubt it will help in any way
| because criminals will still be able to communicate with e2e if
| they will be encrypting traffic themselves and then disguise it
| as normal text etc. It will be a cat and mouse game. Not sure why
| they don't sack people coming with such stupid, totalitarian and
| abusive ideas.
| datavirtue wrote:
| Yeah, how long before it's illegal to send storage devices
| through the mail? Packages scanned, no storage device shipping
| permit, package captured and opened, sender/reciever prosecuted
| for trafficking encryption keys.
| dataduck wrote:
| Is there any co-ordinated political response to this in the UK?
| Where do I sign up?
| max1984_2 wrote:
| I don't want to be "blackpilled" about it. But there is
| literally nothing that can be done about it. None of the
| politicians in the UK seem to care about freedom of speech,
| right to privacy or anything else that is classically liberal.
| Everyone in the UK either supports it or is resigned to it.
| Also almost nobody in the IT industry seems to care about it
| either (I've worked at quite a few places as a consultant).
| archsurface wrote:
| Vote libertarian. Governments will do what they can to make
| their jobs easier, to show off success. I know left leaning
| people are going to dislike that, but it's a double edged sword
| - if you want eg a national health system, you're going to end
| up with the government telling you to eat your five vegetables
| each day.
| varispeed wrote:
| With private healthcare system, the difference will be that
| private company will be telling you to eat 5 vegs a day, then
| they will require that you take a photo each time you eat a
| veg and so on and if you don't you'll be left with nowhere to
| go for help. No thank you. I get that national health service
| is mostly rubbish, but it's better than nothing and if you
| are poor, it's your only chance and you can always have an
| option to go private.
| azalemeth wrote:
| Try The Open Rights Group -- https://www.openrightsgroup.org/
| -- I'm a member and they do lobby, but much less than e.g. the
| EFF
| readflaggedcomm wrote:
| >"end-to-end encryption poses an unacceptable risk to user safety
| and society. It would prevent any access to messaging content and
| severely erode tech companies' ability to tackle the most serious
| illegal content on their own platforms, including child abuse and
| terrorism."
|
| Implying that any system which looks to casual users e2e
| encrypted now isn't, like the web. Are they ready to open that
| can of worms?
| oytis wrote:
| "... and asking for stricter regulation of the technology"
|
| Like, stricter regulation of mathematics?
| tpmx wrote:
| France actually banned non approved _use_ of encryption
| algorithms /math in the 90s so there's some precedence.
|
| https://www.theregister.com/1999/01/15/france_to_end_severe_...
| danarmak wrote:
| Governments that issue patents on math/algorithms/software
| already claim the power to forbid you to use them. They just
| need to patent all public encryption algorithms, in
| perpetuity.
|
| (Sarcastic? Who knows?)
| rlpb wrote:
| Right now, mass consumer use of technology for communication is
| predicated by:
|
| 1. There being a service provider that is a legal entity. 2.
| The service provider providing the client software. 3. The
| service provider gatekeeping to the social network that makes
| the system useful. 4. Consumers not generally being able or
| willing to interfere with their client end software to add E2E
| on top of what the service provider does, even if that is
| technically feasible.
|
| Under these conditions, mandating backdoors through regulation
| is perfectly feasible, regardless of mathematics.
|
| Maybe one day we'll see true P2P software that users actually
| control, with no central entity that the government can coerce,
| actually being used by the mass market. Until then, it's not
| defying mathematics at all to mandate backdoors.
| intricatedetail wrote:
| You can still communicate with end to end encryption even if
| they setup mitm. You just need to exchange keys and then
| encrypt/decrypt yourself. If this becomes a law someone will
| quickly come up with such an extra layer. It is going to be a
| cat and mouse game, people will have no privacy and criminals
| will always find a way, as you cannot regulate maths.
| rlpb wrote:
| > You can still communicate with end to end encryption even
| if they setup mitm.
|
| I already considered this in my predicate: 4. Consumers not
| generally being able or willing to interfere with their
| client end software to add E2E on top of what the service
| provider does, even if that is technically feasible.
| intricatedetail wrote:
| I am sorry, you're right. I wonder what would happen to
| someone and something that would make it easy for your
| own encryption on top.
| oytis wrote:
| I would argue connecting child abusers is a pretty niche
| market.
| MikeUt wrote:
| And enabling child abusers is even more niche, yet houses
| are still sold without built-in surveillance cameras, that
| would let law enforcement look at the recording of what you
| were doing (with a warrant, of course!)
|
| But as it stands, private houses are warrant-proof places
| where anything can happen.
| patrickaljord wrote:
| https://www.wired.com/2011/05/warrantless-house-search/
|
| > yet houses are still sold without built-in surveillance
| cameras, that would let law enforcement look at the
| recording of what you were doing (with a warrant, of
| course!)
|
| yet, but it could come. I can imagine offline AI detector
| that spies on you 24/7 in your house and only sends
| footage when it detects something illegal so the police
| wouldn't do the monitoring. I could see plenty of people
| being ok with that specially if it's advertised as a good
| way to proof your innocence.
| Lev1a wrote:
| I mean... people are already dumb and security-blind
| enough to willingly implant surveillance bugs into their
| homes (Alexa, Google Home, un-neutered smart TVs etc.).
| Just because these are manufactured and controlled by the
| private sector doesn't mean it's not just a stepping
| stone for some kind of mandated surveillance equipment
| installed into homes in future.
|
| No. Thanks.
| CraigJPerry wrote:
| >> One industry source who has spoken with government figures is
| skeptical that such a radical scenario will come to pass
|
| And yet the Investigatory Powers Act[1] passed into law in the UK
| and has never been repealed.
|
| We haven't seen a headline like "local ambulance chief spied on
| my wife's porn browsing habits" so far but I do wonder if there
| have been any abuses by now?
|
| [1] That's the law which allows people like your local fire chief
| or food standards agency to download a copy of your browsing
| history without a warrant. From the legislation itself, here are
| the surprisingly large list of people:
|
| https://www.legislation.gov.uk/ukpga/2016/25/schedule/4/enac...
|
| Getting a warrant in the UK is not some huge effort, in the worst
| cases it can take just under 1 month but regularly can be under
| 35 minutes.
| jariel wrote:
| Getting a warrant to spy on your neighbours wife would be like
| robbing a bank and leaving a note for the cops.
|
| It's literally a crime done right in front of the police, with
| official records and signatures for you to be prosecuted.
|
| The Justice system has all sorts of power. A cop can arrest
| you, right now, for no reason at all - which is totally against
| the law, but he could do it, you'd have to file a redress and
| hopefully they'd be charged.
|
| So the issue isn't really about encryption, it's about the
| integrity of our systems.
|
| We'll get 10x further by improving processes than otherwise.
|
| Technology can help, but it's secondary.
| intricatedetail wrote:
| This all only works in theory. In reality police in the UK is
| mostly useless if you tried to report a crime. They won't
| touch anything unless it gets them PR points or you present
| all evidence, track the perpetrators and so on and still they
| may drop it because the judge wouldn't give them time so why
| bother. It's a problem that media don't talk about.
| azalemeth wrote:
| This is true with with minor crime. It's not true at all of
| violent crime, or serious cases; if you're knocked down by
| a drunk driver, the police absolutely are very good to you
| and do -- eventually -- get there. Minor theft? Expect
| less. Copyright infringement? Hope you are a big player,
| otherwise piss off...
| asddubs wrote:
| i assume in days of https, most of the history they would be
| able to obtain are only domain names, not specific URLs, right?
| BiteCode_dev wrote:
| Except if you have a root certificate, then you can MITM you
| heart away. Which govs probably have.
| asddubs wrote:
| yes, but it'd be the ISPs storing the internet history
| BiteCode_dev wrote:
| Backbones have the reputation of being filled with
| intercepting devices from various entities, including
| gov's own.
| tialaramex wrote:
| Intercepting at line rate isn't a thing. _Recording_
| absolutely happens, but that 's why we're talking about
| End to End Encryption. It would suit snoops very much if
| what they recorded wasn't 90% unintelligible noise.
|
| Right now they get a good idea which sites are visited
| (because of Server Name Indication) by web browsers, and
| they get some portion of email (sent in the clear) plus a
| small fraction of web traffic (HTTP-only) and numerous
| older unencrypted protocols.
|
| In particular they also get most of DNS. DPRIVE work (DNS
| over TLS, DNS over HTTPS, and eventually DNS over QUIC)
| reduces that considerably. Future DPRIVE work also
| includes oblivious transfer (you ask say Google to do a
| DNS lookup on your behalf, they learn who you are and
| which DNS server was asked but not what you asked it, the
| DNS server learns what was asked but not who you are, you
| get your answer).
|
| Or of course, if you're particularly worried, you use Tor
| and everything on the snoops' screens dissolves into
| noise.
| asddubs wrote:
| wouldn't certificate pinning partially prevent this
| though? i'm not saying this is impossible, but for
| regular ISP-logged data that some schmuck wants access
| to, rather than a 3 letter agency or whatever, i doubt
| this is much of a concern
| tialaramex wrote:
| A root CA certificate doesn't allow you to "MITM you heart
| away". Its purpose, as would be clear if you think about
| what the CA does with it, is to sign other certificates for
| keys which in turn are used to sign certificates that
| identify machines.
|
| So first of all this hypothetical government would have to
| issue itself certificates for any sites it was interested
| in intercepting, and intercept the traffic to impose a
| MITM. It has to do this live or it won't work. Every time
| it does this, it provides the other participant a smoking
| gun, which is to say evidence - in the form of these bogus
| certificates.
|
| But wait, if you run Chrome, Safari or similar browsers,
| these certificates just won't work. To be functional the
| government has to obtain proof they were logged for
| everybody to see - in the Certificate Transparency system.
| Without that the user just gets an error telling them the
| certificate isn't logged and can't be trusted.
|
| If they were logged, we all get to see them. Do you see
| them? No, because this isn't actually a thing. It's a
| paranoid fantasy.
| PaulKeeble wrote:
| Hence the desire to backdoor all encryption to see the full
| juicy details. Also the reason DNS over HTTPS exists and is
| spreading.
| schmorptron wrote:
| Does DNS over HTTPS allow the dns provider to see beyond
| the domain name?
| 1vuio0pswjnm7 wrote:
| I am guessing the parent commenter is wondering if the
| full URL can be deciphered from DoH.
|
| In the way DoH is being used in practice, it alllows
| third parties to collect histories of DNS lookups for
| myriad users, separated by individual program. In other
| words, the third party can tell which program was used by
| a given user to initiate any given DNS lookup. The
| program often reveals identifying information about the
| device on which it is installed. Other parties collect
| user data pertaining to IP address and device.
|
| Device fingerprinting, i.e., associating a given user
| with a given device, is in widespread use purportedly "as
| a security measure" by "tech" companies like Facebook.
| Can we be sure the data collected is also not being used
| for other purposes.1
|
| Combine the DNS program+IP fingerprint with, e.g., a web
| browser+IP fingerprint and now we can potentially
| identify a user from DNS lookups.
|
| Now consider that Facebook prefixes all external URLs
| posted to Facebook pages (including external URLs posted
| in messages) so that any clicks on these URLs are
| captured, and the HTTP requests to non-Facebook sites are
| redirected via Facebook servers, again as a purported
| "security measure". Can we be sure the data collected is
| not also being used for other purposes.1 Thus Facebook
| has a history for each user of the URLs in Facebook
| pages/messages that the user clicks/follows.
|
| The problem with DoH in practice is that it is being used
| almost exclusivelt to provide third party DNS. When we
| use third party DNS we give anyone (e.g., a "tech"
| company, a government, etc.) the potential opportunity to
| obtain from the third party (e.g., through subpoena,
| acquiring assets through merger, undisclosed data breach,
| etc.) complete DNS lookup histories for users' individual
| programs. There is no need to do this because there is no
| technical need to use third party DNS. And, of course,
| DoH does not have to be used only by third party DNS
| providers, so DoH itself is not the problem.
|
| 1. If I recall correctly, Facebook in the past has been
| caught lying about collecting telephone numbers "only" as
| a security measure.
| dahfizz wrote:
| They can see the IP address of the machine making the
| request, if that's what you mean.
| capableweb wrote:
| Since DNS (Domain Name System) only deals with the domain
| names themselves, any DNS resolver (communicated to via
| HTTP, TCP, UDP, QUIC or what have you) will only resolve
| a domain name => IP address. Adding a path in there makes
| no sense.
| will0 wrote:
| Correct
| Lev1a wrote:
| It's always either "Think of the children!" or "X will only be
| used to investigate the most serious of crimes like terrorism,
| rape and murder" which shortly afterwards is then (quietly)
| forgotten about when something like browsing history etc. can be
| downloaded by basically anyone in government(s).
|
| Maybe there is a restriction _snort_ where such an action
| requires a warrant but considering that "judges" and "courts"
| for that (like that infamous US secret court, seriously WTAF) are
| basically rubber-stamping enthusiasts, it's not actually a
| restriction and just compromises end user privacy and (online)
| information security.
|
| "Backdooring E2E encryption"/"Private key escrow" are some other
| examples of unrealistic and ultimately harmful things called for
| by technologically inept, old people who inexplicably have been
| granted the power to devise laws that will most likely only show
| their full effects years or decades down the line when most of
| those legislators are either already dead or don't have to worry
| about the consequences of such legislation anyway ("I don't even
| use a computer, what do I care? The internet is just full of
| criminals anyway." quote from my 80-something grandmother). In
| German there is a nice idiom for that kind of thought pattern:
| "Nach mir die Sintflut" (something like "After me, the
| flood/deluge" from what I could find). At the same time these old
| people and their accomplices - indoctrinated middle-aged people -
| try to stem the flow of young people into politics if their
| ideologies do not align with the elderly agenda by e.g. accusing
| them of trying to oppose the protection of children or something
| equally effective in the mass media (via the excuses mentioned
| above).
|
| It's all just so fucked up...
| agurk wrote:
| > In German there is a nice idiom for that kind of thought
| pattern: "Nach mir die Sintflut"
|
| Interestingly this is originally a French saying by Louis XV,
| Apres moi, le deluge [0]. From wiki:
|
| > It is generally regarded as a nihilistic expression of
| indifference to whatever happens after one is gone, though it
| may also express a more literal forecasting of ruination. Its
| meaning is translated by Brewer in the forms "When I am dead
| the deluge may come for aught I care", and "Ruin, if you like,
| when we are dead and gone."
|
| It looks like the German translation of the same idiom was
| popularised by Marx [1].
|
| [0]
| https://en.wikipedia.org/wiki/Apr%C3%A8s_moi,_le_d%C3%A9luge
|
| [1] https://de.wikipedia.org/wiki/Nach_uns_die_Sintflut
| Lev1a wrote:
| Huh, that's interesting, I'd only ever heard of it in German
| from my family members.
|
| TIL.
___________________________________________________________________
(page generated 2021-04-04 23:01 UTC)