[HN Gopher] France rejects backdoor mandate
___________________________________________________________________
France rejects backdoor mandate
Author : hn_acker
Score : 252 points
Date : 2025-03-21 20:35 UTC (2 hours ago)
(HTM) web link (www.eff.org)
(TXT) w3m dump (www.eff.org)
| phtrivier wrote:
| Though it is a good piece of news (and those are not that common
| nowadays), some caution about the political context is warranted
| here.
|
| The National Assembly is very divided a the moment, and the
| Minister defending the backdoor amendment is from a minority
| party at the AN, that just happens to have majority in the other
| chamber.
|
| Also, he is preparing for a presidential bid, and has a fair
| share of ennemies, both in and out of his party.
|
| So, all in all, it was a relatively "cheap" move from the MP who
| voted against it :
|
| - it's screwing up with a powerful opponent
|
| - it's easy publicity given that "spyping in whatsapp" would made
| bad headlines
|
| - there has not been a massive terrorist attack recently, so the
| measure will not look urgent.
|
| I'm pretty sure that some of those MPs, asked to vote the same
| thing by a president of their party, after a terror attack, would
| vote for the backdoor.
| palata wrote:
| Just like for other big challenges like biodiversity and climate
| change, it feels like it often boils down to the politicians just
| not understanding enough to take rational decisions. Of course
| they can't all have a PhD in cryptography, but they should also
| not have no clue at all.
|
| Over an over again, politicians are asking for backdoors. To me
| it just proves that they don't understand the very basic of how
| encryption works.
|
| Especially these days in Europe, it seems completely insane: it
| is already a problem that most companies use US services, given
| that the US have become hostile to Europe. The sane way to go is
| to try to get better privacy for European companies/people, not
| worse. Adding backdoors just makes it easier for adversaries to
| access private data.
| miohtama wrote:
| But think of the children
| WJW wrote:
| The children are not benefited by Putin and Kim Jong-Un being
| able to read their messages.
| dataflow wrote:
| > they should also not have no clue at all. Over an over again,
| politicians are asking for backdoors. To me it just proves that
| they don't understand the very basic of how encryption works.
|
| Unless you're claiming that it's literally impossible to
| construct a cipher with multiple decryption keys, I don't see
| how you're implying that asking for a backdoor "proves they
| don't understand the very basics of how encryption works".
|
| Their stance differs from yours due to their values being
| different from yours, not due to inferior literacy.
| whatshisface wrote:
| It is impossible to construct a cypher with just one key,
| such that the good guys (spanning several allied nations,
| dozens of government agencies, perhaps even local police) can
| use the key, but bad guys (spanning several opposing nations,
| dozens of intelligence agencies, thousands of hacker groups,
| tens of thousands of individual cyber-criminals around the
| world) cannot. We are talking about every single person who
| can buy a copy of a piece of paper carried out of HQ being
| able to read all of your personal and professional
| correspondence: no doubt a possibility.
| dataflow wrote:
| You're missing my point completely.
|
| These folks very well understand that bad people can steal
| keys. Stolen keys have been a thing since antiquity. It's
| not rocket science they don't understand. Every single key
| in history has had a risk of theft and this is no
| exception.
|
| The truth is a lot of them understand this just like you.
| But unlike you, _they are willing to accept this risk_. You
| aren 't. That's fine. You have a value disagreement -- you
| don't think the risk is worth it, and they think it is.
| Which is why you make arguments about the merits of the
| issue, instead of attacking the other side on their basic
| literacy. Just because you disagree on values that doesn't
| mean the other side is stupid or illiterate about the
| basics.
|
| This isn't about politeness either, it's actively
| counterproductive to your own cause: insulting people and
| showing that you lack a basic understanding of their
| position is a sure-fire way to make sure they dig their
| heels in and continue to oppose you regardless of the
| merits of the situation. i.e. it's a grest strategy for
| losing in the end.
| whatshisface wrote:
| I don't believe that France is actually willing to accept
| that every opposing intelligence agency will obtain the
| key...
| adgjlsfhk1 wrote:
| the problem with backdoored encryption isn't making a cypher
| with multiple decryption keys. It's keeping secret that's
| worth billions of dollars and shared among 10s of thousands
| of people. The difference between backdoored encryption and
| no encryption is whether the backdoor is known to the public.
|
| There is a coherent set of values that lead to saying "no
| encryption", but not one for "only backdoored encryption".
| whatshisface wrote:
| I would like to know what the public opinion on these issues is
| before blaming politician's ignorance, considering that to them
| the relevant knowledge is knowledge of what voters will support
| or tolerate. The impossible promise of backdoors that France
| can enter but no other country, organized criminal syndicate or
| petty government-employed stalker can find is only one
| impossible promise among the many we can hear from the world's
| parliaments. In fact, the impossible promise is something of a
| stereotypical tactic.
| aucisson_masque wrote:
| French want less criminals and immigrants in the street.
| Whatever it takes.
|
| I'm french, i have not heard any people, work, street, even
| television or internet speak about that.
|
| The sad truth is that it wouldn't even solve the issue,
| criminals will always be able to use encrypted
| communications. there are open source software that can't be
| tampered with, software that doesn't use a single server
| where backdoor can be put, or they could even simply encrypt
| their text message. i could do that from my mac terminal and
| Bruno Retailleau isn't going to put a backdoor in my mac
| terminal...
| ziofill wrote:
| I've lived and worked in France for three years. There are many
| things I've learned about it, some good some bad, but certainly
| one of them is that France is a country that can show real
| leadership.
| buybackoff wrote:
| I've found the original debates video on the National Assembly
| website. My French is good enough for that (not enough for
| cooking et al. though), so I believe I understood. I'm positively
| surprised by some deputies remarks. But Bruno Retailleau is
| either totally incompetent technically, with his advisors as
| well, or is a liar. "We will apply the math selectively, only for
| those that are a threat and when the big brother approves"... In
| every country it's the same narrative. This time it was not about
| children, but "Freeing France from the drug trafficking trap"
| ("Sortir la France du piege du narcotrafic"). And it looks like
| it was not the main point and they tried to pass it as a minor
| subnote or something. ... They will find dozens of other issues
| to cancel the math.
|
| https://videos.assemblee-nationale.fr/video.16453163_67dc786...
| mytailorisrich wrote:
| France is in decay with incompetent and unpatriotic governments
| for decades.
|
| It is facing many issues but has lacked strong leadership
| courageous enough to put country first. So, in fact, it is a
| fairly typical European country...
|
| The spread of "narcotrafic" is an example of that, there are
| others. If you follow French news you'll see many.
| buybackoff wrote:
| I live in France for the last 5 years. Been to many places in
| the world. France is OK overall.
| mytailorisrich wrote:
| Well I am French. "OK overall" is obviously good but at
| global scale this means better than the "third world", so
| context is important.
|
| The context of my previous reply is France's "direction of
| travel", which negative like most other European countries.
| This is a key metric on any meaningful timescale, which is
| what ultimately matters.
| buybackoff wrote:
| I beliebe you are talking about the first derivative. I
| want to believe the second it all right lately.
|
| The scariest thing in France I've seen is ~20yo voting
| for Mel-the-leftist-egocentric-schmuck so that they could
| keep doing nothing but taxing productive people. Other
| that that the "direction of travel" is dual: either drown
| in the mire of ever increasing taxes or kick ass. My
| feeling is that France has everything for the later, but
| for some weird reason prefers the former. Yet, in the
| meantime, it's OK. And the very latest geopolitics
| headlines are nice, if they ever come true.
|
| My original point was about individual rights. I'm glad
| the country stands firm on that.
| hansvm wrote:
| Totally unrelated, but since you brought it up a bit, I find
| recipes written in French to usually be much higher quality
| than similar recipes I find in English -- enough so that I'll
| alter my country and language for search engines when searching
| for recipes, and for ChatGPT I'll ask the question French.
|
| Modern translation products aren't too terrible to cook from.
| Especially if you know some French already, I think you'd get
| good results dropping your recipes into an online translator
| and trying to make the most of it.
| buybackoff wrote:
| What I had in mind is that I go to a local market every
| Sunday to buy some nice fresh food. But e.g. for the
| fish/meat I still only understand 1/3 or 1/2 of the
| names/term. But I have read the tax code sections more than
| once in details... I do not cook like a French, and oh they
| cook rally nice! :)
| aucisson_masque wrote:
| The backdoor mandate was part of an anti organized criminality
| law, Bruno Retailleau (interior minister) pretend criminals use
| encrypted chat to communicate and so backdoor is required to
| intercept their communications.
|
| makes sense to the average non tech people.
|
| The sad truth however is that it wouldn't even solve the issue,
| criminals will always be able to use encrypted communications:
| there are open source software that can't be tampered with,
| software that doesn't use a single server where backdoor can be
| put, or they could even simply encrypt their text message.
|
| i could do that from my mac terminal, encryption is basically
| mathematics. Bruno Retailleau isn't somehow going to put a
| backdoor in every device that could be used to encrypt. People
| even used to encrypt communications before computer.
|
| The only looser of that law is the normie, you and me, who use
| whatsapp or signal to chat and couldn't ever push their relative
| to use things like pgp encrypted email.
| FirmwareBurner wrote:
| Wouldn't law enforcement just use Pegasus style zero-days to
| spy on the their targets? So why all the hubbub about making
| backdoors that become vulnerabilities for nefarious users too?
|
| Like why bother convicting Signal to create a backdoor for you,
| when you can put your nations geniuses to find some RCE bugs in
| Qualcomm or Apple modems or SoCs, and spy on them that way?
| This way nobody's the wiser.
| whatshisface wrote:
| Governments around the world do not want to stop at the
| identifiable target. They'd like to imitate the US and China,
| obtaining special deals with service providers that allow
| them to collect summary statistics and identify individuals
| computationally from the total of all communication.
|
| Here are a few uses for total surveillance:
|
| 1. Public opinion can be monitored on a much more objective
| level than polling provides.
|
| 2. Discontent can be identified long before potential
| protestors are aware of others who share their views.
|
| 3. People whose views are significantly outside the usual
| range can be picked out and targeted in advance of any crime,
| even when no crime would occur.
|
| 4. Serious attempts at labor or protest organization can be
| resolved into definite schedules with more basis for
| comparison to other events than the participants themselves
| have access to.
|
| 5. There would be no more electoral surprises.
|
| From this list, you may notice that states that are presently
| democratic have even more of a use for this capability than
| the others.
| bdelmas wrote:
| I feel like they would reserve this type of hack to
| international criminal organizations (plus terrorists and bad
| countries) but not for smaller fish.
| whatshisface wrote:
| The smaller fish, as you say, could just talk in person
| like they used to.
| stop50 wrote:
| There are still methods that are unbroken.
|
| Onetime pad: messages are encrypted using an key that has the
| same length as the message
|
| An enigmalike machine: the enigma has some problems, but that
| can easily be fixed. If someone uses more complicated keys
| than AAA they should be safe from reading the messages.
| jbm wrote:
| While I generally agree with your position, this is the same
| unconvincing argument I've read for a long time.
|
| Even if there is a specific criminal gang that is sophisticated
| enough to use a properly encoded open source application, the
| majority aren't, and there is enough of a overhead and
| annoyance factor that will allow the majority not to use them.
|
| If any open source application gets enough people using it,
| there will be plenty of opportunity for the maintainers to be
| bullied into submission to the state. Then the fragmentation
| will begin ("You need to use this branch, that branch is
| compromised").
|
| If 10-20% of your full time job as a criminal is keeping your
| communication encrypted, that's probably a win for the
| government.
| whatshisface wrote:
| Then the criminals will just talk in person about all the
| information they downloaded about us. ;-)
| wholinator2 wrote:
| Your assertion that criminals are idiots or lazy might hold
| true in the case of the high school weed dealer but i'd argue
| strongly against that case for the international drug trade
| or traffickers. The more sophisticated the crime, usually the
| more money, the more incentive to keep it hidden. These laws
| aren't written about weed dealers, they're written about
| traffickers. The justifications are always the high level
| traffickers and related peoples, the people most likely to be
| locked down anyways.
|
| And besides all that, let's invoke the slope, would you
| install a camera in your home? Even if you would, are you
| willing to force that upon every other person, regardless of
| their feelings or wishes?
|
| Sure, let's think of the children. Can we also think of the
| potential future regime jailing/torturing all their political
| opponents? Why must we always be asked to think of only one
| side of the harms?
| AceJohnny2 wrote:
| Tangentially, France has had the CNIL [1] since ~1978, following
| a scandal about creating a national citizen's database, and
| exists to prevent exactly that. (I believe the objection stemmed
| from memories of the Petainist fascist regime during WW2)
|
| The CNIL is why France (and now Europe) has "Right to Forget"
| laws. It is the direct ancestor of stuff like GDPR.
|
| Unfortunately, I feel like the CNIL is fairly neutered nowadays.
| Nevertheless, it serves as historical precedent, for those who
| remember it exists.
|
| [1] "Commission Nationale de l'Informatique et des Libertes" ~=
| "National Commission of Computing & Liberties"
| nickslaughter02 wrote:
| France has rejected _this_ backdoor but keep in mind that France
| is still in favor of chat control (mandatory on device scanning
| of your communication). There 's now a majority among EU
| countries and the proposal is expected to pass. The next meeting
| is April 8th.
| buybackoff wrote:
| I hoped that was a part of this EU debate. It's sad if not.
___________________________________________________________________
(page generated 2025-03-21 23:00 UTC)