The article says “The EU Commission wants all smartphones to search messages and photos for allegedly suspicious content before they are sent via encrypted messaging services.”
So then you just sideload the messaging app instead of using the official build that complies with the legal system. Just like many crime groups do already - look at the EncroChat phones that gangs were using.
This just isn't enforceable. Yet more laws made by people that don't understand the technology.
With no proof, yes it's a conspiracy theory. As others have stated, there is another app linked in the wiki article about EncroChat which was developed by the FBI, with evidence to back that up.
> "So then you just sideload the messaging app instead of using the official build that complies with the legal system"
That's not how computers work.
The scanning would take place at the lowest possible layer (ie. keyboard input, or kernel-mode input driver, etc), such that the user-mode software itself wouldn't be able to bypass the scan. It could also happen at the hardware layer.
You'll need to bring your own hardware/software to ensure you're not being monitored.
If you had a look at EncroChat at all, you'd see that they were running a custom Android OS with a bunch of their own apps on it.
Yes, we can take it to hardware level, however, that's not what was being discussed. The idea of mandating app developers to use the scanning tech can be trivially circumvented. i.e. Law makers not understanding the technology.
Mandating a hardware implant to achieve the same goals is a better understanding of the technology involved, but that ends badly for everyone. At least with software, a vulnerability can be fixed. In hardware, you're stuck with buying a new device or living with the vulnerability. Not to mention it's an open statement that the law makers want to spy on you.
How is that going to help you? Googles recent android version are also making sure you can't change the default camera app for in app photos. So you'd have to run a bunch of third party apps in conjunction.
It's possible, just really inconvenient. Except for the "few" people running their custom rom android phones.
So roll back to a previous version and start there. Android is open source. No reason a community couldn't fork it, maintain it and do what they want with it.
Jailbreaking is also a thing. Modifying the OS enough to break through vendor imposed restrictions. Why is that implausible for this example?
I'm not saying it's easy. There are certainly limitations due to the secure boot process of Android devices. But what if there was a way to change the root keys? Then it's an open game. Black market for devices with modified keys, unique per device, sign the image loaded on them to ensure the same level of security, and then load whatever you want.
This idea that our corporate overlords define what we are able to do is the only thing stopping us from proving otherwise. If someone says something is impossible, you ask for proof, question them, check their work. You don't accept and move on. This is a foundation of security research - any business claiming their product is "hack proof" is just asking to be hacked. Same goes here - if the vendor says you're not allowed to do something, you find a way around it.
It just seems like we're moving trust further and further down the stack. Sure, you can do verification of your OS, but then the question becomes can you trust your firmware, hardware, etc.
Nope. We'll never have truly free computing until we can make our own hardware at home. Just like we can make free software at home.
Governments will eventually decide that unrestricted computers that run arbitraty code are too subversive. They turn laws into a joke. They destroy entrenched business models. Stuff like copyright barely makes any sense now that networked computers exist. Encryption alone is a potent enough weapon to defeat militaries
They don't want the masses to have access to such a poweful thing. Industries and governments are completely aligned on this matter.
