Would it also be acceptable for the state to dictate how we store our bananas at home (pedophiles eat them too), what font we use in our greetings cards (terrorists also send birthday cards), or with which hand you are to wipe your arse (even Ted Bundy pooped)?
Citizens should not be treated or approached as enemies of the state by default.
>Citizens should not be treated or approached as enemies of the state by default.
They aren't under these types of laws. Typically the government would need to get a warrant first before this is possible. You don't have to let them be able to read your messages by default.
That's a fair point. The nature of encryption complicates this slightly though.
If the purpose of encryption is to make data unreadable, but a back-door exists that allows anyone with access to it to bypass the encryption, can the data ever really be considered unreadable?
>but a back-door exists that allows anyone with access to it to bypass the encryption
The trick is you don't do that. Ideally you would only want people with a valid warrant would be able to also decrypt the message (bypass the encryption). So the problem is that you want to design a system where this is possible. Perhaps it takes the cooperation of someone from the government and someone from within the company to verify the warrant. Perhaps you have a list of people who need to cryptographically sign the warrant.
It must in no way be possible for any of these companies to ever run a non-verified decryption mechanism on any single server, computer, or other type of device.
There are so many moving parts to manage, infinite possibilities for abuse, and it would require an absolute massive amount of trust in companies with numerous convictions for abuse of precisely that.
If you're going to attempt a reductio ad absurdam, the end position actually needs to be absurd. For drugs, I would assume legalization is the median position in this forum. Guns are more complicated, but there are definitely a lot of posters that think they should be legal.
Just make sure that all your drug users do actually dismantle their guns before they take any! People are responsible as we all know, especially in our modern society where we value our own individuality above society, ie. "I can use drugs safely every once or twice a year, as such I want it easier for me to get some, and that's why I'm asking to make it legal for everybody, no matter the disaster we know drugs cause on a society". It's indeed exactly the same, "I want to hide my messages with my mom from my government so I will fight to prevent the government from being able to decrypt any message at all no matter the basis of the court order, no matter how many children have been raped or killed, I value my own freedom above security of society".
Basically, "the victims don't matter as long as I'm fine".
"Basically, "the victims don't matter as long as I'm fine"."
The victims here are these that get arrested for the victimless crime of taking drugs. A society is less secure if anyone who takes drugs runs the risk of being arrested.
Also loving the unrelated "think of the children" argument.
Why would you be arrested for taking drugs? Because you're driving on drugs perhaps?
The "think of the children" argument is based on personal experience, mind you, I sincerely hope for you that you will never understand the relation, ever.
"The "think of the children" argument is based on personal experience, mind you, I sincerely hope for you that you will never understand the relation, ever."
1: I doubt it
2: You too, I hope that you (or your children!) will never be prosecuted for a victimless crime.
If you take drugs at your home and don't cause any incident, there is absolutely 0 chance that you get arrested. The idea is not to have a camera in everyone's home to send the police every time someone takes a drug, the idea is to punish people who get caught taking drugs because they are causing incidents, such as car accidents, or highly risking to, such as driving after consuming drugs.
Same with this law: if you're not seriously suspected of any felony then the state will not be able to request decryption of your data.
I'm sorry to say my children and myself have suffered from a criminal that took years to catch, I hope we will fully recover one day but sincerely doubt it, but I'm glad this makes you laugh at least that makes two people laughing about it.
"The idea is not to have a camera in everyone's home"
The funny thing is that this is basically what this and any other anti-e2ee regulation is about.
"If you take drugs at your home and don't cause any incident, there is absolutely 0 chance that you get arrested."
Yet it is still illegal and people are still being arrested for ordering drugs and producing their own, how curious.
"my children and myself have suffered from a criminal that took years to catch"
Did that criminal use drugs or end-to-end-encryption?
Responding to your edit:
"Same with this law: if you're not seriously suspected of any felony then the state will not be able to request decryption of your data."
We both know that this is simply not true.
"but I'm glad this makes you laugh at least that makes two people laughing about it."
Not laughting, and if it is true I hope that you recover. I am just (hopefully understandably) a sceptic when it comes to anecdotes in this sort of arguments.
> The funny thing is that this is basically what this and any other anti-e2ee regulation is about.
Because you refuse to understand that we only want suspect communications, not all of them, and also that we don't want to break encryption to acheive that because the person might as well be innocent.
> Yet it is still illegal and people are still being arrested for ordering drugs and producing their own, how curious.
You won't until there is a problem that alerts the authority.
> Did that criminal use drugs or end-to-end-encryption?
Yes and yes, add much more.
> We both know that this is simply not true.
I disagree.
Anyway, I've been prosecuted on wrong basis myself, and got out winner, I'm not affraid this is going to change. I trust my state, my police, my judges, who are independent and who will have to issue a mandate based on serious suspicious before they read my communications.
"Because you refuse to understand that we only want suspect communications, not all of them"
Yet you are endangering all of the communications, not only the suspect ones. Kinda like having a mandatory camera in every home and promising to access it only when you claim that the person living in the house is a suspect. (Yet always having the ability to access it)
"You won't until there is a problem that alerts the authority."
In that case
* Why is it still illegal then?
* How are you so sure? I remember various cases from the US where they jail someone (usually an african-american) just for having some hashish on them.
* "a problem that alerts the authority" such as your neighbour noticing that you are growing some and calling the police on you, or just ordering some online.
"Yes and yes, add much more."
Kinda hard to believe this anecdote but oh well.
"I've been prosecuted on wrong basis myself, and got out winner, I'm not affraid this is going to change. I trust my state, my police, my judges, who are independent and who will have to issue a mandate based on serious suspicious before they read my communications."
If this is true then I am glad that you are fine, it must have been a very stressful, expensive, and tiresome process. Sadly a lot of people (espesially these living in authoritarian countries or these with a judical system biased towards the prosecutor or the police and against poor people and racial minorities) did not have the same luck.
"that's how present reality works."
No offense but it sounds like propaganda to me. Anyone who has been monitoring the news (or who just check HN once in a while) knows that this is not the case.
It's illegal because we don't want to increase consumption because it's not good for society.
Because here we're talking about a european country, where we have very different problems from USA.
Don't grow in front of your neighbours. The police here will not search you if they can't justify a suspicion.
You don't believe then do you want the links to my private youtube video? You will see a guy that looks like a nazi without any teeth that he lost consuming crack saying he's the real father of my son, that I shouldn't be trans, and that he's going to fuck me up in front of the police. Is this something you want to see to believe it? Because you believe we're in a world of good guys maybe?
It wasn't stressful, my lawyer wiped the floor with them. What are you talking about, we're talking about Belgium and France, there are all ethnicities in the police and the justice and all, there is no racism there like there is (apparently) in the USA.
This article is propaganda making our states weaker which does not benefit any of us. Quit thinking we have the same problems as the US because that's not the case.
Earlier I was against legalizing drugs but I have come to my senses there too, but the last 80 or so years has proven that there is only one group that benefits from drugs being illegal in the long run: the criminals.
As for guns, yes just like with insurance we pay, but compared to the alternative it is a small cost.
Actually, they kind of are. I mean, if you have a gun and use it to shoot cans in your backyard, or that you take drugs and stay home, or go out but don't drive, don't attract attention on you, don't cause any problem, are you even going to be arrested? You have no idea how busy the police is with actual criminals.
I'm not saying we shouldn't do illegal things that don't harm others, I'm saying we should catch criminals who actually do harm.
> End-to-end encryption is a system of communication where the only people who can read the messages are the people communicating.
That is not a technical explanation.
We can still have encryption on both ends of a communication, and at the same time have suspects using two keys instead of one to encrypt. We can encrypt a message for multiple users with GPG, why couldn't we here? As far as I understand E2EE still works, except that users suspected of a felony would also have the state key in their encryption, that doesn't mean removing other keys!! Which we should definitely not do because we do not want to compromise the privacy of innocent people!!
Technical or not it does not matter. It is clear and specific. If you encrypt the messages for someone else too (or if you leak the keys) it is not end-to-end encrypted.
"and at the same time have suspects using two keys instead of one to encrypt"
And regular citizens.
"except that users suspected of a felony would also have the state key in their encryption"
And regular citizens :)
Anyway, in that case it is not end-to-end encrypted because the state is not one of the people communicating.
Except that shooting sports have been in the Olympics longer than just about any other sport.
It is a great form of meditation; for an analogy I refer the curious to "Zen and the Art of Archery"
And many of my friends are hunters. This is a nice way to put food on the table. Esp with deer populations not having much other control on them since we got rid of most of the other large predators.
"""The main criticism was that it is simply impossible to rule out that a backdoor - once it is built - is abused by criminals or undemocratic regimes. A lowering of the security level would immediately affect all users - and not just those who are the subject of a judicial investigation."""
The comment says:
> I'm glad you're keeping safe dealers, pedophiles, and other criminals as well as their lawyers.
This does not look like a solid point to me; it looks like rhetoric.
> This draft included a passage that would have forced companies such as WhatsApp and Signal to decrypt their encrypted chats upon request by the authorities for criminal investigation.
> Belgian intellectuals like Professor Bart Preneel said that "by putting a backdoor into Whatsapp, you would make it less safe for everyone".
This does not look like a solid point to me; it looks like rhetoric. Anyway:
> a backdoor - once it is built - is abused by criminals or undemocratic regimes.
If they can get their hands on a governmental private key, which is unlikely.
The NSA leaked its own hacking tools to the internet. Oops.
The US government gave… gave, not leaked, not accidental, deliberately outright gave.. the identities and other personal information of people
who had worked with the US in Afghanistan to none other than the Taliban. Because the Taliban pinkie promised not to slaughter them. Too bad, the Taliban didn’t keep its word.
Let’s not be naïve about the government’s ability or interest in keeping things private.
> If they can get their hands on a governmental private key, which is unlikely.
But those private keys aren't going to be created by the government. They will be created by Facebook, Signal, Telegram etc., who will then hand over one of them to my government, one to yours, and one to each and every government that makes a similar law, from Argentina to Zimbabwe. And they could just as easily hand over another to <insert billionaire or other non-governmental figure you dislike here>.
Just by virtue of providing the possibility of keys to the "Proverbial kingdom" and centralizing location of those keys gives far greater incentive for hackers or state actors to find new ways to gain access to these tools for decryption.
What economic damage can be done in the interval between a private key being accessed by a criminal and the key being revoked?
Depends on the systems connected to the private key of course, but billions per incident are certainly possible in some cases.
Even if this is just private chat on messenger platforms rather than 2FA or HTTPS, imagine how blackmailers would respond to getting all the nudes, the drunk confessions, the adultery, from 30 minutes access to all of the 10th most popular chat app in your country.
Then perhaps you can explain why so much stuff leaks from, say, the USA government?
Not just the stuff from government employees or contractors like Snowden and Manning who appear to be motivated by whistleblowing, but also the actual double agents working for the Soviets in the Cold War, and the apparently accidental leaks of NSA spyware: https://en.wikipedia.org/wiki/EternalBlue
Great, that just leaves the possibility that the system to install keys will itself be compromised, perhaps something like happened a few years ago with a downgrade attack to the old USA “export grade encryption” back when crypto was counted as a munition. The use of e2e encryption started to become a general standard in chat apps precisely because centralised keys proved to be a weak point after Snowden.
What makes you think that exactly? I believe these people cause damage, often irreversible, and that crypto protects them. A proper cost/benefit study has not been taken here IMHO!
Encryption protects everyone. Banning encryption is futile, make it illegal and the next day I'll transmit messages using steganography and other tricks. It would be about as effective as the war on drugs - the only winners would be the criminals making money from it.
I'm amazed that people always seem to link restriction on encryption and guns.
Encryption has a legitimate use in normal society, guns (apart from sport) are a tool applicable to a specific subset of society, easy to misuse or accidently use with extreme consequences.
I know (personally) of a number of cases where people have been killed accidently by guns, and more where anger/emotion has caused things to get out of control. This is not something that happens with encryption.
Simply said, they are not the same thing, stop trying to confound the issue.
A backdoor is a secret way to gain access to a system. I propose that we explicitly design our system to give them access. It wouldn't be a secret that they could get access to the information they needed under certain circumstances.
This has been discussed in many ways before but I'd like to try to phrase it my own way.
When police get a warrant to search your home, after they are done you can get a new lock and recover anything taken as evidence eventually.
When an investigation gets permission to surveil you, it's a temporary affair and records can be stripped of irrelevant personal data before any sort of release or duplication.
Even in the best case scenario, encryption is used in cases where incidental damage cannot be recovered from like above. Encryption is an attempt to restrict an easily accessible, indefinite lifetime, and infinitely duplicatable piece of information to only be meaningful to intended owners.
Let's imagine a very generous scenario, a chat program has encrypted chat such that every message can be unlocked with either the participants' keys or a unique key per message stored and kept safe by the service owner. Law enforcement can request chat logs and the service can return them the keys needed to read the requested logs from the interval specified.
Similar to the second scenario above it is possible after the investigation to cleanse the records law enforcement has, but in this case they are not the primary or secondary source of that information and cannot ensure that all records are permanently safe from outside parties. Anyone can easily get copies of the encrypted versions of communication done over the internet with minimal effort, this means someone can hold on to encrypted information in massive dumps and await inevitable breaches in company security that retroactively reveal all previous communication.
This is the best case scenario, it completely ignores things such as how any investigation is one day inevitably going to be a malicious actor. I don't mean whatever group of people are in charge right now going bad, I mean how all countries/groups inevitably change over time for better or worse. If a bad actor is in a position of power for even a moment, they can retroactively spy on you at all points in the past you use a weakened encryption. Imagine an extreme vegan political group making eating meat a crime punishable by death even if in the past. Your chat logs about going for burgers are easily accessible. Or similarly a retroactive law against abortion.
In the case of well encrypted chat, only the participants have control over the keys and if you want to be sure something is gone you can discard the key. This is no longer the case for encryption with a backdoor.
>Anyone can easily get copies of the encrypted versions of communication done over the internet with minimal effort, this means someone can hold on to encrypted information in massive dumps
How, if you aren't the person I'm chatting with, then you will never see my encrypted messages. How would anyone magically get all of the messages?
>Imagine an extreme vegan political group making eating meat a crime punishable by death even if in the past. Your chat logs about going for burgers are easily accessible. Or similarly a retroactive law against abortion.
Ignoring how common law does not allow for retroactive laws, you are arguing for people to be able to hide the evidence of the crimes they have committed. I imagine how you can see how governments would not be a fan of this. You are just being an example of a person who has something to hide. Killing your citizens on such a large scale is really not in your interest as a government and would not go over well in the global community.
>This is no longer the case for encryption with a backdoor.
I never said to add a backdoor. I said that the cryptosystem should be designed such that law enforcement with a valid warrant will also be able to decrypt the message.
Having a cryptosystem where only the participants or someone with a warrant can read messages is still an upgrade over unencrypted messages where a MITM can store, read, and modify your guys' messages.
Thanks, I understand your arguments and have held them for ~15 years, I have changed my mind: I don't believe "any investigation is one day inevitably going to be a malicious actor", that could happen with any kind of evidence anyway, encrypted evidence is no exception, I also don't believe about retroactive laws like that, and I do want something to be done about the thriving criminality, because I don't want protection from what could happen if reality became scifi, I want protection from the threats we are actually facing in the present reality. That said, your comment reflects an above standard kindness which I deeply appreciate.
> systems which allow for governments to be conditionally able to decrypt messages
Make a backdoor for the government and all organized crime will also have a backdoor and it'll turn any encryption into a security-by-obscurity model. It would be just like those TSA locks which now anyone can open because all the universal keys are public. And such powers will be abused by the government & police as well. It's inevitable, that's very clear from what already happens with current surveillance laws.
>Make a backdoor for the government and all organized crime will also have a backdoor
I never said to add a back door. I said we should add a front door. The cryptographic protocol should take into account the needs of the government too. To prevent abuse from organized crime it should be made difficult to fake warrants.
You compromise liberties of non-criminals. We have taken a while to understand that it is better to let someone guilty unpunished than it is to punish an innocent. I don't want to reiterate the reasoning behind this here.
It would be two or three steps back if we just ignore this awareness here additionally to all the constitutions that forbid surveillance in the first place.
Aside from the chilling effects from surveillance and state abuse, there are just no real arguments for surveillance. Sexual crime happens mostly in the circle of the victims, mass surveillance is a completely incompetent approach to the problem space.
> it is better to let someone guilty unpunished than it is to punish an innocent
Which is exactly what the law was for: to make it easier for enforcement to get more evidence.
This has nothing to do with mass surveillance:
> This draft included a passage that would have forced companies such as WhatsApp and Signal to decrypt their encrypted chats upon request by the authorities for criminal investigation.
As such, I don't understand your point at all, sorry.
Police can't even catch terrorists before an attack despite getting warnings from foreign countries and having the suspects on a list. What makes you think that they'll gain anything from an encryption ban when law enforcement is already complaining today about their inability to make sense of the surveillance data they're basically drowning in.
Secure E2E encryption makes companies unable to decrypt encrypted data upon request.
Therefore, a law forcing them to decrypt encrypted data upon request necessarily makes it illegal to implement secure E2E encryption. QED.
(If the law only allowed them to share with the government data that was already decryptable by third parties, that would be a different matter. That's what happened to Tutanota in Germany: the tribunal ruled that they had to allow the police to access messages sent as cleartext, but they could not be required to put a backdoor in their E2E clients.)
Semantics. E2E is necessary against a wide array of threat models and is a fundamental part of what can be considered 'pretty good privacy' by 2021 standards (pun intended).
If a government, possessing a working set of quantum computers, chose to ban post-quantum crypto algos only, by the same semantics it could be argued that it would not be a general "encryption ban" either.
I think it's clear we're talking about effective, secure encryption, and that means E2E. Faulty implementations are technically an exception, but I don't think you can argue with that in good faith.
> a passage that would have forced companies such as WhatsApp and Signal to decrypt their encrypted chats upon request by the authorities for criminal investigation.
And you'd rather have criminals that we can't catch because evidence is encrypted running around in the same streets as your children? Nobody's saying this law was a silver bullet.
For one, the kind of psychotic violent criminals that might assault random children in the streets are unlikely to get caught thanks specifically to cyber-surveillance.
I am perfectly comfortable with having my children run around in the same streets as people selling drugs or stolen credit card numbers online.
But to address your point less literally - "it might make it easier to catch criminals" is an extraordinarily weak justification for compromising the privacy of BILLIONS of citizens (WhatsApp, sadly, runs most of the personal communications in vast swathes of the world).
You are overestimating the capabilities of the average criminal. If you changed the protocol so law enforcement with warrants could decrypt messages from people on WhatsApp. Most criminals on WhatsApp would not leave the platform. They would just continuing using it regardless.
Having right to an attorney also makes it harder to convict criminals, but the trade-off is still worth it.
A world without strong crypto is a world where all kinds of records and communications are mercilessly exploited by entire armies of bad actors, some of which may sit ten timezones away from you. It is like having your home or business open to the entire 8 billion people out there.
I think you need some data to support your argument here. How many criminals go unpunished because information can't be decrypted? What is the real cost to society because of lack of backdoors?
you're assuming people working at the NSA would rather catch criminals than look at people's nudes. That assumption, unfortunately has been proven incorrect.
