Head of the Signal app threatens to withdraw from Europe
(www.bluewin.ch)
from schizoidman@lemmy.zip to privacy@lemmy.ml on 03 Oct 02:26
https://lemmy.zip/post/50130806
from schizoidman@lemmy.zip to privacy@lemmy.ml on 03 Oct 02:26
https://lemmy.zip/post/50130806
cross-posted from: lemmy.zip/post/50130760
threaded - newest
Shocker. I do however wonder what prevents someone from downloading and installing the apk to their phone. Am I wrong in believing this is a real way to bypass them leaving a market?
Doesn’t Signal work with phone numbers? They will probably block every EU number from accessing the service to protect themselves legally. Maybe you could use something like jmp.chat to circumvent that? Probably need a VPN as well to mask your IP. In any case, it will decimate the user base, so you’re left chatting with yourself anyway.
To my understanding, you just need a phone number to make an account. I think it can be a burner number. But then if you ever lose access to the account you can’t recover it.
google.
androidsage.com/…/google-blocks-sideloading-of-an…
So first step is installing an alternative phone OS then.
yeah, except according to my understanding of the topic, there is not much adult alternatives. graphene will have the same problem.
If you are running Android Open Source Project without Google Play Services, Google has no control. However, manufacturers could be pressured into locking bootloaders and then no one gets AOSP or GrapheneOS at all.
You can move to WiFi tablets then. The hostile network boundary would then begin on your MiFi router.
If signal pulls out of Europe we’re in a pretty fucked state. Apps like signal will be reduced to operations it a few fringe countries eventually
Signal is nice because it has a pretty good adoption rate even with non techies (which is why they’ve been mentioned by name in the chat control proposal). But privacy enthusiasts will still have briar/simplechat/xmpp. Those aren’t centralised like Signal and will be a lot harder to regulate
You won’t be able to install those apps soon after Android bans sideloading of apps that aren’t signed, or bans sideloading of apps that are not from the playstore itself.
What then?
I don’t think privacy enthusiasts use vanilla Android. People will stick to Lineage/Graphene for as long as it works and then switch to something like Postmarket. It’s already in a state where it’s rough but usable.
Yes, but not everyone they want to talk to will go through that effort. It’s already hard enough to convince someone to download another messaging app that they will only use with you.
Europe: Companies can’t lock down your operating system.
Also Europe: Companies must force back doors into their operating systems.
I wonder how long those two things can coexist.
Well, Google’s current behaviour is already putting the future existence of F-Droid into question.
We need FOSS phones badly and in numbers that manufacturing isn’t horrible. That is until our governments force carriers not to connect them.
If I could find a reasonably priced 8" Linux tablet, I’d sell my phone and buy a cellular wifi AP.
You can spoof IMEI and pretend your phone is an old iPhone. Carriers wouldn’t know.
“privacy enthusiasts” not everybody can do that. also remember that privacy is a spectrum.
ChatControl 2.0, if passed means your entire device is backdoored so it doesn’t matter what apps you installl, they can get your info pre-encryption
Custom roms is your best bed at that point. I do use GOS already.
It’s great as long as you can guarantee that the person you’re communicating on the receiving side does the same. Otherwise it’s useless as your messages will be read on the receiving device. In practice it will make private communication extremely cumbersome and niche.
Also, the authorities can backdoor your custom ROM device at will, when seized.
I mean I don’t see them back dooring GOS anytime soon. But your right both ends need to have a custom ROM.
Steganography. There’s more than one way to protect your communication.
And encryption in transit is better than no encryption at all (assuming the baddies don’t already have full access to your phone data).
That’s the whole point of Chat Control 2.0
Not quite; Chat Control hearkens back to Apple’s doomed attempt at on-device CSAM filtering - the idea is that on-device images and message contents would be scanned for known hashes. This means a nation state could go fishing on devices for known content, but it wouldn’t allow them to indiscriminately sift through all the content at rest — they’d have to know what they were looking for.
That’s where the steganography comes in, because the hash based approach will fail if the content they’re looking for is obscured in some manner.
Just a matter of time as soon as it gets passed. balkaninsight.com/…/europol-sought-unlimited-data…
Didn’t know they come with sleeping facilities. They’re so versatile nowadays! SCNR
😅🤣
ChatControl 2.0 will mean that phones localized outside of Europe will sell at a premium.
Unless you outlaw alternative ROMs some devices will be not backdoored.
They will begin so, but the regulation means the authorities can backdoor your device way easier than they can today. It doesn’t mean your custom ROM device will be free of the scanning software forever.
It also means that you need to know that the receiving device you’re communicating with is clean custom ROM device, otherwise your messages will be scanned on the receiving side.
The regulation is a complete shitshow privacy nightmare hiding under CSAM trenchcoat. We’d do well to organize and fight against it, instead of trying to back down to the perceived safety of esoteric custom ROMs.
I like to be in control of what happens on the hardware I own and what services I use. If given no choice I will cease using them altogether. I agree that the law is an absolute shitshow, but with the recent speedrun to totalitarianism we should not fool ourselved that it won’t be passed. It will be, eventually. It doesn’t hurt to start digging the trenches meanwhile. For it is a war.
We still have Matrix.
I don’t understand how this “threat” is supposed to work. If the law passes won’t any and all chat encryption be affected? In that case it doesn’t matter how you get the app, or if you manage to get it in europe. Its encryption will be broken/unavailable.
I suspect that signal will be asked to add a backdoor to their encryption, they will refuse and subsequently banned from EU app stores.
What even is that? Aren’t the 2 app official app stores American anyway?
Yes they are based in america but they have to comply with regional laws since they operate internationally. the apps available in these stores, and the laws that apply to them, differ per country.
If I understood correctly “they” here means Google and Apple because they are corporations that sell products, advertisement brokerage, SaaS, physical devices, etc in the EU. They have to comply otherwise they wouldn’t be able to make money if one of the most profitable markets. They solely chose to comply because it puts their baseline at risk, not solely because of regional laws.
Encryption isn’t magically broken because a legislature says it is.
They have to apply teeth to a market they control. Not everything is within their control. Though, signal is.
Laws don’t magically break encryption. I’m not sure what you’re trying to say.
They’re trying to force Signal to weaken the application, Signal says they won’t do it.
They can ban Signal for not complying, but you know how difficult it is to ban a digital application? It might make it more popular since it’ll be one of very few actually secure messaging apps out there.
I imagined the law would be enforced by a deal with google and some global android state approved keylogger/backdoor completely bypassing all apps including Signal. But yeah, I’m having trouble wrapping my brain around this.
Recently Google announced they were going to restrict certified Android devices to only allowing apps approved by Google. An F-Droid member found references to “blocked developers” in the new verification code. It’s not unreasonable to assume that this developer blocklist could be region-dependent and Google could use this ability to block Signal from being installed in EU.
Canary coal mine kind of signal (pardon the pun)
Edit: they also obviously do not have a choice. If they legally must weaken their work and the core of their work is that it’s not weak… then they have no work. So they can’t accept it.
I always threaten to pull out, but I never do
Dumbass. Always pull out. And wear a condom.
This is what I always say to myself when reading the Japanese porno mags.
I can smell the STIs
🧐
For a future with privacy, not mass surveillance, Germany must stand firmly against client-side scanning in the Chat Control proposal [PDF - Statement from Meredith Whittaker, President, Signal Foundation]
This is the right choice.
Signal does not have a large enough userbase to threaten something like this. EU will just shrug and move on.
Hard disagree. Politicians use Signal themselves for their private group chats.
Anywhere to petition or digitally sign?
Please check out fightchatcontrol.eu if you want to take action against this.