EU Commission doesn't understand what's written in its own chat control bill

575 点作者 rc00大约 2 年前

27 条评论

dahwolf大约 2 年前

Software is flexible which seems to result in our human rights being equally flexible.Imagine the police regularly raiding your apartment without announcement. The post office opening all your mail. Storage box companies searching your unit.You wouldn't be OK with that. You're innocent until proven guilty and a search requires a reasonable suspicion of wrongdoing and an approved warrant. Private communication is private and absolutely nobody else's business. It's a crime to open somebody's mail.In the digital domain, we're fine with all of these illegal searches, either we don't even know they happen or we do know yet let it pass, as it feels "invisible" and not intrusive. Plus, you're a standup citizen so all is good.And that's how one day you end up as a bankrupted outcast for having insulted the king.

评论 #35348115 未加载

评论 #35348066 未加载

评论 #35351996 未加载

jll29大约 2 年前

Don't believe vendors' lies about "end-to-end" encryption.If caught red handed, they will always say it depends on how you define where both "ends" begin.Do not trust a cloud service that you have not developed and deployed yourself.You may trust untrusted hardware with your encrypted content, but only if you have given it your content pre-encrypted by yourself, not trusted a third party to encrypt it on your behalf. Obviously, this excludes mobile devices.Do not trust a tree of certificates if you cannot trust the root certificate because it belongs to an organization that is in a jurisdiction where people may be interested in what you have written and said in your encrypted message.Don't trust old-school typewriters and the postal system either. Letters are routinely opened and typewriters can be matched. For example, the Stasi (secret police of the former GDR - German "Democratic" Republic) had an archive of type samples of all sold models of typewriters for re-identification of political pamphlets.You can trust a few things: You can trust your Linux box with your self-compiled kernel (no 3rd party drivers), at least as long as it is not on a network. To build a safe environment, you could start there, taking a defensive approach. Remember, last time the paranoid turned out to be naive when Snowden revealed the real status quo in 2013 (ten years ago, when I couldn't buy a 1 TB USB stick).

评论 #35347481 未加载

评论 #35347792 未加载

评论 #35347809 未加载

评论 #35359533 未加载

评论 #35353461 未加载

评论 #35347400 未加载

评论 #35351410 未加载

max51大约 2 年前

This is so common (not just in the EU) that it makes me feel like it was done by design in a lot of cases. By creating these massive overcomplicated bills, they make sure only a handful of individuals are capable of reading them and the rest of us (including other politicians) will never read them and instead have to rely on faith. It feels to me like they want to give you the illusion that it's all open/public but at the same time they don't want other people to read it. The fact that even the politicians signing on it can't understand it should raise a lot of red flags.We should treat them the same way that an anti-virus treats "safe" code with payloads that are obfuscated using techniques also used by viruses (a big reason why you get false positives on cracks and keygens btw). We should assume that they are trying to hide something they don't want us to see when they make their bills extremely hard to read even for lawyers.

评论 #35349042 未加载

评论 #35347290 未加载

评论 #35348148 未加载

评论 #35351336 未加载

评论 #35348786 未加载

评论 #35348982 未加载

Waterluvian大约 2 年前

This is more common than the opposite.I’m reminded of that recent embarrassing display of US government where the TikTok CEO was peppered with the kinds of questions that betray the fact that the congresscritter doesn’t comprehend the topic.If they wanted real answers they’d say, “I yield my time to this SME I brought in.” But they’re just there to look tough on whatever.

评论 #35346926 未加载

评论 #35347069 未加载

WhereIsTheTruth大约 2 年前

That's indeed quite worrying, this plus the American Cloud Act means online privacy is at risk..I wonder why Mullvad doesn't complain about the American Cloud Act, or did they already? Mullvad employees could be extradited to the US if they do not comply (opening up your servers for example), since it's a bilateral agreement with the EUIt's a pretty dark era ahead of us: <a href="https://www.justice.gov/criminal-oia/cloud-act-resources" rel="nofollow">https://www.justice.gov/criminal-oia/cloud-act-resources</a>

legitster大约 2 年前

For all the faults that lobbying brings with it, there is something to be said for actually bringing in outside experts into the legislative process. You can seek intellectual purity all you want, but at the end of the day you are going to have to have some trust that farmers know where seeds go and tech companies know how encryption works.Similar bills have died several times in the US, if only because there were actual experts available (aka, lobbyists) who could tell them why this idea was dumb and impossible.It's hard not to see this following in the line of "right to be forgotten" or "tracking consent" where legitimate concerns about the language of the rules were completely dismissed as industry noise.

评论 #35348753 未加载

mongol大约 2 年前

The podcast episode in Svenska Dagbladet (which is otherwise a very good podcast) was infuriating because the opponent and the host did not catch on to her ridiculous statements about encryption. She really needs to meet a journalist that can cross-examine her statements about this. She got away too easy there.

评论 #35352416 未加载

评论 #35347007 未加载

randyrand大约 2 年前

> Above all, she continues to claim that it’s possible to scan end-to-end encrypted communication without breaking the encryption.This is trivially possible.1. send an end to end encrypted message to the recipient2. also send an end to end encrypted copy of the message to the government.I’m not agreeing with it. But you can clearly send end to end encrypted messages to multiple parties without fundamentally breaking the encryption…

评论 #35355712 未加载

评论 #35350500 未加载

评论 #35349296 未加载

kabes大约 2 年前

> “Next summer, all the scanning taking place right now of child sex will be banned within the EU. That is, if we don’t have special legislation that allows it.”Ah, the good old child sex card. We keep on losing our privacy in its name, but never do I see a number of how many children are actually being saved by the surveillance apparatus.

walkhour大约 2 年前

Reminds me of the senator that asked Zuckerberg how do they make money [0], and Zuckerberg simply said they run ads. What a way to use your questioning time, with something that was a google search away.[0] <a href="https://youtu.be/n2H8wx1aBiQ" rel="nofollow">https://youtu.be/n2H8wx1aBiQ</a>

评论 #35347544 未加载

评论 #35361440 未加载

viktorcode大约 2 年前

She maybe don't understand technology, but I get the feeling that breaking or weakening p2p is not what she talking about. The scanning means scanning performed on the end devices, not of the communications. The idea is to force communication messengers providers to perform scan on end user's device.That, obviously, will fail, as many (including child predators) will migrate to messengers that don't do that.

评论 #35348835 未加载

评论 #35355771 未加载

Freeaqingme大约 2 年前

Someone commented something along the lines of 'but then how are we supposed to tackle organized crime'. As I typed the comment below the comment got flagged and I could no longer reply. Still, I think the bit below may contribute to the discussion. TL;DR; I think that as a society we should more often ask ourselves if something is actually worth fighting if it means sacrificing a lot of our human rights. That may not be a problem on HN, but it is one imho on a political level in many Western countries.There is not always a solution to a problem.Let's say you wanted to bring the number of car crashes to zero. Eventually there's nothing 'reasonable' left to be done, and the only remaining option would be to ban cars altogether. Instead, we accept a certain number of crashes because it's deemed more important to be able to drive a car than it is to bring the number of car crash fatalities to zero*.For example, in a country like Germany there are 0.8 homicides per 100K inhabitants. You could put _everybody_ under surveillance, just to have an easier job of finding the perpetrators. In the process there would be many false positives, wrongful imprisonments, etc.In order to preserve the rule of law, maybe it's sometimes best to accept that you cannot create the perfect society. At least not a society in which people who are innocent (the very vast majority) can also still enjoy their freedoms.Besides, I feel like the police has become somewhat lazy in many Western countries for the past 20 years. Before the rise of the internet, it was simply accepted that you couldn't know what two spouses had said to each other and you had to rely on good-old detective work. However, since things like Facebook Messenger, the cops expect to be able to get a warrant for all this data. That era appears to be slowly ending with E2EE, and all of a sudden they're struggling because those detective skills have slowly deteriorated.* To be clear, I think that in many countries there's still quite a lot of room for improvement to reduce the number of car crash fatalities. Not in the least in the USA.

评论 #35347701 未加载

评论 #35348907 未加载

willtemperley大约 2 年前

Funny - the European Commission told its staff to "Switch to Signal messaging app" in Feb 2020:<a href="https://www.politico.eu/article/eu-commission-to-staff-switch-to-signal-messaging-app/" rel="nofollow">https://www.politico.eu/article/eu-commission-to-staff-switc...</a>I wonder what changed.

评论 #35353511 未加载

评论 #35348244 未加载

v0id24大约 2 年前

I think they understand. I remember how in Russia they justified the blocking of sites and the transfer of encryption keys for messengers. I have deja vu. At first they were justified solely by the fight against pedophiles and terrorists. Then gradually the fight against pirates, then with misleading information, the fight for fair elections, and so on and so forth. Then they canceled the receipt of permits through the courts. Opposition blockades appeared without justification...

akomtu大约 2 年前

I bet Ylva didn't even write it. She's just a talking head for those who don't want visibility.

seydor大约 2 年前

The purpose of most eurocrats is to write long reports to other eurocrats justifying their time and expenses. It's normal to see people claim authority on things they have very little idea of. The recently-caught MEP who took bribes was apparently in charge of science and tech, AI & blockchain , and the things she would say in public were astounding. <a href="https://www.youtube.com/watch?v=ylCxsN3qlkU?t=5m30s">https://www.youtube.com/watch?v=ylCxsN3qlkU?t=5m30s</a>

评论 #35346371 未加载

A4ET8a8uTh0大约 2 年前

I wish I could believe that the individual is just a useful idiot. Part of that rhetoric mostly works in US too, where I kinda place the blame on the old guard for not understanding technology, where it is not exactly given that they do not.edit: From where they sit ( position where they have to champion this effort ), it is just not part of the equation that is relevant to them so any means to get public on your side even with comments about sniffing is justified. HN will ridicule it, but a lot of people will swallow it wholesale.

orangepurple大约 2 年前

It's almost like there is a shadow government [1,2,3] which uses these people as puppets for the citizenry. Of course the puppets are clueless. They just need to approve everything the shadow government has on its agenda.In the Western world there is enough bureaucracy that shadow government operatives can operate from within government institutions freely and unlike the Taliban which projected its power in occupied territories through the overt threat of violence.[1] <a href="https://www.wsj.com/livecoverage/live-afghanistan-taliban-news/card/BFhE0BwSxGmXoRdPyaUL" rel="nofollow">https://www.wsj.com/livecoverage/live-afghanistan-taliban-ne...</a>[2] <a href="https://odi.org/en/publications/life-under-the-taliban-shadow-government/" rel="nofollow">https://odi.org/en/publications/life-under-the-taliban-shado...</a>[3] <a href="https://www.washingtonpost.com/news/worldviews/wp/2018/06/21/the-taliban-has-successfully-built-a-parallel-state-in-many-parts-of-afghanistan-report-says/" rel="nofollow">https://www.washingtonpost.com/news/worldviews/wp/2018/06/21...</a>

denton-scratch大约 2 年前

I simply can't believe she's as ignorant as she comes across; even if she doesn't know that you can't "scan" an encrypted file, she's a damned EU Commissioner; she has a large staff of educated people to advise her.I think she simply doesn't care about the reality, she wants to bang a "protect the children" drum for political reasons.It's odd; she seems to be a pedagogy graduate, who was once (1988) elected to the Swedish parliament as a communist, then worked as a teacher, and was later (1994?) appointed a social-democrat minister. So since her first parliamentary term, she has not been an elected representative, but an appointed functionary. So I guess her "political reasons" amount to pleasing her boss.<a href="https://en.wikipedia.org/wiki/Ylva_Johansson" rel="nofollow">https://en.wikipedia.org/wiki/Ylva_Johansson</a>Former commies who repent don't lose their contempt for ordinary people. They continue to think they are "the vanguard". I reckon she just thinks ordinary people are too dim to notice that her sayings are nonsense.

评论 #35407795 未加载

cultureswitch大约 2 年前

Aside from the obvious impossibility of privacy-compatible searches, I'd like to focus on the authoritarian excuse du jour, child sexual abuse.How prevalent is it really? How often are children actually abused, in comparison to images of the abuse being circulated? Is there really an increase in child abuse over the last couple of decades?It seems to me that this angle is especially unpopular to talk about among privacy advocates because most people will wrongly think that it is defending child abuse. Thanks to the magic of internet forums, I don't have to care too much.In my evaluation, actual child abuse is happening at record low rates in the western world due several factors. The first is the secularization of society, reducing the influence and number of (always male) priests over large amounts of children.Second, practical access to separation and divorce is much easier to women with children than it used to be. Wives can better protect their children from an abusive father than they could a couple of decades ago.Third, a side effect of the campaign to eliminate gender roles and discriminations against women in education and the workplace is that men teaching young children have basically gone extinct.Fourth, the hysteria about the problem has led all men to distance themselves from children in general, in order to avoid even the slightest suspicion.So considering all that, what's really happening? We can expect rates of pedophilia haven't changed much. It's there genetically, and will be for the foreseeable future. The conclusion should be obvious: pedophiles have shifted from a society where getting away with abuse was a realistic prospect to one where it is not. So they do the next best thing and use pornography instead.Of course, the material is still being made and the abuse still happens. But we've gone from a situation where e.g. there was one child being abused by each pedophile to one where that ratio is maybe one child to ten or a hundred pedophiles (or vastly more depending on how much the material was shared).Am I wrong?

评论 #35354733 未加载

Anonboxis大约 2 年前

Here is the Regulation in question:<a href="https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM:2022:209:FIN" rel="nofollow">https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM:2022...</a><a href="https://en.wikipedia.org/wiki/Regulation_to_Prevent_and_Combat_Child_Sexual_Abuse" rel="nofollow">https://en.wikipedia.org/wiki/Regulation_to_Prevent_and_Comb...</a>Its full name is the: Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL laying down rules to prevent and combat child sexual abuse

评论 #35346831 未加载

Superpencil大约 2 年前

She just means that the chat client should perform scanning on-device.This is why she compares it to link preview fetching.Time to re-write that bill.

obiwahn大约 2 年前

Maybe she is just saying that Google and Apple soft Keyboard are scanned and it does not matter if you use signal or telnet...

Tade0大约 2 年前

Steganography is going to gain some renewed popularity should this pass.

ginsider_oaks大约 2 年前

just give me the NSA putting backdoors in my chips rather than this two-faced nonsense.

bitwize大约 2 年前

They have to pass it to find out what's in it!Never go full American politics.

s1k3s大约 2 年前

I'd be happy if they understood what's written in their GDPR bill passed 7 years ago.

评论 #35346871 未加载

评论 #35352823 未加载