yeah i keep thinking, we’re not getting around the law. we have to get around an effective implementation though by using 3rd party platforms, i.e. ones that don’t conform to legal pressure. i keep thinking we need to inform people¹ about ways of secure communication in the absence of big-platform support. i.e. how do we send encrypted messages outside of facebook. we need matrix chat with end-to-end encryption that actually works, does not rely on a central “identity confirmation” service but works end-to-end. So instead of saying “i want to connect to bob@server2.net” and looking up the bob@server2.net public key somewhere, you should ideally get the bob@server2.net public key directly from the other user, if you have the chance to meet them irl. it’s the only way to actually secure end-to-end communication.
[1]: Note. This is very important. do NOT under no circumstances come up with the stupid ridiculous and outright dangerous notion that you’re gonna convince large masses of the population to care about their privacy. there needs to be a bit of elitism in this.
But the central service for those keys is only sharing the public key. Only the recipient can decrypt the message.
The only information it would give out is “this IP downloaded this public key”. Which can easily be covered up with multiple downloads from different IPs. You really only need to do this once per recipient too, once you have the public key you can just always keep a copy.
Shit, if your already using GnuPG, encrypt a file that’s got all your friends public keys. When you need to send a message, decrypt your file and grab the key you need.
It’s true that the public keys aren’t sensitive and nothing is compromised (in fact, it’s recommended) if the public key is available from, say, a key server.
But MITM is always a concern. Public-key encryption is supposed to mitigate that by ensuring that any third-party listening in in the middle can only get the ciphertext and cannot derive the plaintext of the communication.
But, if a jurisdiction legally forces a rule like the “we get to snoop on everything” one in this law, it changes things. They could, for instance, force key servers to to only give out keys that are generated/controlled by the EU agency so that they can MITM to their heart’s content. My guess at Aniki’s thought process is that if there’s a central distributor of keys, that can be legally strong-armed into bad things, but the people you’ve talked directly to are a different matter. “Web of trust” as it were.
I do think there are probably better ways to deal with that than what Aniki’s getting at, though. If you have Alice’s public key, you can verify signatures she generated, and you can be sure (hand-waves, rubber-hoses, caveat emptor, blah blah blah) that if you have a valid signature signing Bob’s public key with Alice’s private key, Alice vouches for that specific public key being authentically Bob’s public key.
Now, if you only ever get public keys from a small set of (compromiseable) central key servers, then the very first public key you get could be compromised and any other signature generated from the associated private key could be forged by an adversarial party (like the EU.) And theoretically the EU could generate a whole counterfeit web of signatures. So there’s benefit to having at least some of the public keys you trust come directly from the one who generated the key through a known-secure channel.
Before this law goes into effect, (maybe) we can trust at least some of the signatures in public key servers and use those as a basis for secure communication from which we can create a pool of known-uncompromised (qualifier, caveat, tin hats, etc) public keys, and based on those (maybe) detect forgeries and such.
(Mind you, I don’t know the details of this law or whatever. It might be that the law as written will require, say, GnuPG to introduce backdoors. Not that I think they should, no matter what the law says, but it might be that the EU isn’t really likely to engage in quite the lever of subterfuge that I’ve outlined above. It might be more of a blatant “fuck you, we’re the government and you’re going to comply” approach than a sneaky-sneaky trick-everybody-into-thinking-they’ve-got-security-they-don’t approach.)
nah i just think that lots of people are tired of hearing about it. since it’s an issue year-over-year, they’re just waiting until we’re getting tired about it. then they’ll sneak it in.
https://fightchatcontrol.eu/
Jesus. I’m not in the EU, but how is this the first I’m hearing about this?
Time to go back to email and GnuPG.
yeah i keep thinking, we’re not getting around the law. we have to get around an effective implementation though by using 3rd party platforms, i.e. ones that don’t conform to legal pressure. i keep thinking we need to inform people¹ about ways of secure communication in the absence of big-platform support. i.e. how do we send encrypted messages outside of facebook. we need matrix chat with end-to-end encryption that actually works, does not rely on a central “identity confirmation” service but works end-to-end. So instead of saying “i want to connect to bob@server2.net” and looking up the bob@server2.net public key somewhere, you should ideally get the bob@server2.net public key directly from the other user, if you have the chance to meet them irl. it’s the only way to actually secure end-to-end communication.
[1]: Note. This is very important. do NOT under no circumstances come up with the stupid ridiculous and outright dangerous notion that you’re gonna convince large masses of the population to care about their privacy. there needs to be a bit of elitism in this.
But the central service for those keys is only sharing the public key. Only the recipient can decrypt the message.
The only information it would give out is “this IP downloaded this public key”. Which can easily be covered up with multiple downloads from different IPs. You really only need to do this once per recipient too, once you have the public key you can just always keep a copy.
Shit, if your already using GnuPG, encrypt a file that’s got all your friends public keys. When you need to send a message, decrypt your file and grab the key you need.
It’s true that the public keys aren’t sensitive and nothing is compromised (in fact, it’s recommended) if the public key is available from, say, a key server.
But MITM is always a concern. Public-key encryption is supposed to mitigate that by ensuring that any third-party listening in in the middle can only get the ciphertext and cannot derive the plaintext of the communication.
But, if a jurisdiction legally forces a rule like the “we get to snoop on everything” one in this law, it changes things. They could, for instance, force key servers to to only give out keys that are generated/controlled by the EU agency so that they can MITM to their heart’s content. My guess at Aniki’s thought process is that if there’s a central distributor of keys, that can be legally strong-armed into bad things, but the people you’ve talked directly to are a different matter. “Web of trust” as it were.
I do think there are probably better ways to deal with that than what Aniki’s getting at, though. If you have Alice’s public key, you can verify signatures she generated, and you can be sure (hand-waves, rubber-hoses, caveat emptor, blah blah blah) that if you have a valid signature signing Bob’s public key with Alice’s private key, Alice vouches for that specific public key being authentically Bob’s public key.
Now, if you only ever get public keys from a small set of (compromiseable) central key servers, then the very first public key you get could be compromised and any other signature generated from the associated private key could be forged by an adversarial party (like the EU.) And theoretically the EU could generate a whole counterfeit web of signatures. So there’s benefit to having at least some of the public keys you trust come directly from the one who generated the key through a known-secure channel.
Before this law goes into effect, (maybe) we can trust at least some of the signatures in public key servers and use those as a basis for secure communication from which we can create a pool of known-uncompromised (qualifier, caveat, tin hats, etc) public keys, and based on those (maybe) detect forgeries and such.
(Mind you, I don’t know the details of this law or whatever. It might be that the law as written will require, say, GnuPG to introduce backdoors. Not that I think they should, no matter what the law says, but it might be that the EU isn’t really likely to engage in quite the lever of subterfuge that I’ve outlined above. It might be more of a blatant “fuck you, we’re the government and you’re going to comply” approach than a sneaky-sneaky trick-everybody-into-thinking-they’ve-got-security-they-don’t approach.)
Because they’re trying to suppress the public reaction.
You won’t hear about this on prime-time TV news, and it’s even censored on some more popular parts of the internet, like Reddit.
nah i just think that lots of people are tired of hearing about it. since it’s an issue year-over-year, they’re just waiting until we’re getting tired about it. then they’ll sneak it in.
It has been approved, it seems that democracy is dead in the EU.
They’ve waited for MPs to be on vacation too.