public authorities "can secretly compel tech companies and individual technologists, including network administrators, sysadmins, and open source developers – to re-engineer software and hardware under their control, so that it can be used to spy on their users. Engineers can be penalized for refusing to comply with fines and prison"... sounds like a nightmare but it is reality in the #UK and #Australia eff.org/deeplinks/2018/12/new- #eff #spy #privacy #security

This is how it (should) work: In the case of Apple’s #iMessage, #Apple would be compelled to silently add new devices to the list apps think you own: when someone sends you a message, it will no longer just go to, say, your #iPhone, your #iPad, and your #MacBook – it will go to those devices, and a new addition, a spying device owned by the government...

... With messaging systems like #WhatsApp, the approach will be slightly different: your user interface will claim you’re in a one-on-one conversation, but behind the scenes, the company will be required to silently switch you into a group chat. Two of the people in the group chat will be you and your friend. The other will be invisible, and will be operated by the government.

bottom line: Don't trust the shiny advertising brochure which tells you about end-to-end encryption, security and privacy if you only get a black box at the end. Only #FreeSoftware, #OpenStandards, #federation and the ability to self host will be able to secure your privacy.

@bjoern ... more of a problem if the person hosting the infrastructure doesn't have sufficient skills or resources to actually keep the environment safe and maintained all the time. That's why I'd rather plead for , - and *reliable*, trustworthy, transparently funded organizations (Wikimedia? FSFE? ...?) running such services for end-users in a professional yet privacy-aware way.

@z428 The problem, with this laws in place public authorities will demand this backdoors from this organizations as well. And they only have two options: comply or shut the service down. Both options will not give us sustainable freedom and privacy respecting tools.

Follow

@bjoern Plus, if talking about a legal dimension, we won't be able to solve this using even tools. How should we? The "naive" default response: Social problems can't be solved with technology. The more complex response: If a public authority doesn't want to have certain things to happen, we will see other means to regulate this. Consider regulations of . Consider strong laws (such as ) that make custom individual hosting potentially dangerous/unsafe. Maybe ...

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!