128
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 22 Apr 2024
128 points (98.5% liked)
Europe
8326 readers
2 users here now
News/Interesting Stories/Beautiful Pictures from Europe 🇪🇺
(Current banner: Thunder mountain, Germany, 🇩🇪 ) Feel free to post submissions for banner pictures
Rules
(This list is obviously incomplete, but it will get expanded when necessary)
- Be nice to each other (e.g. No direct insults against each other);
- No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
- No posts linking to mis-information funded by foreign states or billionaires.
Also check out !yurop@lemm.ee
founded 1 year ago
MODERATORS
There's not much they can do about PGP, though. Sure, encrypting stuff manually can get a little bit annoying, but nothing a quick browset extension wouldn't fix.
The moat difficult part will ve convincing your friends to use it, and actually sharing keys, but if you really need to hide what you're talking about, it's not like stopping a e2e rollout will help in amy capacity. Quite the contrary - people who they want to target with this will only start to be even more carefull, reaulting in them loosing access even to those backdoored privacy messengers they already probably have and criminals rely on.
What if they make it illegal and jail people whose messages they can't open?
Once you have a tool that uses pgp with keys you provide, and encrypts messages in normal chats, changing the actuall message format would probably be easy, so there's plenty of room for adittional steganography. Images would make for a perfect cover, with something like last-bit steganography.
But, I hope it won't come to that.
They will have tools to scan for steganography. I bet Palantir or some other dodgy tech bro company is more than happy to sell something like that to them. And with PGP's not only strong encryption, but just as strong authentication, they'll have no problem whatsoever proving that it was you who sent those illegal encrypted messages.
That's true. I guess that in this case, your best bet is (assuming you don't have something so illegal to hide, that they do want to expend large amount of resources on you) to just go security by obscurity, and have some kind of obscure custom steganography that's not widely used.
And for PGP - I though that there's a difference between signing and encrypting a message, and when you only encrypt and don't sign, they can't attribute the message to you, assuming they don't have your private key or the original plaintext? Or is it possible to attribute a encrypted message using only public key and cyphertext?
I'm not entirely sure, and was more thinking of the standard application of PGP where encryption and signing go hand in hand.
That's the whole point of making end to end encryption illegal. So, yes, this will happen.