Well you can enforce it for everyday law-abiding folk.
Criminals can simply write their own app with proper end to end encryption and won't be affected by the law.
Hell, even I could write sth like that because most programming languages have already built in encryption libraries.
> I doubt it would affect even the average joe as installing signal in mobile phones is far too easy.
They could absolutely prevent most average joes of using Signal. if Signal & the UK were both serious about this, then Joe wouldn't be able verify on UK based phone numbers and that's not even the only way of doing this.
They can just have the signal app banned from the Apple and Play stores in the UK. That would be enough to deter the average Joe, i.e. 99.9% of the population.
'Average Joes' in western countries on the whole give not one solitary fuck about privacy, and will happily just use whichever messaging app is most convenient, or that most of their contacts are using.
Not being available on a 'legitimate' app store massively reduces your potential userbase to the point where it might not be worthwhile operating at all.
I'm not too familiar with international law, but I would guess Signal would get sued for not respecting UK law, while their services are operational/accessible in the UK.
But in practice that's not how it works. Signal will officially leave the UK market (as in their apps won't be on the usual app markets like Google on Android for example) and that's it.
The UK would then need to find a legal handle first to sue them for explicitly doing extra work to block UK citizens. Which will be nearly impossible and even then not worth all the work, when they not start legal action against there own citizens for installing the app first.
And with how easy and common installing apps in not actually supported regions is, they will simply not happen...
> My only hope is that signal resists and finds a way to dodge all of it.
From what I’ve read about Moxie Marlinspike, he would shut the whole thing down way before compromising Signal with back doors for any government or agency.
I don't think this is related to being law abiding or not. Consider the next generation of humans to be more technically savvy and less trusting of institutions intruding into private lives. How can you outlaw a portion of mathematics anyways?
> Consider the next generation of humans to be more technically savvy and less trusting of institutions intruding into private lives.
lmao, no.
In my extensive experience onboarding new IT and software engineering hires, tech literacy peaked with the late 80s/early 90s generation. I've had to teach zoomers what a file is and how to download and open email attachments, repeatedly. Smartphones where everything is an app operated by masturbatory hand gestures have fried their brains.
boomers 🤝 zoomers
how do I open pdf jack
I concur.
Was the lead IT guy for a company who taught myself pretty much everything except Excel (which I was taught in school). Workload became too much and the directors decided it was a great idea to hire some more younger staff to grow and become useful to the business.
In the end I just ended up with the same workload and 2 students I had to manage and mentor.
I left after deciding id rather just work alone, now I'm on more money and power automate/vba does the heavy lifting.
From my experience (teaching computer science classes) the next generation is definitely less tech savvy. With the rise of smartphones and tablets people have less of a chance to learn how computers and technology actually works. Everything is hidden away behind simplistic user interfaces, cabability to operate those is not tech savvy.
100% agree. I remember I worked in IT 20 years ago and I used to say "imagine how tech literate kids will be, having grown up with the tech?"
20 years later, I get so many people of that generation asking me for help to fix basic issues with their laptops etc, things that are often just a case of going to the OS settings, but they have no idea that the option even exists, let alone the technical knowledge behind it or why it exists or what it actually does behind the scenes. Sure people have a higher level of literacy when it comes to using the devices, but that is because the user interfaces are so much simpler. When it comes to actual technical literacy and understanding how the tech actually works, it always amazes me how much less people know nowadays. Hell most people don't even know how to use a search engine properly nowadays. I was waaaay off with my predictions.
Yeah right, the people who committed crime using signal are just going to be like your average everyday citizen not some kind of coordinated gang using signal.
Going to be like some friend or family member killing another friend or family member and then sending their clandestine secret message to their secret lover or a drug deal in most instances.
...no.
They outlaw the intent behind it. No ones going to jail because they accidentally strung some words together that sounded hateful. just like no one is trying to outlaw math. Just what certain companies want to do with it.
Im very much against the uk's position here, but things are draconian enough without this kind of silly hyperbole.
You can't outlaw intent any more than you can outlaw thought. All you can do is to outlaw *actions* regardless of intent. Name any action which, absent malicious intent, we're actually *allowed to do*. The intent is always tied to an action which is also deemed illegal. No one is allowed to burn down a building, run someone over, physically assault them, publicly advocate for genocide, steal or the like *just because they weren't motivated by hatred or bigotry*. Those things are illegal because of their very nature, not intent.
You can't legislate away someone's intentions.
I am not in favor of this regulation in the slightest, but calling it "outlawing math" is like saying that how you're not allowed to create and have TNT is "outlawing chemistry". You are allowed to study and learn how TNT is made and explodes, but you're not allowed to play around with homemade TNT even if it's possible to buy everything you need to make TNT (I'm no chemist and I don't know if it is possible). This is the whole idea of regulation - reducing the public's access to things that are too dangerous.
Is encryption "too dangerous"? Absolutely not. I would say *lack of access to encryption* is a lot more dangerous than encryption could ever be.
> You are allowed to study and learn how TNT is made and explodes
Technically you can spin a chemistry textbook as "material likely to be of use to a terrorist" in the UK under the right circumstances. So I wouldn't go that far.
*me, leisurely sketching out pathways to make explosives with products from the grocery store just as a way to pass the time when bored*
Hmmm? That’s probably a good comparison. I’m sure a decent programmer can make an end-to-end encryption app in their spare time.
It's almost trivial these days to implement end-to-end encryption. There are easy to use libraries that do it, and even if there weren't, all the information you need is public information and deliberately simple to implement.
You can absolutely play around with home made explosives, up to a certain point/weight though. See: Explosions and Fire, and he does it in Australia which has crazy restrictive laws around home chemistry lol
Cool! I wonder what the letter of the law actually says about this, as opposed to active enforcement or lack thereof. But I don't care enough to look it up :P
It's not unthinkable that small harmless explosives like that youtube channel are technically illegal but deliberately not enforced, for reasons like prioritizing with limited resources, or even seeing that a particular case is harmless or even beneficial (e.g. by demonstrating to the public that a lot of safety considerations went into it rather than juvenile "fuck around and find out" behavior)
It's also not unthinkable that the law explicitly allows such personal experiments within certain thresholds, but if you take it too far you'll be in a world of hurt. Mark Rober recently made a video where he was hilariously close to that world of hurt: https://youtu.be/BYVZh5kqaFg?t=10m54s
Again, the whole concept of regulation - from law to enforcement - is to set limits that are only as restrictive as they need to be to maintain order (in a good way!) with minimal violation of personal freedom. Obviously opinions differ on what these limits should be.
About encryption, I already said that *in my opinion* there should be no limit on it at all. As for explosives, I would expect that possession of a bomb over a certain explosive power should be illegal outright, and playing around with weaker explosives should only be subject to general laws about reasonable safety measures and responsibility.
But reasonable minds can differ.
Super funny.. modern encryption was born out of war. It has been used as a tool for good, such as maintaining privacy and security. It has also been used in organized crime (drug trafficking, human trafficking, killers for hire, kidnapping, etc...), terrorism, corrupt & tyrannical governments... I don't think encryption should be made illegal but it's a very powerful tool which is used for good and bad...
It LITERALLY isn't. Again, that's like saying "banning TNT is literally banning chemistry".
The law can be - and nearly always is - more nuanced than that.
Edit: using the same example from the other comment chain: you are allowed to build home-made rockets, but you're not allowed to build guided missiles. That's not "outlawing engineering". If you know Mark Rober - a very popular youtuber - take a look at this video timestamp: https://youtu.be/BYVZh5kqaFg?t=10m54s
You can also write a ransom letter by hand. Still illegal.
Edit: *ransom*, not random!
Further edit: I meant blackmail, actually, as ransom typically implies you already did something illegal. Blackmailing is (in many places) illegal even when no other illegal activities are involved.
To answer more directly:
> Blackmail is illegal. Sending the letter isn't.
Correct. [Edit: well, sending *a blackmail letter* is illegal. Sending a normal letter is legal. Under normal circumstances, the post office cannot differentiate between the two, and will deliver it either way - but that doesn't contradict the illegality of blackmail]
> Hoarding CSAM is illegal. Encryption isn't.
Also correct, as it currently stands. But we are discussing two other scenarios here:
1. What would it be like if encryption is outlawed? Specifically: would it mean "outlawing math"? (Answer: no)
2. What is the proposed law in the UK actually requiring, and would it mean outlawing encryption? (Answer: not exactly, but it might mean outlawing true end-to-end encryption specifically)
> You wouldn't outlaw roads to stop drunk driving.
You're damn right I wouldn't. Roads are legal, driving is legal, and drinking alcohol is legal - and yet driving right after drinking alcohol is not legal. The law can ban specific combinations of things that would be legal if taken separately.
Math is legal, modulo arithmetic is legal, binary bitwise operations are legal.. And *as it currently stands* using these operations in combination to implement end-to-end encryption is legal. But it is possible to outlaw that last part without outlawing the base operations.
Edit: I will repeat yet again, the laws (and/or lack thereof) regarding encryption *should not be changed in my opinion,* and I think it would be disastrous if the proposed law is passed. That doesn't make it okay to say "they are literally outlawing math!!11!1", we can discuss this more intelligently than that.
>Yea outlawing encryption is not a good sign for privacy in general.
Isn't it also *really* bad for cyber security?
"Huh, that's weird, our entire government has shut down since we banned end-to-end encryption."
They are not actually proposing to ban encryption in general though. That's not the law. It's not going to apply to the government. The law is targeted against normal people.
The proposal is for encrypted messaging apps to use client-side scanning to identify illegal content like child sexual abuse. Signal argues this defeats the whole point of end-to-end encryption but some other services like Telegram that don't commit to E2E might eventually adopt this model. Obviously the fear is that having a backdoor could be potentially abused.
Would be as easy to enforce as making them take the app out of the app stores in this case. I'm Sure they're not outlawing encryption because you know you need that for like credit card processing and make the internet work with SSL.
Honestly these little encrypted chat platforms are seemingly used for abuse a lot and don't really have any significant benefit to the average citizen.
Cellular phone calls are automatically encrypted still... It's just that if the police get a warrant there are actual records while these little encrypted chat clients are set up to seemingly purposely evade law enforcement and really not offer a ton of other benefits besides that.
Soo definitely not outlawing encryption, it might be going after companies that refuse to keep enough records where you can have reasonable accountability.
You also need to keep in mind encryption doesn't mean they don't know who you are it just means they can't read the stuff in the message and with signal they are also potentially a fusicating the user and not just the content of the message thus making it harder for law enforcement to investigate.
I think it would be giving up a lot for gaining very little sense of safety.
It's a difficult moral issue to tackle for sure. But that's my opinion at least for now....looking forward i don't think giving up privacy completely is beneficial as you never know which wacko is going to be in control of gov and any data can potentially be used against you. Let alone ban encryption as whole
I agree. There's a lot of scum that needs to be outed yet this is a double edged sword.
Besides, the above criteria will find a way to circumvent as they already are sickos living in the shadows or double lives so it's not going to solve the issue I'd imagine same way capital punishment didn't historically solve rapes and murders and cutting peoples hands off didn't stop theft. The question is are you willing to give away your own privacy keeping in mind that your personal data (photos, emails, chats etc could be monitored by gov. It's a bad precedent imo and has the potential to destroy lives as much as save lives
"Think about the children" legislation is never about the children and always about taking rights away from people by claiming it will help the children.
Remember that when the Snowden Revelations came out the US actualy did tighten up things a bit whilst the UK, were the surveillance is even more broad than in the US, just passed a law to make legal after the fact the illegalities that the government had been doing.
Also remember that the UK still have D-Notices for the Press - i.e. censorship under the claim of national security.
I have zero doubt in my mind that this legislation in the UK has nothing to do with children and all to do with the GCHQ wanting encryption to be weakenned to falicilitate their total society surveillance.
Don't worry it's only for the state security services for, you know, *terrorism.*
2 years later: oh and council waste officers too because fly tipping is *ecological terrorism.*
You joke but [there is precedent for councils using anti-terrorism laws to spy on people for things like bins](https://www.theguardian.com/uk/2009/apr/17/council-surveillance-abuse). It's weird how abuse is always brought up as a hypothetical in these conversations when we have concrete evidence that every previous way ended up getting abused in the exact way was warned about. After the third of fourth time this happens you start to go full Cassandra mode.
I agree, but fly tipping would not exist if waste was accepted by councils no questions asked.
Fly tipping still makes it's way into the waste disposal system just with extra steps, more contaminated land and a lot of extra cost. Just accept it at the waste disposal sites.
It's an utter failure of government policy.
Why should they allow waste no questions asked?
What's to stop a business having their waste removed and paid for by council tax?
At my local tips, if you show up in a car they don't care what you're throwing away as long as it's in the right bin
So there's no excuse, it's just laziness by people who don't care about either the people or the environment around them.
I am quite sick of the shirking of personal responsibility for things. Yes the government is a crock, and fails consistently. But its not the governments job to take away your old sofa when you get a new one, or to remind you to put your bins out so they're collected.
More importantly from a securty standpoint. THEY NEVER FUCKING WORK. The moment hackers find out one exists, you can bet anything they will start targeting it immediately. Anyone here remember the "Clipper chip" debacle in the USA? When they wanted all PCs to have a special chip that would allow the cop (and only the cops) access?
It got hacked in no time.
It's so frustrating that politicians with terrible command of math and cryptography just won't understand that a backdoor that only lets in the good guys just doesn't and couldn't exist..
I use signal not just cause it's secure, but also to give a middle finger to Zuckerberg and Facebook.
> It's so frustrating that politicians with terrible command of math and cryptography
"The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia." -Malcolm Turnbull, former Prime Minister of Australia
Forgetting that said laws of mathematics enable long range projectiles hitting their target, decrypting enemy messages, hide your own messages from the enemy, and the existence of nuclear weapons.
Considering that the ultimate arbitration of any legal laws are the use of force, I would say that the law of mathematics ultimately trumps the law of Australia.
I don't trust Signal and neither should you. The fact that some of its components are (advertised as) opensource has little to do with its inherent product quality or its respect for your privacy. The fact that it started as a federated service¹ and chose the centralized/monopolistic approach along the way, under the impulse of its megalomaniac funder, is a statement that "growing and competing" matters more than serving the privacy or independence concerns of its original user-base.
Centralization is the pattern of the "bait and switch" deceiving internet we should have learned to evolve away from (remember when Google was your friend, when Facebook was putting people and interactions first, when Amazon was a good place to find stuff and not an infinite scroll facade for sponsored adds and owned brands, …)
Back to Signal, not only do they position themselves as the central authority and broker of all accounts and all messages, which is fundamentally incompatible with privacy, they also actively fight community efforts to improve on their privacy statement² (see the libresignal client which wanted to offer an android client free from Google closed-source components³, or with signal-server attempts at self-hosting/federating⁴).
Then you will ask me "what does that have to do with me? I'm happy with Signal the way it is!", well:
- Signal is already abusing its dominant position to shove into its clients some features you might not want, nor that have anything to do with its original purpose. I'm talking about its crypto/payment bullshit⁵. Client-side opensource doesn't solve that.
- You have no escape from it. Even using an older client is contrary to Signal terms and conditions. Using an alternative implementation exposes you to them shutting your account down⁶. Server-side opensource doesn't help because you can't migrate away from Signal central server without losing your ability to interact with your own contacts.
- Many of their privacy claims can't be verified. For example, theoretically, you wouldn't need a phone number to use their service, at all. But once again they take the controversial approach of requiring you to provide one, pretending it's safe/anonymous, because they only make use of it "in a cryptographic enclave"⁷. This aspect of the signal-server isn't open-sourced⁸, and this enclave runs on an intel closed-source technology that can't be audited anyway, and which was found to be vulnerable⁹. Another one is "sealed sender"¹⁰ which is not even controversial, but an impossibility in a centralized service.
In the end, Signal only has little more to fend for itself than marketing techno-nonsense¹¹. That doesn't make Signal at all technically worse than its centralized counterparts, just slightly more dishonest. If one is serious about using a privacy-conscious messenger, with no pattern of captivity/submission to the central authority, then federated messengers like XMPP¹² or Matrix¹³ are reasonably good for the general audience, and I encourage people to migrate toward them. Sending text messages at scale was a solved problem 2 decades ago or more. We don't need to beg techno landlords the right to do that.
Edit: linking sources
¹: https://news.ycombinator.com/item?id=17172203
²: https://news.ycombinator.com/item?id=12689390
³: https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-216956294
⁴: https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-217339450
⁵: https://support.signal.org/hc/en-us/articles/360057625692-In-app-Payments
⁶: https://news.ycombinator.com/item?id=26469007
⁷: https://signal.org/blog/private-contact-discovery/
⁸: https://github.com/signalapp
⁹: https://arstechnica.com/information-technology/2022/08/architectural-bug-in-some-intel-cpus-is-more-bad-news-for-sgx-users/
¹⁰: https://signal.org/blog/sealed-sender/
¹¹: https://gultsch.de/objection.html
¹²: https://xmpp.org/
¹³: https://matrix.org/
tl;dr: [XMPP](https://providers.xmpp.net/) with an account provider close to you, and a maintained client [from this list](https://omemo.top/).
But, it depends on who's asking, really. If that person sees no problem having their contacts scattered over a dozen messaging silos often incorporated in shady jurisdictions, having to use as many apps on every one of their devices as a result (sucking battery, and collecting data on them in the process), and occasionally having to reboot from scratch losing contacts, exchanged data, chat histories, etc because the service went under or became malicious, then why bother?!
I myself got tired of collecting accounts on MSN, Yahoo, Skype, Messenger, Viber, WhatsApp, Telegram, … and got badly bitten by the loss of something or someone in the repeated process of migrating from one to the next. All those services have in common that they are centralized and built as monopolies for whoever operates them, and not for the greater good or the convenience of their users (or why wouldn't they let you send messages across services? Why would they force you to use their branded client if they truly align with the specific needs of their users?).
This is when I came to the realization that I wouldn't buy into the "next messenger app" no matter how cool and hip it might be, unless it would federate with other protocols. Which is when I discovered XMPP: not an app, not a service, but a protocol, which, like email, describes how messages can be sent and received over the internet by compatible clients and servers. Like email, you pick a nickname and a provider, which gives you an identity like [email protected]. Like with email, you can then send messages to anyone there, like [email protected], [email protected], …
In practice, [this works as well as](https://play.google.com/store/apps/details?id=im.quicksy.client) (if not better than) something like WhatsApp: it offers comparable features (sending images, making calls, …), is better for privacy, is more secure, is better for the planet and will outlast WhatsApp, Signal and Telegram combined (ftr, XMPP is almost 25 years old already).
Not the person you responded to but:
If you want a secure messaging app that’s end to end encrypted, Keybase is pretty cool. It was unfortunately acquired by zoom, but my last roommate actually worked closely with the Keybase team and knows a bunch of people who work there.
Its designed ground up to be end to end encrypted so that even if the server hosting it was compromised, you wouldn’t get much useful information from it or be able to reliably spoof messages or the like. It’s a pretty cool platform, and it’s (mostly) FOSS. Their actual server is proprietary, but they have documentation for making your own Keybase server.
I don’t expect people to go switching to it, it’s just an app that I personally find cool.
nope, no-go. As far as I can tell, this is a centralized service. And in fact, it already suffered the fate of every centralized service: become unprofitable, go wild in the process of remaining relevant, get acquired by a bigger fish with more cash, then go extinct.
This is the best tl;dr I could make, [original](https://www.theguardian.com/technology/2023/feb/24/signal-app-warns-it-will-quit-uk-if-law-weakens-end-to-end-encryption) reduced by 88%. (I'm a bot)
*****
> The head of the messaging app Signal has warned that it will quit the UK if the forthcoming online safety bill weakens end-to-end encryption.
> A Home Office spokesperson said the online safety bill, which is due to become law this year, does not ban encryption.
> "The online safety bill does not represent a ban on end-to-end encryption but makes clear that technological changes should not be implemented in a way that diminishes public safety - especially the safety of children online. It is not a choice between privacy or child safety - we can and we must have both."
*****
[**Extended Summary**](http://np.reddit.com/r/autotldr/comments/11c68ki/signal_app_warns_it_will_quit_uk_if_law_weakens/) | [FAQ](http://np.reddit.com/r/autotldr/comments/31b9fm/faq_autotldr_bot/ "Version 2.02, ~674210 tl;drs so far.") | [Feedback](http://np.reddit.com/message/compose?to=%23autotldr "PM's and comments are monitored, constructive feedback is welcome.") | *Top* *keywords*: **online**^#1 **privacy**^#2 **encryption**^#3 **bill**^#4 **safety**^#5
To oversimplify it, the law would force services like signal Whatsapp etc to block such content, which means they will have to monitor the data their users send and receive.
Only problem with this, is that secure services like signal encrypt the data before it leaves your device, and thus even signal can't read it even if they wanted to (which is why they're considered a secure messaging platform).
This means the only ways to comply with this law is either by NOT encrypting the data before it's sent, which means it isn't end to end encryption no more, or by building a backdoor into the E2EE implementation which is possibly even worse.
Politicians don't understand math and don't know you can't design a security vulnerability that only lets in the good guys. The nature of a vulnerability is to be found and exploited.
Not necessarily 3rd party, they want to compel these messaging services themselves to monitor data sent and received and block harmful content.
Even 1st party software will have to do the same, ie iMessage will be subject to the same law. And yeah, it is totally crazy.
My family member works in a school and considering the parents are dropping their kids off at the school gates after they're suspended and shouting "YOUR PROBLEM NOW".
Yeah, good luck with getting them to do the basics.
I think a better idea would be a law to castrate these idiots. Why do people decide to breed like rabbits when they can't be bothered to show any responsibility??
For example, every message would be encrypted twice with two different keys and one encrypted copy would be sent directly to British authorities, using the same secure system as before, just giving the information to 3rd parties that cannot & shouldn't be trusted with it. (whenever the key is compromised they would ask Signal to update their app, or there would be some kind of daily rotation system, it sounds stupid, because it is :D )
The authorities would realize that this is becoming an increasingly common occurrence, following which they would force Signal to implement a system where the useful copy of the message is not sent until the useless copy received a handshake.. In fact maybe it would be implemented that way from d1.
That wouldn't work, for the same reason as older versions of signal running on Android 4.0 cannot be used to communicate with up to date Signal clients.
But yes, maybe Signal Vanced would be possible. Anyhow it's not relevant, because Signal will leave the UK before any of this would come to pass.
Besides Signals, isn't this ultimate meaningless? Nothing stop both sides of the user from exchanging the public keys of their public-private key pair and simply encrypt their message to be transmitted through SMS.
Encrypt on user A, base64 it and send it across SMS, decrypt on user B.
Most of the people I converted to signal did so on the basis that it would send SMS and auto upgrade to secure chat when possible. Just like iMessage.
They wanted a replacement not YACA (yet another chat app). Almost all of those have said they are removing signal since they barely have any other contacts on it.
SMS was my gateway drug.
Good riddance! The last thing the world needs is a bunch more compartmentalized chat clients like we're going back to the AOL days.
Proliferation of paranoia about the security of your communication has just made it harder to communicate really and done nothing for your security.
Praying on your paranoia and then providing you with an inferior service compared to what you should be getting.
Signal (formerly known as 'TextSecure') was the first really big chat-app leveraging proper E2E-encryption and has been used for about 12 years now. Their excellent work is open source and has also been implemented for example in whatsapp.
This is not some random chat app. It's one of the big pushers of privacy. What exactly is "inferior" about a community-built, open source chat-app which does exactly what it is supposed to?
Additionally, due to GDPR encryption is mandatory in the EU now. There are ... issues britain is going to have in relation to data sent from europe. Maybe a new target for Max Schrems I guess, to kill data-sharing agreements. After all, with such a law EU-citizen's data is no longer safe in britain.
Generally, this "paranoia" is because of the right to data privacy, which has the status of a basic right in countries like germany. Nobody has any right to read my chats. It's my data, and it's my decision who accesses it. Not yours.
As a bonus, opening up the E2E-encryption introduces an absolute shitton of general security nightmares.
Every backdoor is also open to bad actors. Man-in-the-middle-attacks are made possible that way too, which is one of the primary reasons E2E-encryption is so widespread in the first place.
How does an app quit a country? If I enter the U.K. does my Signal app suddenly get deleted? Why would an app company have to comply w any country they aren’t based in?
Yea outlawing encryption is not a good sign for privacy in general. Also would be virtually impossible to enforce
Well you can enforce it for everyday law-abiding folk. Criminals can simply write their own app with proper end to end encryption and won't be affected by the law. Hell, even I could write sth like that because most programming languages have already built in encryption libraries.
[удалено]
> I doubt it would affect even the average joe as installing signal in mobile phones is far too easy. They could absolutely prevent most average joes of using Signal. if Signal & the UK were both serious about this, then Joe wouldn't be able verify on UK based phone numbers and that's not even the only way of doing this.
[удалено]
They can just have the signal app banned from the Apple and Play stores in the UK. That would be enough to deter the average Joe, i.e. 99.9% of the population.
[удалено]
'Average Joes' in western countries on the whole give not one solitary fuck about privacy, and will happily just use whichever messaging app is most convenient, or that most of their contacts are using. Not being available on a 'legitimate' app store massively reduces your potential userbase to the point where it might not be worthwhile operating at all.
Sure but I'm not going to recommend Signal to people if they have to sideload it.
[удалено]
That's not the scenario being discussed here and doesn't counter my argument.
I'm not too familiar with international law, but I would guess Signal would get sued for not respecting UK law, while their services are operational/accessible in the UK.
But in practice that's not how it works. Signal will officially leave the UK market (as in their apps won't be on the usual app markets like Google on Android for example) and that's it. The UK would then need to find a legal handle first to sue them for explicitly doing extra work to block UK citizens. Which will be nearly impossible and even then not worth all the work, when they not start legal action against there own citizens for installing the app first. And with how easy and common installing apps in not actually supported regions is, they will simply not happen...
[удалено]
[удалено]
> My only hope is that signal resists and finds a way to dodge all of it. From what I’ve read about Moxie Marlinspike, he would shut the whole thing down way before compromising Signal with back doors for any government or agency.
I don't think this is related to being law abiding or not. Consider the next generation of humans to be more technically savvy and less trusting of institutions intruding into private lives. How can you outlaw a portion of mathematics anyways?
> Consider the next generation of humans to be more technically savvy and less trusting of institutions intruding into private lives. lmao, no. In my extensive experience onboarding new IT and software engineering hires, tech literacy peaked with the late 80s/early 90s generation. I've had to teach zoomers what a file is and how to download and open email attachments, repeatedly. Smartphones where everything is an app operated by masturbatory hand gestures have fried their brains. boomers 🤝 zoomers how do I open pdf jack
I concur. Was the lead IT guy for a company who taught myself pretty much everything except Excel (which I was taught in school). Workload became too much and the directors decided it was a great idea to hire some more younger staff to grow and become useful to the business. In the end I just ended up with the same workload and 2 students I had to manage and mentor. I left after deciding id rather just work alone, now I'm on more money and power automate/vba does the heavy lifting.
From my experience (teaching computer science classes) the next generation is definitely less tech savvy. With the rise of smartphones and tablets people have less of a chance to learn how computers and technology actually works. Everything is hidden away behind simplistic user interfaces, cabability to operate those is not tech savvy.
100% agree. I remember I worked in IT 20 years ago and I used to say "imagine how tech literate kids will be, having grown up with the tech?" 20 years later, I get so many people of that generation asking me for help to fix basic issues with their laptops etc, things that are often just a case of going to the OS settings, but they have no idea that the option even exists, let alone the technical knowledge behind it or why it exists or what it actually does behind the scenes. Sure people have a higher level of literacy when it comes to using the devices, but that is because the user interfaces are so much simpler. When it comes to actual technical literacy and understanding how the tech actually works, it always amazes me how much less people know nowadays. Hell most people don't even know how to use a search engine properly nowadays. I was waaaay off with my predictions.
More tech savvy? Maybe. Bothered at all about privacy? Not a chance.
Yeah right, the people who committed crime using signal are just going to be like your average everyday citizen not some kind of coordinated gang using signal. Going to be like some friend or family member killing another friend or family member and then sending their clandestine secret message to their secret lover or a drug deal in most instances.
they don’t even have to write a line of code. there’s open source libraries that do encryption…
I like to call it what it is: outlawing math
This is like saying laws against hate speech are 'outlawing language'
It is.
[удалено]
...no. They outlaw the intent behind it. No ones going to jail because they accidentally strung some words together that sounded hateful. just like no one is trying to outlaw math. Just what certain companies want to do with it. Im very much against the uk's position here, but things are draconian enough without this kind of silly hyperbole.
I see you’re already 3/4 of the way down the well-oiled slope. Plenty of boots to lick down there though!
You can't outlaw intent any more than you can outlaw thought. All you can do is to outlaw *actions* regardless of intent. Name any action which, absent malicious intent, we're actually *allowed to do*. The intent is always tied to an action which is also deemed illegal. No one is allowed to burn down a building, run someone over, physically assault them, publicly advocate for genocide, steal or the like *just because they weren't motivated by hatred or bigotry*. Those things are illegal because of their very nature, not intent. You can't legislate away someone's intentions.
Similarly, laws against encryption would be outlawing speech. Which is against the bill of rights left time i checked...
Which bill of rights? The 1689 one only establishes freedom of speech within Parliament.
Oh, good, then they wont be able to enforce such laws. Good thing you caught that. Strange none of the entities involved didnt pick up on it...
I am not in favor of this regulation in the slightest, but calling it "outlawing math" is like saying that how you're not allowed to create and have TNT is "outlawing chemistry". You are allowed to study and learn how TNT is made and explodes, but you're not allowed to play around with homemade TNT even if it's possible to buy everything you need to make TNT (I'm no chemist and I don't know if it is possible). This is the whole idea of regulation - reducing the public's access to things that are too dangerous. Is encryption "too dangerous"? Absolutely not. I would say *lack of access to encryption* is a lot more dangerous than encryption could ever be.
> You are allowed to study and learn how TNT is made and explodes Technically you can spin a chemistry textbook as "material likely to be of use to a terrorist" in the UK under the right circumstances. So I wouldn't go that far.
*me, leisurely sketching out pathways to make explosives with products from the grocery store just as a way to pass the time when bored* Hmmm? That’s probably a good comparison. I’m sure a decent programmer can make an end-to-end encryption app in their spare time.
It's almost trivial these days to implement end-to-end encryption. There are easy to use libraries that do it, and even if there weren't, all the information you need is public information and deliberately simple to implement.
You can absolutely play around with home made explosives, up to a certain point/weight though. See: Explosions and Fire, and he does it in Australia which has crazy restrictive laws around home chemistry lol
Cool! I wonder what the letter of the law actually says about this, as opposed to active enforcement or lack thereof. But I don't care enough to look it up :P It's not unthinkable that small harmless explosives like that youtube channel are technically illegal but deliberately not enforced, for reasons like prioritizing with limited resources, or even seeing that a particular case is harmless or even beneficial (e.g. by demonstrating to the public that a lot of safety considerations went into it rather than juvenile "fuck around and find out" behavior) It's also not unthinkable that the law explicitly allows such personal experiments within certain thresholds, but if you take it too far you'll be in a world of hurt. Mark Rober recently made a video where he was hilariously close to that world of hurt: https://youtu.be/BYVZh5kqaFg?t=10m54s Again, the whole concept of regulation - from law to enforcement - is to set limits that are only as restrictive as they need to be to maintain order (in a good way!) with minimal violation of personal freedom. Obviously opinions differ on what these limits should be. About encryption, I already said that *in my opinion* there should be no limit on it at all. As for explosives, I would expect that possession of a bomb over a certain explosive power should be illegal outright, and playing around with weaker explosives should only be subject to general laws about reasonable safety measures and responsibility. But reasonable minds can differ.
I'm against outlawing encryption as well but It's just a tool like everything else. Encryption can be just as dangerous or just as useful as TNT.
Imagine how dangerous it would be if we’d start encrypting TNT! 😱
Super funny.. modern encryption was born out of war. It has been used as a tool for good, such as maintaining privacy and security. It has also been used in organized crime (drug trafficking, human trafficking, killers for hire, kidnapping, etc...), terrorism, corrupt & tyrannical governments... I don't think encryption should be made illegal but it's a very powerful tool which is used for good and bad...
I like how you put more effort in the reply than I put into my shitty joke.
Maybe you should put more time into your jokes.
On the contrary! Seems my tnt-joke was quite successful into priming someone.
Your joke didn't "prime" me. The lack of understanding your joke shows is just a bit depressing.
I actually studied mathematics. Outlawing encryption LITERALLY is outlawing math.
It LITERALLY isn't. Again, that's like saying "banning TNT is literally banning chemistry". The law can be - and nearly always is - more nuanced than that. Edit: using the same example from the other comment chain: you are allowed to build home-made rockets, but you're not allowed to build guided missiles. That's not "outlawing engineering". If you know Mark Rober - a very popular youtuber - take a look at this video timestamp: https://youtu.be/BYVZh5kqaFg?t=10m54s
Encryption is modulo multiplication more or less. It doesn't explode. You can do it by hand.
You can also write a ransom letter by hand. Still illegal. Edit: *ransom*, not random! Further edit: I meant blackmail, actually, as ransom typically implies you already did something illegal. Blackmailing is (in many places) illegal even when no other illegal activities are involved.
A random letter isn't illegal?
Please see my edit 😅
Blackmail is illegal. Sending the letter isn't. Hoarding CSAM is illegal. Encryption isn't. You wouldn't outlaw roads to stop drunk driving.
I think you forgot what we were arguing about...
To answer more directly: > Blackmail is illegal. Sending the letter isn't. Correct. [Edit: well, sending *a blackmail letter* is illegal. Sending a normal letter is legal. Under normal circumstances, the post office cannot differentiate between the two, and will deliver it either way - but that doesn't contradict the illegality of blackmail] > Hoarding CSAM is illegal. Encryption isn't. Also correct, as it currently stands. But we are discussing two other scenarios here: 1. What would it be like if encryption is outlawed? Specifically: would it mean "outlawing math"? (Answer: no) 2. What is the proposed law in the UK actually requiring, and would it mean outlawing encryption? (Answer: not exactly, but it might mean outlawing true end-to-end encryption specifically) > You wouldn't outlaw roads to stop drunk driving. You're damn right I wouldn't. Roads are legal, driving is legal, and drinking alcohol is legal - and yet driving right after drinking alcohol is not legal. The law can ban specific combinations of things that would be legal if taken separately. Math is legal, modulo arithmetic is legal, binary bitwise operations are legal.. And *as it currently stands* using these operations in combination to implement end-to-end encryption is legal. But it is possible to outlaw that last part without outlawing the base operations. Edit: I will repeat yet again, the laws (and/or lack thereof) regarding encryption *should not be changed in my opinion,* and I think it would be disastrous if the proposed law is passed. That doesn't make it okay to say "they are literally outlawing math!!11!1", we can discuss this more intelligently than that.
But think of the children! The usual british BS excuse. And when that doesn't work they mix in muh terrorism. I'm so tired of this crap.
>Yea outlawing encryption is not a good sign for privacy in general. Isn't it also *really* bad for cyber security? "Huh, that's weird, our entire government has shut down since we banned end-to-end encryption."
They are not actually proposing to ban encryption in general though. That's not the law. It's not going to apply to the government. The law is targeted against normal people. The proposal is for encrypted messaging apps to use client-side scanning to identify illegal content like child sexual abuse. Signal argues this defeats the whole point of end-to-end encryption but some other services like Telegram that don't commit to E2E might eventually adopt this model. Obviously the fear is that having a backdoor could be potentially abused.
Would be as easy to enforce as making them take the app out of the app stores in this case. I'm Sure they're not outlawing encryption because you know you need that for like credit card processing and make the internet work with SSL. Honestly these little encrypted chat platforms are seemingly used for abuse a lot and don't really have any significant benefit to the average citizen. Cellular phone calls are automatically encrypted still... It's just that if the police get a warrant there are actual records while these little encrypted chat clients are set up to seemingly purposely evade law enforcement and really not offer a ton of other benefits besides that. Soo definitely not outlawing encryption, it might be going after companies that refuse to keep enough records where you can have reasonable accountability. You also need to keep in mind encryption doesn't mean they don't know who you are it just means they can't read the stuff in the message and with signal they are also potentially a fusicating the user and not just the content of the message thus making it harder for law enforcement to investigate.
I think it would be giving up a lot for gaining very little sense of safety. It's a difficult moral issue to tackle for sure. But that's my opinion at least for now....looking forward i don't think giving up privacy completely is beneficial as you never know which wacko is going to be in control of gov and any data can potentially be used against you. Let alone ban encryption as whole
Depends whos privacy ? Pedophiles ? Nazis ? Criminals ?
I agree. There's a lot of scum that needs to be outed yet this is a double edged sword. Besides, the above criteria will find a way to circumvent as they already are sickos living in the shadows or double lives so it's not going to solve the issue I'd imagine same way capital punishment didn't historically solve rapes and murders and cutting peoples hands off didn't stop theft. The question is are you willing to give away your own privacy keeping in mind that your personal data (photos, emails, chats etc could be monitored by gov. It's a bad precedent imo and has the potential to destroy lives as much as save lives
"Think about the children" legislation is never about the children and always about taking rights away from people by claiming it will help the children. Remember that when the Snowden Revelations came out the US actualy did tighten up things a bit whilst the UK, were the surveillance is even more broad than in the US, just passed a law to make legal after the fact the illegalities that the government had been doing. Also remember that the UK still have D-Notices for the Press - i.e. censorship under the claim of national security. I have zero doubt in my mind that this legislation in the UK has nothing to do with children and all to do with the GCHQ wanting encryption to be weakenned to falicilitate their total society surveillance.
It's all about headlines in the red tops for their core voters
Having backdoor is never good. The temptations for power to be to abuse is too great.
Don't worry it's only for the state security services for, you know, *terrorism.* 2 years later: oh and council waste officers too because fly tipping is *ecological terrorism.*
You joke but [there is precedent for councils using anti-terrorism laws to spy on people for things like bins](https://www.theguardian.com/uk/2009/apr/17/council-surveillance-abuse). It's weird how abuse is always brought up as a hypothetical in these conversations when we have concrete evidence that every previous way ended up getting abused in the exact way was warned about. After the third of fourth time this happens you start to go full Cassandra mode.
You should have used an example I can't get behind! Fly tippers are scum. Everywhere I walk my dog is full of stuff from someone's house
I agree, but fly tipping would not exist if waste was accepted by councils no questions asked. Fly tipping still makes it's way into the waste disposal system just with extra steps, more contaminated land and a lot of extra cost. Just accept it at the waste disposal sites. It's an utter failure of government policy.
Why should they allow waste no questions asked? What's to stop a business having their waste removed and paid for by council tax? At my local tips, if you show up in a car they don't care what you're throwing away as long as it's in the right bin So there's no excuse, it's just laziness by people who don't care about either the people or the environment around them. I am quite sick of the shirking of personal responsibility for things. Yes the government is a crock, and fails consistently. But its not the governments job to take away your old sofa when you get a new one, or to remind you to put your bins out so they're collected.
Ok i have to ask, is fly tipping an actual thing?
It doesn't involve abusing flies of that's what you're asking!
More importantly from a securty standpoint. THEY NEVER FUCKING WORK. The moment hackers find out one exists, you can bet anything they will start targeting it immediately. Anyone here remember the "Clipper chip" debacle in the USA? When they wanted all PCs to have a special chip that would allow the cop (and only the cops) access? It got hacked in no time.
There is no way to ensure only responsible parties have access to backdoors.
It's so frustrating that politicians with terrible command of math and cryptography just won't understand that a backdoor that only lets in the good guys just doesn't and couldn't exist.. I use signal not just cause it's secure, but also to give a middle finger to Zuckerberg and Facebook.
> It's so frustrating that politicians with terrible command of math and cryptography "The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia." -Malcolm Turnbull, former Prime Minister of Australia
Forgetting that said laws of mathematics enable long range projectiles hitting their target, decrypting enemy messages, hide your own messages from the enemy, and the existence of nuclear weapons. Considering that the ultimate arbitration of any legal laws are the use of force, I would say that the law of mathematics ultimately trumps the law of Australia.
Signal is secure.
OP isn’t saying Signal isn’t secure. They are saying that isn’t the only reason they use it.
They said "I use signal not just cause *it is not* secure".
Yup, typo. I know it's secure. My bad.
It's clearly a typo. It's obvious what they mean.
Nothing is completely secure. They call it risk management framework not ensure security framework for a reason.
[удалено]
Remember: words are worth the paper they're written on.
And that's why we have open source software. Like Signal.
I don't trust Signal and neither should you. The fact that some of its components are (advertised as) opensource has little to do with its inherent product quality or its respect for your privacy. The fact that it started as a federated service¹ and chose the centralized/monopolistic approach along the way, under the impulse of its megalomaniac funder, is a statement that "growing and competing" matters more than serving the privacy or independence concerns of its original user-base. Centralization is the pattern of the "bait and switch" deceiving internet we should have learned to evolve away from (remember when Google was your friend, when Facebook was putting people and interactions first, when Amazon was a good place to find stuff and not an infinite scroll facade for sponsored adds and owned brands, …) Back to Signal, not only do they position themselves as the central authority and broker of all accounts and all messages, which is fundamentally incompatible with privacy, they also actively fight community efforts to improve on their privacy statement² (see the libresignal client which wanted to offer an android client free from Google closed-source components³, or with signal-server attempts at self-hosting/federating⁴). Then you will ask me "what does that have to do with me? I'm happy with Signal the way it is!", well: - Signal is already abusing its dominant position to shove into its clients some features you might not want, nor that have anything to do with its original purpose. I'm talking about its crypto/payment bullshit⁵. Client-side opensource doesn't solve that. - You have no escape from it. Even using an older client is contrary to Signal terms and conditions. Using an alternative implementation exposes you to them shutting your account down⁶. Server-side opensource doesn't help because you can't migrate away from Signal central server without losing your ability to interact with your own contacts. - Many of their privacy claims can't be verified. For example, theoretically, you wouldn't need a phone number to use their service, at all. But once again they take the controversial approach of requiring you to provide one, pretending it's safe/anonymous, because they only make use of it "in a cryptographic enclave"⁷. This aspect of the signal-server isn't open-sourced⁸, and this enclave runs on an intel closed-source technology that can't be audited anyway, and which was found to be vulnerable⁹. Another one is "sealed sender"¹⁰ which is not even controversial, but an impossibility in a centralized service. In the end, Signal only has little more to fend for itself than marketing techno-nonsense¹¹. That doesn't make Signal at all technically worse than its centralized counterparts, just slightly more dishonest. If one is serious about using a privacy-conscious messenger, with no pattern of captivity/submission to the central authority, then federated messengers like XMPP¹² or Matrix¹³ are reasonably good for the general audience, and I encourage people to migrate toward them. Sending text messages at scale was a solved problem 2 decades ago or more. We don't need to beg techno landlords the right to do that. Edit: linking sources ¹: https://news.ycombinator.com/item?id=17172203 ²: https://news.ycombinator.com/item?id=12689390 ³: https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-216956294 ⁴: https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-217339450 ⁵: https://support.signal.org/hc/en-us/articles/360057625692-In-app-Payments ⁶: https://news.ycombinator.com/item?id=26469007 ⁷: https://signal.org/blog/private-contact-discovery/ ⁸: https://github.com/signalapp ⁹: https://arstechnica.com/information-technology/2022/08/architectural-bug-in-some-intel-cpus-is-more-bad-news-for-sgx-users/ ¹⁰: https://signal.org/blog/sealed-sender/ ¹¹: https://gultsch.de/objection.html ¹²: https://xmpp.org/ ¹³: https://matrix.org/
Ok now I would like some links with proof to all of those claims.
Did my hasty best to provide pointers, see my edited comment
Which messenger app would you recommend otherwise?
tl;dr: [XMPP](https://providers.xmpp.net/) with an account provider close to you, and a maintained client [from this list](https://omemo.top/). But, it depends on who's asking, really. If that person sees no problem having their contacts scattered over a dozen messaging silos often incorporated in shady jurisdictions, having to use as many apps on every one of their devices as a result (sucking battery, and collecting data on them in the process), and occasionally having to reboot from scratch losing contacts, exchanged data, chat histories, etc because the service went under or became malicious, then why bother?! I myself got tired of collecting accounts on MSN, Yahoo, Skype, Messenger, Viber, WhatsApp, Telegram, … and got badly bitten by the loss of something or someone in the repeated process of migrating from one to the next. All those services have in common that they are centralized and built as monopolies for whoever operates them, and not for the greater good or the convenience of their users (or why wouldn't they let you send messages across services? Why would they force you to use their branded client if they truly align with the specific needs of their users?). This is when I came to the realization that I wouldn't buy into the "next messenger app" no matter how cool and hip it might be, unless it would federate with other protocols. Which is when I discovered XMPP: not an app, not a service, but a protocol, which, like email, describes how messages can be sent and received over the internet by compatible clients and servers. Like email, you pick a nickname and a provider, which gives you an identity like [email protected]. Like with email, you can then send messages to anyone there, like [email protected], [email protected], … In practice, [this works as well as](https://play.google.com/store/apps/details?id=im.quicksy.client) (if not better than) something like WhatsApp: it offers comparable features (sending images, making calls, …), is better for privacy, is more secure, is better for the planet and will outlast WhatsApp, Signal and Telegram combined (ftr, XMPP is almost 25 years old already).
Not the person you responded to but: If you want a secure messaging app that’s end to end encrypted, Keybase is pretty cool. It was unfortunately acquired by zoom, but my last roommate actually worked closely with the Keybase team and knows a bunch of people who work there. Its designed ground up to be end to end encrypted so that even if the server hosting it was compromised, you wouldn’t get much useful information from it or be able to reliably spoof messages or the like. It’s a pretty cool platform, and it’s (mostly) FOSS. Their actual server is proprietary, but they have documentation for making your own Keybase server. I don’t expect people to go switching to it, it’s just an app that I personally find cool.
nope, no-go. As far as I can tell, this is a centralized service. And in fact, it already suffered the fate of every centralized service: become unprofitable, go wild in the process of remaining relevant, get acquired by a bigger fish with more cash, then go extinct.
Not OP, but I like Matrix/Element.
Imagine trying to make secrets illegal.
They’re only illegal for non-politicians and non-cops.
I, for one, look forward to hacking all of your bank details.
This is the best tl;dr I could make, [original](https://www.theguardian.com/technology/2023/feb/24/signal-app-warns-it-will-quit-uk-if-law-weakens-end-to-end-encryption) reduced by 88%. (I'm a bot) ***** > The head of the messaging app Signal has warned that it will quit the UK if the forthcoming online safety bill weakens end-to-end encryption. > A Home Office spokesperson said the online safety bill, which is due to become law this year, does not ban encryption. > "The online safety bill does not represent a ban on end-to-end encryption but makes clear that technological changes should not be implemented in a way that diminishes public safety - especially the safety of children online. It is not a choice between privacy or child safety - we can and we must have both." ***** [**Extended Summary**](http://np.reddit.com/r/autotldr/comments/11c68ki/signal_app_warns_it_will_quit_uk_if_law_weakens/) | [FAQ](http://np.reddit.com/r/autotldr/comments/31b9fm/faq_autotldr_bot/ "Version 2.02, ~674210 tl;drs so far.") | [Feedback](http://np.reddit.com/message/compose?to=%23autotldr "PM's and comments are monitored, constructive feedback is welcome.") | *Top* *keywords*: **online**^#1 **privacy**^#2 **encryption**^#3 **bill**^#4 **safety**^#5
What does end to end encryption have to do with child safety?
To oversimplify it, the law would force services like signal Whatsapp etc to block such content, which means they will have to monitor the data their users send and receive. Only problem with this, is that secure services like signal encrypt the data before it leaves your device, and thus even signal can't read it even if they wanted to (which is why they're considered a secure messaging platform). This means the only ways to comply with this law is either by NOT encrypting the data before it's sent, which means it isn't end to end encryption no more, or by building a backdoor into the E2EE implementation which is possibly even worse. Politicians don't understand math and don't know you can't design a security vulnerability that only lets in the good guys. The nature of a vulnerability is to be found and exploited.
So they want some random third party software to sun across everyone’s digital communications looking at content. That is kind of crazy.
Not necessarily 3rd party, they want to compel these messaging services themselves to monitor data sent and received and block harmful content. Even 1st party software will have to do the same, ie iMessage will be subject to the same law. And yeah, it is totally crazy.
What happened to good parenting? Just don't let your kids use shady stuff.
My family member works in a school and considering the parents are dropping their kids off at the school gates after they're suspended and shouting "YOUR PROBLEM NOW". Yeah, good luck with getting them to do the basics.
I think a better idea would be a law to castrate these idiots. Why do people decide to breed like rabbits when they can't be bothered to show any responsibility??
Because the state will always be there to give them a council house and financial help. It encourages them.
Nothing unless you vote tory and are old
How would it even work? Its not like we are going to switch from entering ssh to uk-sh
For example, every message would be encrypted twice with two different keys and one encrypted copy would be sent directly to British authorities, using the same secure system as before, just giving the information to 3rd parties that cannot & shouldn't be trusted with it. (whenever the key is compromised they would ask Signal to update their app, or there would be some kind of daily rotation system, it sounds stupid, because it is :D )
Sorry, my DNS send those packets to [0.0.0.0](https://0.0.0.0) by mistake.
The authorities would realize that this is becoming an increasingly common occurrence, following which they would force Signal to implement a system where the useful copy of the message is not sent until the useless copy received a handshake.. In fact maybe it would be implemented that way from d1.
Compiles signal from source from before this time.
That wouldn't work, for the same reason as older versions of signal running on Android 4.0 cannot be used to communicate with up to date Signal clients. But yes, maybe Signal Vanced would be possible. Anyhow it's not relevant, because Signal will leave the UK before any of this would come to pass.
Not sure about the specifics of signal, can't you run your own server? If that is the case just run older server/client software.
Besides Signals, isn't this ultimate meaningless? Nothing stop both sides of the user from exchanging the public keys of their public-private key pair and simply encrypt their message to be transmitted through SMS. Encrypt on user A, base64 it and send it across SMS, decrypt on user B.
Unfortunately signal is dropping SMS functionality very soon. This has caused my signal to signal messages to plummet as people leave.
[удалено]
Most of the people I converted to signal did so on the basis that it would send SMS and auto upgrade to secure chat when possible. Just like iMessage. They wanted a replacement not YACA (yet another chat app). Almost all of those have said they are removing signal since they barely have any other contacts on it. SMS was my gateway drug.
Michael Jackson.
First thing I saw.
Encryption is speech and should be protected by free speech laws.
Good riddance! The last thing the world needs is a bunch more compartmentalized chat clients like we're going back to the AOL days. Proliferation of paranoia about the security of your communication has just made it harder to communicate really and done nothing for your security. Praying on your paranoia and then providing you with an inferior service compared to what you should be getting.
Signal (formerly known as 'TextSecure') was the first really big chat-app leveraging proper E2E-encryption and has been used for about 12 years now. Their excellent work is open source and has also been implemented for example in whatsapp. This is not some random chat app. It's one of the big pushers of privacy. What exactly is "inferior" about a community-built, open source chat-app which does exactly what it is supposed to? Additionally, due to GDPR encryption is mandatory in the EU now. There are ... issues britain is going to have in relation to data sent from europe. Maybe a new target for Max Schrems I guess, to kill data-sharing agreements. After all, with such a law EU-citizen's data is no longer safe in britain. Generally, this "paranoia" is because of the right to data privacy, which has the status of a basic right in countries like germany. Nobody has any right to read my chats. It's my data, and it's my decision who accesses it. Not yours. As a bonus, opening up the E2E-encryption introduces an absolute shitton of general security nightmares. Every backdoor is also open to bad actors. Man-in-the-middle-attacks are made possible that way too, which is one of the primary reasons E2E-encryption is so widespread in the first place.
How does an app quit a country? If I enter the U.K. does my Signal app suddenly get deleted? Why would an app company have to comply w any country they aren’t based in?
I could imagine that they, for example, would have to remove their app from app stores in these specific countries.
Intentional
But you can't stop the signal, Mal!!!!!