this post was submitted on 14 Feb 2024
1254 points (99.5% liked)

Technology

59569 readers
3431 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] Aceticon@lemmy.world 3 points 9 months ago* (last edited 9 months ago) (1 children)

As with everything, there has to be Proportionality (are the gains from mandate backdoors on everybody's software or mandatory taps on every phone out there so great they justify the high risk of massive loss of privacy and security of the general population) and ther has to be Independent Oversight, as in, it has to happen with a Court Order which is the result of a Judge having examined the case of the police and determined that there is sufficient reason to break somebody's privacy, same as is necessary for the Police to break into somebody's house to conduct a search, and we're not talking about "special" surveillance courts with secret proceedings that even the defense attorneys can't attend such as the US' FISA courts and the UK's equivalent (whose name now evades me) - though in the UK there are even surveillance systems which, by Law, the Police does not need a Court Order access as they see fit.

Given that the smart criminals - read big, dangerous ones - don't use phones they bought when showing their ID and where they have a contract that they pay from their bank account, and in some cases even use proprietary comms apps rather than the ones common people use (it's not as if it's hard to make an encrypted comms app for anybody with even just a bit of mobile development experience: I can make you one with unbreakable cryptography in a week, but it does require periodic transport of harddisks filled with random bytes because the key is as long as the message) things like mandated backdoors on widelly available comms apps only provide a mild improvement in Police effetiveness whilst openning a massive attack vector on millions, tens of millions, or even hundreds of millions (for the whole of the EU) of law-abiding citizens, hence are a massivelly dispropotionate solution versus other options, such as bugging the devices, direct surveillance of the suspects and so on.

Also for me personally, having lived in the UK, you cannot at all in any way or form trust the Authorities with such power as they will with absolute certainty abuse it. Also even if a country's authorities are squeaky clean, prim and propper today (most definitelly not so in the UK, were they even had surveillance on the Green Party, but most of Europe is better), there is no guarantee the next ones will still be so (remember, most of Europe was at some point under Fascist or Communist dictatorships), and in this day an age stuff once recorder exists forever and can be later fished out and used against you even when back in the day when you said it or wrote it, it's was totally legit.

So it's the balance of pros and cons (i.e. the fail in Proportionality) that makes mandated backdoors on everybody's comms apps for the purpose of surveillance, even under proper oversight by a Court of Law in a country with trustworthy Authorities and proper Laws rather than "funny" surveillance Courts, still be an unacceptable option.

Yeah, you'll always find cases were you're told "if only we had backdoors in every comms app we could have stopped it", same as you would for "mandatory taps in every phone" or "mandatory cameras in every person's home" (though, "curiously", they never mention the problem that with so much data it's way harder to spot those single instances of lawbreaking), but having such things for every single person in a country is still an incredibly disproportinate solution for what it solves.

[โ€“] redfox@infosec.pub 1 points 9 months ago

These are good points, well said.

I agree. Insert great power/responsibility saying.

They always seem to go off the rails.

I would be in favor of mandatory disclosure (though, this would be extremely difficult and costly). I imagine anytime a government privilege was used, especially when behind closed doors, and reviewed by "...the proper oversight officials...", whoever that means, I would rather like the governments to prove it.

I would support an idea that by law, it all has to be documented, and after a reasonable amount of time after the prosecution is complete, they have to disclose everything they did, all the snooping, etc. With redacted private information of course for unrelated people.

This is fairly unreasonable/unrealistic. But for me, if you could see all the cases where a government invaded privacy and link it to all to nothing but legitimate uses, it might help restore some faith/trust in officials.