I got a response (on very nice thick, embossed paper and green ink) telling me he agrees with me that protecting children online is important and that's why he supports the bill. He clearly didn't read, understand or care what I said.
Something needs to be done. When only the stupid, ignorant or corrupt are the ones willing to go into politics then we are doomed.
It's not even made to be implemented. The previous "extreme porn" ban fell apart. It's made to get headlines. Then next year there will another "make the internet safe" bill. And another. It's no more going to be finished than "get Brexit done", and for the same reasons.
So politicians need to "remove child protection" in order to get their way.
(Yes I'm being glib, but it's possible to short circuit this kind of thinking. The USA have already realised that you can pass any shitty bill just by shoe horning an acronym that spells something like EAGLE or FREEDOM.)
I really don’t think anyone in the UK is going to want every transaction they do online available to the government!
I've emailed my MP several times; I've always had a considered (written) response. Evasive, maybe; they don't want to give hostages to fortune. But they were all evidently read; and in one case, the MP forwarded my message to the Foreign Secretary for comment.
My understanding is that (in the UK, at least) writing to them is one of the most effective ways of influencing them, because the proportion of voters who write in is tiny.
Every time the government wants to invade your privacy they always do the same old song and dance, an appeal to emotion or some sort of boogeyman.
Drugs
The whole 'reason' we get constant illegal searches on vehicles.
Terrorism
The whole 'reason' we get phones tapped and molested at the airport.
Porn depicting minors
Think of the children, we can't have encryption, you don't want to be a diddler do you?
Domestic Firearms
Listen Sir, we cannot let you own or manufacture guns without absurd rules, for your safety (actually the government's safety)
If you ever hear these ridiculous reasons, run for cover, because the populace is about to get a whole lot more butt-fuckin' coming their way from the state.
There's always exceptions to every rule. As Americans, Humans, whatever, we realize that for the majority to have freedoms, there will be an associated cost. The problem is the cost of the regulations almost always are worse in the long run than the benefits of them.
Often each small 'step' seems reasonable, but when added up, it creates a society in which no-one is very free. Read ISAIF section 14: RESTRICTION OF FREEDOM IS UNAVOIDABLE IN INDUSTRIAL SOCIETY for more on the endless crawl of control.
If you look at the MPs from the 1970s or 80s, many of them were still veterans (i.e. old enough to have served in WW2 or done national service). They came from a wide variety of professions: perhaps coal miners or truck drivers in the Labour Party (the younger ones maybe social workers or schoolteachers), or doctors, lawyers or businessmen in the Conservatives.
Harold Wilson, British PM in the 60s and 70s, was a former academic and civil servant of outstanding ability in his heyday. Margaret Thatcher was a former chemist and food scientist. James Callaghan was a sailor. Ted Heath was a decorated veteran.
At some point this intake became more and more narrow. The route to MP and then government or shadow minister is politics at university (probably PPE or Law), work as a Spad for a few years - or work in media and PR - then maybe run for Parliament in a no-hope seat to test your mettle, and finally land a safe seat somewhere. Your entire life is spent inside a bubble of politics and related media and learning how to climb that one greasy pole.
You are not going to learn about tech, or medicine, or how railways work, or what makes international trade happen. Your focus is on the 24 hour news cycle, politics Twitter, WhatsApp gossip, and who is going to say what at PM Question Time. If the Telegraph or Guardian or whatever paper who backs your party says that we must add backdoor encryption to Protect the Children, then you support backdoor encryption, even though you have only a vague idea about it being something like helpfully leaving the key under the mat so the local bobby can check your house for stolen goods.
1. https://news.sky.com/story/tory-leadership-candidate-kemi-ba...
I think that's your problem. You're more likely to have success if you send a letter. Bonus points if it's registered mail. More bonus points if it's hand-written.
(Any staffers who can comment, btw? My experience is purely anecdotal).
The "something" is for normal people to get involved.
Start going to public meetings. Start speaking when public comment is requested. Eventually... maybe... possibly... run for office and take the place of the people you think are making bad decisions.
Yes, the chances are slim. Yes, the process is hard. But as long as people sit around and say things like "something needs to be done," nothing will be done.
There is a framework for change in many countries. But these days too often it's only the fringe who have the time and energy to take advantage of it, while the rest of us make excuses. And, as we see, the fringe are most certainly taking advantage of it.
The whackjobs in office didn't get there by playing video games, whining on social media, and making viral TikTok videos for the lulz.
> The whackjobs in office didn't get there by playing video games, whining on social media, and making viral TikTok videos for the lulz.
I dunno, we've already seen the first Twitter President, and there's a whole coterie of people who seem to have managed to post their way to prominence out of nothing, usually as a grift and towards suspicious ends. But that's a more than full time job.
In any case, it's more or less useless appealing directly to the Tory politicians backing this stuff. You've got to work through (or against) the media they answer to.
Thankfully after reading through the House of Lords draft of the bill (https://committees.parliament.uk/publications/8206/documents...) it looks like E2E encryption is a major concern of the upper house.
They mention that:
1. This will weaken the UKs ability to have private and secure communication services.
2. Will weaken the UKs tech industry.
3. The technology to provide the frankly bullshit notion of “privacy for the good guys” doesn’t exist and would be difficult to foster.
4. Education, “report don’t share” and tackling child abuse at its root (by not massively defunding the agencies responsible for tackling child abuse) are better solutions then setting up an apparatus of mass surveillance.
Hopefully these points will be brought up in the committee stage of the bill, I’m sure they will.
Edit:
Sorry this isn’t from the House of Lords this was from the joint committee before the bill was introduced to the lords.
The quality of leadershio and even quality of lying has declined.
"I'm sorry, I apologize. It's true you said you don't like this bill. While your privacy concerns are valid, the safety of children online is more important. As a LLMP, I must support this bill and I'm glad we agree on this."
Whether it being blasphemy, witchcraft, communism, terrorism or child abuse, just choose whichever is relevant at the current point in time and people will support your cause regardless if it is relevant. Politics within a democracy is just marketing, and fear is the most efficient marketing tool of all.
That's also why you always hear typical cliche's during election periods "during these difficult times", "it's time for change", "we must stay strong", etc. As cringe as it is, it has proven over and over again that it works.
Next he'll say, "Our constituents want this!"
I've written my congressperson multiple times and never gotten a personal reply, but I've heard from the staff of said congresspeople that it still counts indirectly as at least your opinion shows up in the stats they use.
People do not like to be told the truth.. so when all people want to hear is lies and talk of utopia, all you will get is lairs and conmen...
We are doomed...
People manage! They have before, they will this time. Discouraging them doesn’t help. If that’s all you’re willing to do, better just don’t.
Make it painful for the MP to be an asshole.
There is nothing really you can do about it. Even if you vote this government out, the next one will implement this.
Has this ever really happened in the West? Rich have excellent privacy -theu anonimously own property thiugh shell companies, avoid taxes, have lawyers pursue SLAPP cases against media, pay people to stay silent in case of sexual or any other misconduict.v
Just cobsider how long Eipstein got away with jt
We (the UK) already have a great firewall. Try to access thepiratebay.org or other pirate sites, or other sites that the UK gov deems inappropriate (CP obviously), etc. Its just a case of encroaching that same system just a little further, step by step.
People only tend to fight back when large sweeping one-off changes come in. If you consistently and repeatedly wear the other side down, you eventually get your way. How many times did the house of commons vote on brexit? How many times did the US congress vote on Kevin McCarthy becoming speaker? Yeah, as long as you just keep on and on about it, you get your way.
I don't know about the "other sites", but tpb isn't part of any "Great Firewall". It's just ISPs have been required to update their DNS servers to _not_ resolve the DNS record. Even then, there are still quite a few ISPs that have not implemented it. It's why changing your DNS servers to something like Google or Cloudflare means you can easily access tpb.
So blocked websites in the UK are nowhere near on the same level as the Great Firewall.
My guess is those other sites are a bit more sophisticated, or if not, ISPs are willing to comply easier.
Once any blocking requirement is in place, it's only a matter of moving the slider to more technical means of enforcement to plug the holes in the system.
So you're right, the UK is nowhere near China in terms of filtering, neither does it need to be to still become a digital island.
It helps that ISP's want to do a credit check on their subscribers because then they get paid by credit checking agencies (credit checking agencies love checks for utilities because it gives a strong address to name to payment bounced-or-not linkage, so will either do the check for free, or sometimes even pay the utility for it).
So now the ISP can do a credit check on the subscriber to know their true identity, and know they are over 18, before allowing them to access the checkbox to enable porn sites.
What happens if you don't provide your ID, is there a blacklist that only gets disabled if you authenticate?
Do they also enquire about the type of porn, what you intend to do with it, how often, and whether it's wholesome, traditional, honest to goodness British porn or some unbearable thing with pesky foreigners?
In the UK many laws don't take effect immediately, but only on 'commencement' (normally by government order). If you look at the Archives copy of the act in the link, you'll see that there are several sections marked 'prospective' (not yet commenced). Although it looks like section 14 (the operative one which puts a duty to prevent access to under 18s) has been commenced, if you look at the footnote it only has been 'for specified purposes' and if you click through to look at the commencement order it's only actually in force for the purposes of subsection (b) (the Secretary of State may make regulations to define 'commercial basis' for pornography).
Although this is terribly confusing for people trying to work out what the laws are, it isn't unusual. It'll probably sit in this limbo state on the statute book for a good length of time and then be cleaned up by repeal next time the government passes a law in a similar area.
Or it might just sit there. The Easter Act 1928[1] setting a semi-fixed date for Easter is still extant but not in force. There may be older laws yet.
Yes, but it was never enacted because it is being combined into the Online Safety Bill, the same legislation that Signal are discussing here.
And not just porn sites - effectively every site on the internet will have to age verify under the legislation as stands, or make their content suitable for young children.
So fairly UK-wide
Not sure about SNI sniffing as other commenter mentioned and IP block block (erm) I guess it depends on ISP and it's not so clear cut (everybody does it, especially if there's too much abuse from a certain block)
> (CP obviously)
Are there options on the table for dealing with this in a freedom-respecting way? Even if freedom were your only priority, the worse the problem gets, the more political capital the politicians have to shut it down. If it gets worse and worse, it strikes me as inevitable that encryption will be curbed, even in the United States.
Alternately, is there a really compelling argument that CP is not a real problem? Mind you that whatever arguments are out there, I'm going to be looking out for motivated reasoning. It seems like so long as freedom-enhancing technology increases, bad actors doing worse things is inevitably going to be a problem. I'm concerned about this, because (in addition to CP being bad) if it's true, proponents of encryption would be shooting themselves in the foot by being in denial.
What Apple was going to do with the on device hashes?
Both my home ISP (hyperoptic) and mobile network (Vodafone) allow me to access it.
Like police have the right to break into your house to stop a murder, but not if you have a payment dispute with someone
That works for me in the UK on Shell Energy broadband
However I do have great difficulty accessing rt.com I usually get ERR_NAME_NOT_RESOLVED in MS Edge, like right now!
Why are they so scared of Russia? Has the Oligarch money run dry?
Now if its any endorsement for Kasperky AV Internet suite, it picked something up on my machine a few years back, so I booted from the supplied recovery ISO burnt to cd, and it needs to download the latest AV definitions. It was unable to connect to Kasperky's servers, in order to do an offline scan and removal, ergo I was unable to wipe the malware from my machine.
In the past, when I have had my systems so locked down so I can account for every packet of data coming in and going out, my internet connection just goes down so I cant get online. I've even had bios passwords reset locking me out of machines.
On the point of being worn down, it would seem shouting the loudest, or controlling the media outlets works [1]
A suggestion for @ tutanota.com, I've made this to other online email providers, but no one seems interested.
Having a delayed send from servers located around the world.
If anyone is aware of traffic shaping, and traffic profiling, they will know its possible to determine what type of data it is despite it being encrypted.
For example, youtube will send from multiple servers to your device in bursts, its not one continuous stream of data from one server. Obviously this also enables Google/Youtube to work out your exact physical location based on the time the different bursts of data arrives at the device and get reassembled.
Its also possible for the 5eyes+X (5EX) operators to work out if you are typing or reading an email, and when you click send, there is a very small window in which to work out where that email is going.
So if the email comes back into the UK, they will know what email server its being routed to. In time, its possible to work out more stuff which I wont elaborate on, but they can then carry out impersonation attacks on the entity in both directions in order to solicit more information.
Lets face it, how many people get to speak to the same person in a call centre? And do call centre staff remember and recognise their routine customers?
So could your email system have a delayed send built into it, perhaps something like X users from the UK, click send to send an email and these emails could be sent from some of your servers which would ideally be located around the globe?
eg. I log into your service by connecting to the German server, I click send after composing an email and the email is routed in a batch with other users to say the US server before it gets delivered, well after I've logged off and delivered in a randomly delayed timeframe, because most people dont need emails to hit other peoples inboxes straight away, they are busy doing other things. In fact being able to send now could be an opt in, like those times when on the phone to someone and you need to send them an email at the same time, because the 5EX workers will know you are already communicating with someone, and what can they gain from knowing about an email being sent at the same time?
With VPN's the easiest way to work out where VPN traffic is going, is slow down your targets VPN connection and the 5EX operators look for other encrypted VPN traffic that also slows down elsewhere. This is how the 5EX workers can work out what websites you are visiting.
Likewise a VPN that can also include Chaff [2] when the connection goes idle, will also get to hide the type of data passing over the VPN, again affording the user of VPN's some privacy, where currently there are no VPN's affording this. I know some do VPN tunnelling ie a vpn running inside a vpn for double encryption, but that still gives out the type of data and where its going to when you have an infrastructure overview of the internet in the 5EX countries.
And if the VPN service connects to a proxy server that can keep the 2nd and subsequent relays/legs still downloading, the VPN company gets to find out who the 5EX workers might be targeting. At the very least, it would reduce their existing level of intelligence, and expose what secret court orders might be in place with infrastructure company's like At&T's Room 641a[3]
All's fair in love and war!
I'll also point out the obvious, people tend to visit websites that are in their language, this then narrows down the websites and data centres to look at.
However if someone is multi lingual which would have been obtained by the state during the school and college years through lessons learnt and/or by association of being born or raised by parents who are not native speakers of the country they reside in, or are multi lingual, the scope for the websites that could be visited can increase, introducing more legal doubt.
Anyway an insight into 5EX internet surveillance, what GCHQ would call looking for the needle in the haystack, and example can be found here [4].
Its probably best to think of the internet like monitor vehicle movements, you can see trucks moving around, but you don't know what's in them initially, but over time, you can work it out, which is why the EU & UK have agreed the Windsor framework, namely Squid Game Green light Red light [5] customs between NI & GB.
[1] https://www.dailymail.co.uk/sciencetech/article-2333165/The-...
[2] https://en.wikipedia.org/wiki/Chaff_(countermeasure)
[3] https://en.wikipedia.org/wiki/Room_641A
[4] https://cryptome.org/2013-info/09/nsa-br-mx-2/nsa-br-mx-2.ht...
> Why are they so scared of Russia?
This is a mystery for the ages! What reason could there possibly be, in 2023, for blocking a major Russian propaganda/state news outlet?
I mean, I could understand it if there was a war going on, with Russia desperately spreading propaganda specifically to try to get NATO states to see Russia's aggression as being totally understandable and actually our fault, so that we stop sending money and materiel to the people they are frantically trying to murder in order to get them to stop resisting their takeover of their entire country...
/s
In any case, as you mention many countries can already block specific websites and services from being accessed from within their borders.
But I think I trust Signal to know the better approach (whichever they ultimately take - they actually said they'd walk "if the alternative meant undermining our privacy commitments".
I don't think it is practical to just refuse to comply with a government like this - especially if you need to charge money (which Tutanota do) and especially if you're nearby, legally speaking (Are Tutanota in Germany?).
And given that Signal has "walked" from other authoritarian regimes but people in those countries still have ways to use Signal, I'm still betting on Signal.
The UK is not the US in terms of enforcing its laws on noncitizens overseas.
I wonder if the UK government can compel the likes of Apple and Google to prevent UK users installing the apps from their app stores?
You can't be non-compliant if you have no presence in a certain country, and internet doesn't really give a shit about lines on a map.
By non-complying, legally, you're in the wrong. While such an activism is admirable, I'm going to bet that the UK government is going to throw the book at them if they cause too much hassle.
After all it will be all for the "greater good".
https://posteo.de/en/site/about_posteo
https://posteo.de/en/site/transparency_report
"Posteo is an email service provider based in Berlin, Germany, offering paid email accounts for individuals and businesses. The service gained prominence during the aftermath of the post-2013 global surveillance disclosures,[2][3] especially for its high standard security features and relative anonymity as it does not require any private information in the registration process.[2]
Posteo offers support for DNSSEC/DANE and PGP (through Mailvelope in the web interface, which is running Roundcube). Additionally they offer two-factor-authentication via TOTP and use Extended Validation certificates and HPKP for the HTTPS connection.
In 2020, Posteo had approximately 425,000 active mail accounts."
xkeyscore, prism so on shows that all these companies has to comply with patriot laws and they are legally not allow to talk about it
1. Get sued
2. Get a court order to backdoor your encryption
3. Get your doors bashed in by police for non compliance, everything seized, and a criminal case coming your way
It's not like one company can fight its own government.
I don't see any other option if what service you want to provide is illegal where you are based.
You are only left with web access, which is not really practical.
Heck, the country where I grow up is classified as a "hybrid regime" by the UK government, and yet, they don't even think about implementing encryption backdoors or censoring and blocking any media.
It's because the patent of democracy was never granted by the west based on a country actual values, but rather on their subservience to the imperialist system that keeps the west in power. We happily partner with dictators if they play our game and disrupt democracies if they don't.
It works for everything, for atrocities, wars, privacy invasions, freedom curtailment, human rights abuses, police violence, etc.
https://en.m.wikipedia.org/wiki/Lavabit
Chilling. And I found this part extremely sad:
>In November 2015, Levison said that work on DIME was still progressing, although slower than he would like.[35] As of July 2016, posts to the Dark Mail Alliance forum suggest that all collaborators have left the project and Ladar has been working on DIME alone.
Does it mean young people currently dont care about privacy? If there's one thing I applaud the previous generations and my generation (X) is the activism. People dislike Stallman because of his views, but he has the kind of balls that were needed.
Were are the young 20s 30s guys revolting because of this? Were are the new Aaron Schartz, or DeCSS creators, or Napsters of today? Young people need to act and be impulsive.
Young people don't need to act, people need to act, and they are. More and more people are simply withdrawing from digital society (and society as a whole) due to overbearing control mechanisms like this.
We can see it in the subtexts of almost all current issues impacting society being reported on -- mental health crisis, increases in suicide and drug usage, refusing to work, the breaking down of interpersonal relationships.
People are revolting, they're just not doing it in the normal way and I sympathize with them.
Also this discussion about privacy wouldn't happen if snowden didn't show how important it is, it probably would've been banned right after WhatsApp implemented it.
I also think that privacy minded people are a big part of self-hosting enthusiasts.
(just like what every dictator ever said all the time as justification)
But I'm thinking Signal was more along the lines "we don't want to invite litigation".
Both send the same message.
And the only thing worse than being blocked, is their "leaving" the country, basically denying the encrypted messaging to the people who need it the most.
I wish that matrix got the attention it deserves, but right now, we are still stuck with this "better than nothing" solution called Signal.
An app out of these stores has zero possibilities of survival. Average users don’t use (nor want to use) VPNs or hacks to use their phones.
IIRC his approach worked and they yielded until they got dirt on Dagny which they used to blackmail him.
Every country is just going to drift towards socialism until it collapses, making sure that the bullies with guns can extract as much value out of the population on the way out.
They will take your money and shelter it in some other country poor enough that they still need to offer freedom to attract capital and business.
This is not fixable, democracy is a horrible machine that doesn't stop under the disguise of virtue. Your only options is to move to a freer country before it's too late.
What is your proposal? And I don’t mean 20 people living in fishing villages that never fight each other and who don’t have access to all the amazing amenities and technology we have at our disposal.
The relevant paragraphs appear to be as follows, but the guidance looks quite vague...
257. The Government needs to provide more clarity on how providers with encrypted services should comply with the safety duties ahead of the Bill being introduced into Parliament.
258. We recommend that end-to-end encryption should be identifed as a specifc risk factor in risk profles and risk assessments. Providers should be required to identify and address risks arising from the encrypted nature of their services under the Safety by Design requirements.
Source: https://committees.parliament.uk/publications/8206/documents...
Would they in any way be required to?
> Email services
> 1 A user-to-user service is exempt if emails are the only user-generated content (other than identifying content) enabled by the service.
When the government bans something, that's not a polite request. It's backed up by men with guns. How they could possibly think they could get away with just not obeying the government is beyond me.
I’m nervous at the prospect of my Tesla communicating in (to all intents and purposes) plaintext with the mothership. The API for that car covers sensitive features that would make the car unsafe if compromised
Nice. I like it. They have forgotten longer list of countries that are doing or going to the same thing though. I guess not to dilute the impact of the statement.
I do not condone what UK is going to do of course. Just find the argument fishy.
