If abuse is real and e2e is key to it, taking measures against abuse while keeping e2e is important. Fighting against any measure altogether is immoral
The closest approximation, is having a trusted client. This hashing scheme ruins the "trusted client" and I would no longer consider it e2e.
Not to mention that a database of hashes is trivially to expand with content that isn't CSAM. Next thing we know the European equivalent of the Tankman picture is included in the hash to more effectively pursue political opposition or activists.
This would destroy all ability to protest and singlehandedly eliminate democracy in Europe. I'm not exagerating. Climate activists in Germany are already put in "präventivhaft"[1] (preventive detention) before a civil disobedience / crime occurs. A scheme such as this would make it trivial to do at massive scales.
[1]: https://www.br.de/nachrichten/bayern/staatsregierung-verteid...
If techies don't suggest any good alternative measure to prevent abuse then someone else will do it in a worse way and then welcome to panopticon. There's no black and white where tech touches human factor so learn to compromise.
If Democracy falls (which this would result in), everyone will be abused, including children. You can't solve a problem by making a worse problem.
You may want to open a history book and look at what happens to a society when it becomes a panopticon of total surveillance.
How is there a modern epidemic of child abuse?
It's always lurked in the shadows alongside, for example, marriages in 1655 to 14 year old brides ( https://en.wikipedia.org/wiki/Elisabeth_Pepys ).
If anything the modern age can be characterised by shining a stronmger light on the subject rather than sweeping it under the carpet.
If we don't try, we are complicit in their crime by developing technology they use to fulfil their messed up purposes. Hope you sleep well at night!
> Continually eroding more and more security and privacy in our personal effects in return for less crime
How about you fight for your privacy and security in other aspects of life that concern yourself first (security checks, cash controls, etc) and then go after victims who cannot stand up for themselves.
Not at all. I want end-to-end encryption and I want complete control over my computer. I couldn't care less how hard it makes the life of police either.
The "measure" is they get the hell out there and do actual real police work instead of pushing a button and having your entire life revealed to them. There's a limit to how many cops they can spare to tail some suspect. There's no limit at all when computers are involved.
What made people do it before is mental illness. What makes people do it now more and more is additionally profit. The e2e apps and crypto is what drives their profit.
But critically there are ways of keeping e2e without being complicit in crime. Things like Apple's hash matching or requiring all messaging apps to do on device scan are that.
Pretending these compromises are unacceptable because they affect your privacy is a nonce move. You routinely compromise your privacy in much bigger ways in order to live in society, every time you are searched at security or present ID for verification etc, but when it comes to doing anything to help victims who unlike you can't even stand up for themselves you are suddenly the unyielding freedom fighter.
Even things in the neighborhood of Apple's hash and device scans can only detect existing minimally altered images and also fall down to context if they try to detect more general issues like "nude children". We don't even have to get hypothetical about false positives of anti-CSAM measures [0] they're already out there happening. The devices are blind to context and the occurrence of actual CSAM are rare (blessedly) but there's a whole genre of "my kid did something cute in the tub" that look a lot like it without the context to a machine.
[0] https://9to5google.com/2022/08/22/google-locked-account-medi...
No thanks. It's bad enough that our devices often play fast and loose with our privacy as it is, but don't want my devices to be violating my privacy in ways where errors can have legal consequences for me.
Beyond that, these sorts of systems will always be increased in scope by people who want to abuse them for their own purposes.
Any tool that is rendered not useful for bad purposes, has also been rendered not useful for good purposes.
There is no such thing as a compromise. It requires pretending (or ignorance) to imagine that there is even any sort of compromise logically or physically possible.
1. the "fingerprint" can still be silently updated to look for other things like [the current Power's that Be's definition of] "misinformation",
2. false positives can completely fuck over your life
3. it doesn't even work to prevent CSAM, because there will always be an arms race to improve the anti-fingerprinting measures. The "perceptual hashing" algorithms you've heard about don't actually work at all, they're a lie being pushed by commercial interests.
Those three points mean that even message fingerprinting is unacceptable, full stop.
Just within a business or bar or family, dissenting opinions are everywhere. Unlike a business, every little opinion and workgroup and project are a matter of public record and are aimed at affecting public policy. So yeah, it sure seems like "They" are a bunch of hypocrites.
And if you want to go further and lump _all pollsters_ into the group of like-minded, coherent entities that never dissent from eachother ... well, why stop there? Why not the "other party" as well? Or reptile people?
This is simply not true. See e.g. here, how the commission does not publish dissenting internal comments in the official meeting minutes: https://www.ftm.eu/articles/controversy-between-european-com...
But it is actually a person-like entity. It is a weak hivemind composed of humans who have (for the most part) had their own individualistic tendencies suppressed or even eliminated.
It's the most human-like non-human you'll ever see.
It's not unfair to think of it as person-like. It's not unreasonable to think of it as person-like. It is, in many cases, dangerous to think of it in any other way.
But, there are people out there who find it inconvenient to their political ambitions if you think this way (or, really, there are politics-entities out there for whom it is inconvenient and who dangle their semi-individual chelicerae out to belittle and chastise you for it).
> Or reptile people?
Reptile people would be a relief. They just want to eat babies and impersonate the queen or something.
What corrupts people in any position and how would we keep our institutions as clean as possible?
(Hint: It might have something to do with democracy and "working on your behalf".)
Edit: Where does the notion, that an EU body is behind the campagne come from?
Incentives rule the world. The question to ask is what the incentive structure of a politician's world looks like.
But the bad outcomes are just decisions, most of which are neither illegal nor plainly unethical, made so quickly and relentlessly that real people get chewed up by them.
It's literally what the linked article is about.
Smells really bad, but I'm too cynical to believe that anyone responsible will face consequences.
The EU has mechanisms which can deal with this sort of nonsense, however. The comissioners can't pass laws themselves, only propose them. The EU parliament has to actually vote the law proposed by the commission into law and it seems unlikely for this one to pass.
The EU parliament is directly elected by normal people, and is generally rather more in touch with reality than the commissioners are.
Like c'mon folks. It sucks. It's really bad. We should do something about it and stop falling all over ourselves to explain how it's not that bad. You don't think the actual lawmakers are listening to their advice? Of course they are. They elected those proposers.
This weird defense we keep rallying to is tiresome. It's ok to criticize the EU. It's really not a paradise in any sense of the word and many, many of its constituent countries look far less democratic than the US.
My point is that the EU commission is bad, its a shitty system that doesn't work well and needs to be reformed. Pointing at the EU as a whole and saying things like "The EU was caught..." lets the commission (and this commissioner) off the hook.
If we clearly say that the EU parliament works pretty well, and the commission doesn't then its obvious what needs reforming. If you just point at the EU as a whole then the problem looks impossible.
By the way I am no longer a citizen of a country in the EU, I'm from the UK (although I happen to live in the EU currently).
Saying that indirect elections are undemocratic is like saying Switzerland is not a "liberal democracy" because its federal council is elected by the federal assembly instead by direct popular vote.
Then what's the point of them?
They are indirectly elected so that they can submit proposals that would normally be political suicide.
> who is pushing things way beyond her remit
I completely disagree. She is working exactly how the system is designed.
Europe needs to replace the commission with a democratically elected body. One that is elected in a different way to the parliament to get a different cross section of the population.
However as someone in the UK we have the exact same situation with the House of Lords.
And who was almost successful in doing so. She still may be successful a year or two from now.
It is as if the EC was a big carousel of special interests where every commissioner takes his/her turn and others help them pass things, on order to be able to pass their own things later.
A classical oligarchy, the ancient Greeks would immediately recognize the problem.
The US is no better or worse than Europe, it's just a different alignment of values.
The "better or worse" argument is based entirely on each individual's alignment being closer or further away from one alignment or the other. This will come from personal experience, highly affected by the boundary the individual grew up within - which can affect can ones biases in both directions.
Obviously the EU is not without fault, but to be honest, I see more negatives around it, especially on HN than warranted.
Probably a bonus will happen to them.
If this monster is not controlled it will grow to become another USSR, completely stifling all innovation in Europe, 24/7 censoring what is appropriate for citizens to read and see, while continuously spying on everyone, everywhere.
It can't be allowed to continue.
The issue is the European Comission and the Council of Ministers that appoints them.
The EC seems to progressively be filled by increasingly incompetent and unqualified comissioners. But more worrying for me is their increasing affinity with lobbying.
Many legal systems across the EU explicitly prohibit lobbying not sure why we even allow it in the EU.
The main problem with the EU is that it is an entity with a construction aborted half-way.
The EU parlement is a example of what the EU should be. The EU commission is not.
The EU commission was literally intended as a temporary fix for the executive power on the road of a broader European federation.
The federarion never happened. And is very unlikely to happen with the PPE (main European conservative party) and the extreme right dominating the political landscape.
The current state of things, "aborted half-way", is a consequence of social engineering that failed to take into account the possibility that its preferred endgame may not be attractive and that in democracies, going behind the back of the voters can only get you so far.
The integration of the EU basically stopped once it became impossible to hide preparation of new treaties and legislation from the voters by distracting people by something else in the media. This is also case of the legislation we are talking about now. Of course the authors of Chat Control 2.0 would prefer to agree to the entire thing in darkness, but the Internet makes it very hard to conceal the plan.
In part there is a lot of group-think overall - which even separate countries have a hard time fighting, when they even notice it or have a will to fight it. For another problem, there are two countries with disproportionate population and economics weight - they cannot outright dictate with impunity but they are in a position to make everyone else negotiate and mostly agree with them.
And I think that "it can't be allowed to continue" is a dumb idea
It's completely wasted effort and does nothing to stop pedophiles or to protect children.
Said something like "I don't support opting in to pedophilia"
These politicians couldn't give less of a fuck about children. Politics and children do not belong in the same body of text. Finding the words "child", "terror", "drug" and "money launder" in any political text is evidence of bad faith and a perfectly valid reason to completely dismiss whatever's being said. It's almost certain they're trying to manipulate people into giving up freedom for false security by appealing to the eternal bogeymen of society. Communists were that bogeyman once.
https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
Why not use the phone to detect physical and verbal abuse? The microphone is always on for most users, we have algos that can detect the sound of an adult yelling, a child crying, and the percussive sound of a human hitting another human. If 2/3 of those sounds are detected, why not forward that to NCMEC for further review? It doesn't have to be "1 yell, 1 cry, break down the door", it could be a pattern detector that logs the times, the severity, and the mode. If it hears objects being thrown, people yelling, kids crying, why isn't that sufficient to call authorities? How come "think of the children" suddenly doesn't work anymore?
I'm being 50% facetious here because obviously that's a huge privacy issue. But the same logic for CSAM scanning still applies nonetheless. Why only address 1/3 of abuse and ignore verbal/emotional, and physical? Those kids need justice too.
And adultery! Require married couples to register their handsets in the national register and detect when people have sex! And if the phones are too far apart, send morality police with a whip. Ffs.
Big red flag.
I mean, terrorist are now laughing that they nicely annoyed 99.99% of the population that want to travel by air.
We saw the rise of low cost terror, with a knife in a crowded space.
I predict the "free2play" terror with simply wrongly alerting authorities to evacuate mass touristic areas.
We live in a sad era were everyone is just either too afraid or too envious of his neightbors
https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
Just summarily dismiss any argument containing those words. Don't even engage, just expose this charade for everyone to see.
Don’t get me wrong, I don’t trust any proposed laws in their current state, but as a society we trust judges to sentence people for crimes, and referees to call foul in sport - I just wish there was the formation of a legitimate ethics committee which would act in good faith on society, because inevitably rights will erode and without one we will be left with less.
Edit: I’m sure this will be an unpopular opinion, but I’m interested to hear contrasting thoughts, please vocialize disagreements
Moving every cloud service to be EU-hosted is going to look really stupid once it means you’ve just centralized all worlds data under a 24/7 foreign surveillance & espionage dragnet.
If I had to guess, I’d say the amount of money spent globally on lawyers re: GDPR must exceed the gross national product of Greece. For it to all backfire in this way would be quite humorous.
https://news.ycombinator.com/item?id=37958473
This is largely being pushed by people related to an organisation called "Thorn".
https://news.ycombinator.com/item?id=37958473#37962743
Thorn seems to be related to US tech companies. Microsoft, Facebook, Google, Palantir, are all mentioned on the wayback machine version of their website as "tech taskforce" mebers. My interpretation would be that US tech is pushing this law because they know there is money to be made here (providing the scanning systems and collecting as much data as they can).
>According to the Data Retention Directive, EU member states had to store information on all citizens' telecommunications data (phone and internet connections) for a minimum of six months and at most twenty-four months, to be delivered on demand to police authorities.
EU Commissioner as double agent of foreign interference (patrick-breyer.de)
