92
linuxxx
6y

The Irish minister Rudd said today (for the second time I think) that 'WhatsApp gives terrorists a safe place to hide and execute their activities. Might be a good idea in the future to ban encrypted chat apps'. (not literally like that but it's a good summary of her points)

Imaginary dialog:

"okay so encrypted chat apps help terrorists and criminals to execute their activities"

"Alright, let's ban water then!"

"Wait what why would you ban water?!? How will ordinary people be able to drink then?"

"Why would you ban encrypted chat apps? How will ordinary people be able to communicate securely?"

😐
😶
😮
😧
😓

Comments
  • 29
    Every schoolshooter played 'killer games', lets forbid them.
    Let's forbid bread, they ate that too.
  • 7
    Funny because chats are excatly like water when you want stop her she always finds her way ;)
  • 6
    Because that is how you stop terrorism. By banning chat apps.

    I wonder who believes them for this shit.
  • 2
    I hope “Irish” is a typo!! 😜

    I properly lose my shit when I hear politicians start spouting on about technology. It simply highlights how completely clueless they all are. Part of you wants to believe there are advisors and experts behind the scene who can guide them on the intricacies of technical things, but the complete horse shit that comes out their mouths suggests those people don’t exist or are routinely ignored.
  • 2
    No, they are not stupid. They are just liars and are not telling people their real intentions.
  • 4
    From today you will not be allowed to breathe air

    Some experience and very expensive researcher in God knows where found out that terrorists use their lungs and breathe air, to help against terrorism threat the European government has issued a new law that forbids to 'breathe air'
  • 2
    @ignuit I am not British but yeah I think my government is equally stupid now that they're going to implement a huge mass surveillance system.
  • 2
    @ignuit I'm Dutch haha :P
  • 1
    To all of those who are saying that politicians say these things because they have no clue about technology/life/their job - I'm not too sure about that.

    There has always been a certain kind of politician who like the prospect of control - and therefore dislike any measures which prevents access to peoples data. I'm sure that many politicians have no clue about technology - but they do have experts for this. I think it's more likely, that they use these kinds of arguments because the majority of the citizens will never know or care how little sense they make.
  • 4
    It's like saying houses should not have locks because terrorists might lock their house so the police can't just walk in. You can't ban what is good for most people because someone will abuse it. You make laws for the exceptions.

    I also really feel that if you don't understand a technology you shouldn't be allowed to make political statements about it. Because you misinform people who don't know better.
  • 0
    @DevMode Whatsapp's encryption is probably one of the best implemented in chat apps today. They use the same protocol as Signal does, iirc, and the same person was responsible for implementing it in both chat services.

    The difference is, of course, that we can't check the implementation of Whatsapp's encryption for ourself (as fast as I know), because it's closed source.
  • 0
    Terrorist drink water! #banwater #stopterrorism
  • 4
    @theCalcaholic I wouldn't call an app one of the best when it saves literally any metadata it can :/
  • 1
    @linuxxx That's why I didn't call it one of the best. ;)

    It's *encryption* is good - but that doesn't prevent Facebook from collecting all your metadata. That's exactly why I'm not using whatsapp.
  • 2
    @theCalcaholic Fair enough :).

    And tbh because it's closed source we can't really know if they're not using a modified Signal protocol version so yah :/
  • 2
    @theCalcaholic What do you use then by the way? Hardly any apps protect your metadata :/
  • 1
    "I don't really understand maths but maths is bad so we should close this one school so then no one can do maths."
  • 0
    @linuxxx
    Sorry for the late response.

    That's true, unfortunately. I dropped Whatsapp's primarily because it claims the right to collect all your contacts' data (not only whatsapp contacts - your phone's address book) and to share it with Facebook. Not only collecting my data but also that of many others so are not even being informed (they might not even have whatsapp) crossed several lines for me.

    (continued...)
  • 0
    @linuxxx

    However to answer your question: It is true that few messengers actively protect your metadata (to be honest I know of none). I use a mixture of several clients. For some I rely on trust in the intentions of the company which is running it (they get all the metadata and in some cases the data as well).

    These are Signal (strong e2e encryption, reasonable trust in their willingness to not share/unnecessarily store metadata because the messengers images depends on it - I didn't check though) and Telegram (probably easily breakable e2e encryption, standard TLS -> metadata and data are on their servers, but I trust in their intentions because they are non-profit and I also trust in their data storage concept; also I don't use it for important stuff).

    Besides I use good old XMPP - usually in forms of the app Conversations which in regards to e2e encryption has not only support for OTR, but also OMEMO and OpenPGP.

    In a better world, we all were using own protocols anyways. :P
  • 0
    @linuxxx I forgot to mention that I own one of the two XMPP servers I'm using and the other one is run by students from my university.
  • 0
    @theCalcaholic Idk about matrix for metadata but at least the only thing that Signal stores permanently is a unix timestamp of the date of registration and one of the last server connection time, both rounded to the day.

    As for telegram, they use their own pretty broken protocol for their end to end crypto, they leak metadata as a **** and as for app-server tls, they use self signed certs without any form of validation == equal to screaming 'please mitm me'.
  • 0
    @linuxxx Didn't know about Telegram's self signed certificates. That's horrible.
    What do you mean with "they leak metadata"? Where to?
    I mean, I'm pretty much stuck with it anyways. My wife convinced most of our friends to change to telegram when whatsapp was bought by Facebook - I'm not going to get them migrating once again. Especially, because Telegram is really cool, feature wise.

    It's still a lot better than Whatsapp, in my opinion, because you need to be actually attacked by someone to be surveilled - but if they really use self signed crypto, that's inexcusable. Let's Encrypt is a pretty low hanging fruit...

    Regarding Matrix.org - I actually learned about it and installed Riot.im yesterday. :D
    I have noone to communicate with through it though.

    What you said about Signal's metadata storage is pretty cool. But do you know how they determine if a user (e. g. from my address book) had Signal installed? Is that information saved on their servers?
  • 0
    @Jop- That's correct. But they made some really bad decisions. It has not been cracked (by whitehats), because they are not given the data which big surveillors would have access to. They organized a ridiculous hacking contest which only 'proves' security against the strongest existing attacker model (which is barely relevant in reality).

    Also they count on security by obscurity since they don't give insight in their implementation (not even for an audit).

    I think they are trying to do the right thing with the messenger - but they did it in a way which is very, very dangerous in cryptography.
  • 0
    @linuxxx neither are the Irish (referring to your "I'm not British" comment) :)
Add Comment