|
Various lawmakers in different countries are proposing to require messaging services to provide a mechanism for law enforcement to decrypt end-to-end encrypted messages. This kind of legislation fundamentally misunderstands how easy it is for bad people to build their own end-to-end encryption layers on top of other messaging systems. I'm not sure if writing code on GitHub to be run in a terminal is going to change policy makers' minds.
|
|
|
|
|
The first time this came up in the US under President Clinton a group of researchers challenged the NSA to decipher their transmission from the University of Hawaii to the University of California. They gave the NSA the exact start time as well as the starting and ending IP addresses. The NSA couldn't decipher it. Turns out they transmitted, in clear, data from the telescopes in Hawaii to their colleagues in California. Needless to say, this was one of the reasons the US stopped, at least for a while, the idiocy of trying to have the government be able to snoop on data transmissions.
|
|
|
|
|
So is US Post service exempt from this. What stopping me encrypting a letter, and communicating if both got the decryption.
add in PO box, and some shady trench coats, shades and hat, I wonder how long before I would be investigated
|
|
|
|
|
25-30 years ago, NSA tried to introduce an encryption chip called 'Clipper' to be included in every phone across the USA (this was before the cellular age). Encryption would be end-to-end, but noone tried to hide the fact that NSA had a backdoor, so they could eavesdrop on every phone conversation in the nation - but "of course" they would do that only under special circumstances of grave crime. Together with Clipper came a ban on any other kind of encryption.
Clipper never was adopted. I think that was a pity. It would have given everyone the freedom to employ any end-to-end encryption without being detected. Or rather: If you were accused of using your own encryption, that would prove that NSA was eavesdropping your phone line, suggesting that you are a bad criminal. If that had happened to me, I guess I would have taken it to court, demanding a compensation for NSA ruining my reputation.
Well, since I am not living in the US of A, it wouldn't happen to me, at least not in the US of A. Norwegian authorities are very eager to follow up demands made by US authorities, so chances are that if US of A had implemented it, we probably would have, too.
In the early years of IP to the home, ISPs let you install SIP software on your PC to replace your old POTS line. There is a selection of SIP clients providing encryption on transmitted data/speech. After a few years, the SIP service was replaced by 'IP phones', which to the customer is a black box with a 1930-style analog phone socket. It uses the same IP line as your ordinary internet traffic, but on a separate channel that you cannot address from your PC. If you ask why you cannot have direct SIP access, you are told that it is 'for security reasons'. I read that as 'because the security services doesn't accept that phone conversations can be encrypted.
Of course I can still install SIP software on my PC and connect to some privately managed SIP server. That would allow me encrypted connections to anyone else connected (directly or indirectly) to the same SIP server. Not to anyone else. Not to any old (but digital, of course) phone - not even unencrypted. The SIP network I would connect to would be a completely closed world, with no connection to neither POTS, the IP phone service delivered by various phone companies or any other eavesdroppable network.
Maybe it never occurred to NSA and their buddies that those cruel criminals may have been using such a closed phone network for years. Maybe even today. SIP clients for Android are available; I guess they can do end-to-end encryption. To the ISP (and eavesdroppers), it would look like another binary data transfer, probably TLS encrypted to the SIP server to hide information about who you are calling. (That might be unveiled by spying on traffic in and out of the SIP site, but if it is big, handling thousands of calls, it would be quite difficult.)
SIP is not for handling the data channel; the intended use is that you and your peer use SIP to agree on a direct channel. Those phone company provided SIP servers didn't do it that way: They gave you a channel where they had the other end - so they could eavesdrop on it. Maybe having managing a SIP server privately, for your own group(s) only, would be better for privacy, after all!
|
|
|
|
|
Go runtime is not aware of the CPU limits set on the container and will happily use all the CPU available. This has bitten me in the past, leading to high latency, in this blog I’ll explain what is going on and how to fix it. Or you could use CPU reservations instead of limits.
|
|
|
|
|
Microsoft now wants you to explain exactly why you’re attempting to close its OneDrive for Windows app before it allows you to do so. Needs an option that says, "Because it's my computer."
|
|
|
|
|
Sean Ewington wrote: "Because it's my computer." But it isn't your operating system. You own a license to use it, not the OS itself.
There are no solutions, only trade-offs. - Thomas Sowell
A day can really slip by when you're deliberately avoiding what you're supposed to do. - Calvin (Bill Watterson, Calvin & Hobbes)
|
|
|
|
|
TNCaver wrote: You own a license to use it, not the OS itself. But ... What I want is not to use it! (or this part of it)
|
|
|
|
|
iMessage serves as “an important gateway between business users and their customers” and should be regulated as a “core” service under the EU’s new Digital Markets Act (DMA), said Google and a group of major European telcos in a letter sent to the European Commission, and seen by The Financial Times. Being designated as a “core platform service” would be significant for iMessage, as it could compel Apple to make it interoperable with other messaging services. My Trillian IM hasn't been able to access Google Chat for about two years now. How about opening up your messaging APIs, eh Google?
|
|
|
|
|
In response to a request for documents pertaining to the decision-making behind the proposed CSAM regulation, the European Commission failed to disclose a list of companies who were consulted about the technical feasibility of detecting CSAM without undermining encryption. This list “clearly fell within the scope” of the Irish Council for Civil Liberties’ request. The next time there are elections for the Commission I will ... hey, wait a minute!
|
|
|
|
|
This again exposes a fundamental problem with the EU - unelected bureaucrats are running the EU.
|
|
|
|
|
In an attempt to boost broadband competition, Canada's telecom regulator is forcing large phone companies to open their fiber networks to competitors. Smaller companies will be allowed to buy network capacity and use it to offer competing broadband plans to consumers. Would be funny if Canada responded to Bell by threatening to nationalize them.
|
|
|
|
|
Sounds like a perfect opportunity for SpaceX to push StarLink in rural (and urban) Canada.
|
|
|
|
|
Chamberlain Group—the owner of most of the garage door opener brands like LiftMaster, Chamberlain, Merlin, and Grifco—would like its customers to stop doing smart home things with its "myQ" smart garage door openers. I felt a great disturbance in IoT, as if millions of garage doors suddenly cried out in terror and were suddenly silenced.
|
|
|
|
|
Researchers combing through some of the earliest galaxies in the Universe have found one that appears to have an actively feeding central black hole. The size of the sun already causes my brain to shut down. Everything about this is beyond contemplation.
|
|
|
|
|
Kudos for not stooping to Kent's level and making the obvious "your mum" joke.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I appreciate the sentiment, but you should know the truth. If I had thought of it, and making that joke meant I could joke faster, I would have done it.
Thanks,
Sean Ewington
CodeProject
|
|
|
|
|
Your mum’s so fat she bends space-time?
TTFN - Kent
|
|
|
|
|
Doesn't everyone?
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Floating windows feature has the most thumbs up (2.89k) in the entire VS Code history. I didn't even know I wanted it.
|
|
|
|
|
Heck SQL Server Studio had that back in version 2012. Except it happens randomly and I never want it.
But will the floating window reattach to the tab bar?
I’ve given up trying to be calm. However, I am open to feeling slightly less agitated.
I’m begging you for the benefit of everyone, don’t be STUPID.
|
|
|
|
|
MarkTJohnson wrote: But will the floating window reattach to the tab bar?
randomly [when you don't] want it
|
|
|
|
|
After more than two years of work, a patch series was posted this weekend for a "fully functional" ffmpeg multi-threaded command-line application with multi-threaded transcoding pipelines being wired up. Is it automatic or does one need to do command line parameter gymnastics?
|
|
|
|
|
I love ffmpeg, but the command line gymnastics are a killer.
|
|
|
|
|
In the previous year, I wrote the program, running on Intel’s first microprocessor – 4004, that computes the first 255 digits of π. But, unfortunately, I was not able to beat ENIAC’s achievement with 2035 computed digits 1. So let’s continue our journey. I'm glad these people exist that dedicate so much time and energy and knowledge into making low level operations as blazingly fast and efficient as they can be, so that the rest of us can use high level languages and not be too concerned with the physical reality of how it actually gets done.
modified 7-Nov-23 18:20pm.
|
|
|
|