The idea that moves like this will "keep us safe" is utterly preposterous; there are a multitude of other ways in which terrorists (or the boogeyman de jour) could communicate - are the UK and US governments going to insist on backdooring IRC, Slack and face-to-face conversations? Are they going to outlaw encryption libraries?
I truely fear for the future that western governments, in particular the 5 eyes members, are hell-bent on creating. They denounce China and Russia for their human rights records in one breath, and seek to strip us of privacy and personal rights in the next - the hypocrisy is simply staggering.
What's perhaps even more frightening is that so many people believe that moves like this are to keep us safe, will keep us safe.
The keeping safe argument from government is indeed preposterous. As if that was their mission to keep us safe. Why are they allowing our nature to be destroyed in favor of money/economy? This years heatwaves killed many thousands of people in Europe only, some estimates are in the tens of thousands. This is real deaths in 1 year, not because of terrorist attacks, no fucking backdoor will stop this. And what are they doing? Measures that won't make any difference. The cars will keep driving, the factories continue to produce poisons. Pesticides will still be allowed for better economy at the cost of entire insect species being wiped from this planet in just a few decades. The list goes on and on. It is so sad that I don't really want to listen to politicians anymore. They are the only ones who can change things by law, not me. And what law are they coming with for my safety? A backdoor for Whatsapp and Facebook.. We better ignore all this shit and try to enjoy our little lives for as long it will last.
I can not find any source that many thousands if not tens of thousands died in Europe in 2019 from the heat wave. Can you point me to your information source? I believe you are confusing the 2003 heatwave from over a decade ago with the one in 2019.
The 2019 heat was directly implicated in the deaths of at least 15 people. Five died in France, four in Germany, three in the United Kingdom, two in Spain, and one in Italy. Nine of these were drownings, attributed to people cooling down, and another involved an exhausted farm worker who went unconscious after diving into a pool. The three who died in hot air were aged 72, 80 and 93. Approximately 321 million people were otherwise affected by similar temperatures in the same countries.[1]
The difficulty of attributing deaths to heatwaves is something that comes up in books like freakonomics if I am not mistaken.. At any rate, from that wikipedia entry:
> Netherlands reported 400 excess deaths in the week of the heat wave, a figure comparable to those recorded during the 2006 European heat wave.
Netherlands is considerably smaller than the other nations.. Most put these spikes as a portion* that would have died in the next days weeks, or months lowering statistics later in the year and a portion that would not have.
This becomes more true the further a country moves away from democracy: in a vibrant popular democracy, people will honestly work for their nation's good and corruption is viewed as evil.
Further away from democracy, leaders are purely self serving, successful corruption is seen as a sign of intelligence and whistle-blowers, far from being heroes for pointing out maleficence, are threatened with execution.
And indeed, institutions eventually shift to working solely for the benefit of themselves and the people in charge. Mostly because any that don't are undermined until they do.
>They are the only ones who can change things by law, not me.
I had this thought yesterday as I read about several prominent politicians in Canada, including the prime minister, actively participating in the climate 'protests' that occurred yesterday. Who were they out there protesting? Themselves? They're the ones with the power to change things. Why were they outside with signs instead of in their offices doing something about it?
Not all politicians have equal power.
In the US, the nominations of important positions, the laws and policies are determined by 20 Senators in GOP.
Those 20 senators (from Alaska, Missouri, Arkansas) are answerable to the demands of their constituents. Those people are not asking for Climate Change Policies. It has nothing to do with money, but the values and culture of the constituents.
It is incredible how HN and majority of the supposedly 'smart' crowd completely fail to understand the dynamics of how policies and laws are passed or made in this country or anywhere else.
It is also incredibly stupid to paint all politicians with the same brush, because if you are an immoral, evil politician you'd exactly want that situation. "All politicians are the same", "All media is the same" is the foundational strategy of bad actors.
It has nothing to do with money? How are the values and culture of those constituents determined, if not through vast sums of money spent on propoganda? Protecting the earth - not shitting where you eat - is an inherently sensical idea. The only way that people can align themselves against such an idea is when they are manipulated to believe it is part of a broader conspiracy to ruin their lives. It takes a lot of money.
Also, so what if the bad actors want us to believe that all politicians are the same? What if it were true that they're all the same and evil? Would it still be "incredibly stupid" to accurately assess the state of affairs?
Right? I mean why can't politicians unilaterally change things without convincing the electorate and just fix climate change, the way Kathleen Wynne so successfully managed to in Ontario?
Well we know these actions look good from a public relations point of view. We only need ask if they had any other motivations or if it was only for PR.
> The keeping safe argument from government is indeed preposterous. As if that was their mission to keep us safe. Why are they allowing our nature to be destroyed in favor of money/economy?
I don't think it is quite as simple as this (I'll preface this with saying I don't think we should have backdoors and that I wish we had STRONG encryption everywhere). I think the problem is that different departments have different goals. It is very clear that the CIA and NSA's jobs would be easier if there was a magical tool that let them backdoor in and no one else. The police and FBI would have an easier time doing their job if encryption wasn't a thing. That's definitely true! The issue is who is watching the watchmen? That's why we need checks and balances (specifically by people that understand the tech). These departments are so focused on their goals that they lose track of the fact that introducing backdoors actually creates more work for them (and thus actually makes their lives harder). But as humans we're always focused more on the task at hand and less on the over arching tasks (we're notoriously bad at dealing with large scale multifaceted problems). It all really comes down to these departments thinking "if we had this tool it would be possible that we could have stopped this" (which possible is the key word, because we've seen that they can't. There's just too much data. You're just adding more hay to the haystack). The failure really is at the checks and balances stage, that those watching the watchmen don't understand the motivations nor the consequences, and thus let them do as they please. Agencies running the checks and balances are supposed to be suspicious and critical, not friendly. But these agencies aren't getting the funding nor can they attract those that are tech literate, so there's a feedback loop that is only getting stronger. What I'm trying to say is that there's this long chain and things are broken at many stages and that if a single stage was fixed there would be significant improvement. Basically solving at any single stage will help stop the feedback loop.
tldr: The intelligence agencies should be smart enough that they would know that backdoors will backfire on them. But they clearly aren't. There's also a huge failure at the checks and balances stage where these agencies are getting approval which creates a feedback loop and without solving this the problem will continue to grow.
Thanks for this nuance answer. Unfortunately, "Nuance" will always lose to "Pitchfork", even in supposedly smart and intelligent communities like HN.
There are ZERO people from the pitchfork community who understands the pressure of working in keeping a community, region or country safe. If there is a terrorist attack, the pitchfork people have to answer to ZERO questions, while CIA/NSA/Police will have to answer 'Why didn't you do something".
It is so easy to sit in their comfortable offices and homes and philosophize about privacy when you have no skin in the game.
I mostly agree, but I wouldn't call HN a pitchfork community. It can definitely get that way at times, but I think nuance is welcomed and generally encouraged here. Definitely the only way to keep it that way is to keep promoting it, so don't get disheartened. There's still hope.
> It is so easy to sit in their comfortable offices and homes and philosophize about privacy when you have no skin in the game.
And I definitely agree with this. But that's also why I made a big point into that lack of encryption actually gives these agencies more work (if we look at history). The problem is exactly what you note though, there will always be failure and we ask why they can't stop near impossible things to stop. Post hoc analysis is always easier than in situ.
No, not by their actions of course. It happens because of the lack of appropriate actions by them. Governments should anticipate on future events pointed out by science. And that is what they did not. All I see is business as usual.
Maybe the definition of politician should change to:
“One who is elected by the common populace to facilitate business at the cost of logical reasoning, human rights and the natural world.”?
While I’m sure one or two exist, I can’t actually think of a politician in the US, UK or Australia who doesn’t fit into the definition somehow. Again, there would be a few good ones, just not enough.
Still remember how one German Islamist terror group just used their web-email provider's draft feature. They never 'sent' anything. There are often quite simple ways to circumvent this kind of thing.
Good, but your e-mail provider can still see it. And be forced to eavesdropping.
Back in '90s I used a nym e-mail to receive e-mails anonymously and with no traces.
In a few words - e-mails are encrypted with your PGP key and posted to Usenet groups, where you scan all messages and extract only those signed&encrypted with your key.
Yep, there are 1000 and 1 method of communicating securely. Governments are just using this as an excuse to wiretap popular messaging services for general surveillance.
Unless they'll get away with making everyone dumber, they shall fail.
My Twitter account has been suspended for suspicious activity. Someone with whom I disagreed probably tried logging into my account a few times that triggered it, and now I cannot regain access to my account unless I provide my phone number. When you sign up, phone number is optional, but when someone fucks around with you, it becomes mandatory. The fact that the system is designed this way is absurd. This is not limited to Twitter, by the way.
Yeah only a stupid person can think that backdooring whatsapp will actually prevent the next 9/11. And that's in my opinion the core issue with most politicians, stupidity/tech illiteracy.
I'd love to hear about either a possible alternative government structure in which there are no politicians or a way to attract the smartest people in governments.
When you consider the societal fallout and everything that has transpired since, the most insane part to me is that by its very occurrence, 9/11 itself already prevented the next 9/11. The "next 9/11" was to crash the fourth hijacked plane into a high value traget; the plane on which the passengers fought back which was crashed in Pennsylvania WAS the next 9/11. This was a tactic that was apprehended and adapted to before the day was out. It worked three times on one day, once. An update to the mental calculus of common folks was all it really took. If we had successfully prevented it re-shaping our society, it would have never, ever, ever worked again. This newfound understanding of the rules coupled with a straight-forward countermeasure like reinforced cockpit doors would have closed off that vector of attack entirely.
19 malevolent people acting in 2001 have colored nearly two decades of policy for America. I remember two particular circulating ideas from the time: "they're attacking our way of life" and "they hate us because we are free." The latter was much more divisive and so people spent much more time arguing with each other about it. Meanwhile, whether intentionally on the part of the attackers or not, the first was very effectively accomplished.
Maybe if there had been no 9/11, the agencies charged with protecting Americans would have still been seduced by the ease with which modern technology enables broad surveillance. Maybe hoovering up all the data is too good an opportunity to pass up. Regardless, I yearn for, and still miss the end of history. Our hubris has been rewarded with interesting times.
On the politicians side I agree, tech illiteracy seems to be largely correct. As far as the intelligence agencies are concerned, well I think they know exactly what they are doing. So they know that a WhatsApp backdoor doesn't help against the next 911, it still allows a lot of general surveillance so. And that is what the agencies are after. Terrorists are just an excuse IMHO.
Politicians are not at all stupid in general. The problem we have is in their selective listening after we elect them.
If a legislator is not technically up to speed, considerable tax payer money goes towards hiring people in government to do the research and the explaining. Some high level advisers may come from organizations with a private agenda and after a few years of working within the goverment these experts pop right back to their industry jobs and we don't hear of them anymore.
Ultimately its the same need in whatever form of government we want – we need people we can trust.
This is why people have advocated for bottom up governance, where local groups make decisions and select rotating representatives to take those decisions as made by the group to larger regional councils, etc. In this way no individual has any real power. This is called democratic confederalism and is in progress in Rojava now but could be done in the US.
https://www.youtube.com/watch?v=LcndZ0nZ0mo
Along with the vote in process there should be a vote out process. The public should be able to force a vote of their representative at any time during their term and equally vote in their replacement.
The intention being that politicians are aware that they must be consistent with their words and actions throughout their term otherwise they will lose their seat.
Some months before the last big bail out legislations, in my state we had a US Senate candidate who was new in our political scene, appeared as a local man with a law degree from our state university, and he spoke about how the working people struggled with unemployment, delinquencies etc, as he knew middle class issues and can change the ways of Washington. PBS featured him and I still remember the interview they aired from his kitchen in a middle class home. I am among the people who voted him in.
A few years after this election I checked his voting records by chance and I realized that he had voted almost always in favor of the bailout system. I wouldn’t have known this by just reading the news or watching cable. In the next election cycle he won handily, this time supported by organizations with cash to blanket our news with favorable lines for him. That’s how life works I guess.
Everyone bitched at me for not voting the last election. To every person who asked me, I asked who they voted for our states railroad commissioner. They all said “oh I don’t know I just voted all blue”. I asked them if they knew what our railroad commissioner did, they did not know. So I proceeded to enlighten them on how the RR commissioner controls everything around our state’s oil fund and that they all just voted for the equivalent of donald trump to manage our oil rich state.
Of course he did not win because the other candidate was much better qualified and rural voters knew him en masse (he’s the one that signs checks for all the citizen stewards of oil fields), but I found it hilarious that people would flame me for not voting for a figurehead (president) but be a-ok to vote in some no name hack to manage our schools because of big money advertising in elections
> I'd love to hear about either a possible alternative government structure in which there are no politicians or a way to attract the smartest people in governments.
In all seriousness this is the aim of all historical anarchist movements. Despite the propagandization of the term "anarchism", that philosophy has a long history of attempts and writers and thinkers, and it has more often than not "failed" when a powerful state entity violently disbanded the efforts or killed prominent leaders. In other cases anarchism has not failed at all but has existed in tribal communities in different ways long before european thinkers wrote on the subject.
It's the same tactic that former CIA Director David Petraeus used to send messages to his mistress. It's been around for a while, so investigators look for it.
Or the paris attacks that were orchestrated on the playstation network and via unencrypted sms.. by ppl that were on a watch list already.. The problem is not encryption here
The idea that using a webmail provider's draft feature provides security might have been true a long time ago--I don't know--but it's really stupid to think it does so nowadays.
The current situation looks like it still has a whole ton of potential legal tripping points, from Wikipedia:
As of 2009, non-military cryptography exports from the U.S. are controlled by the Department of Commerce's Bureau of Industry and Security. Some restrictions still exist, even for mass market products, particularly with regard to export to "rogue states" and terrorist organizations.
Militarized encryption equipment, TEMPEST-approved electronics, custom cryptographic software, and even cryptographic consulting services still require an export license.
Furthermore, encryption registration with the BIS is required for the export of "mass market encryption commodities, software and components with encryption exceeding 64 bits" (75 FR 36494). In addition, other items require a one-time review by, or notification to, BIS prior to export to most countries. For instance, the BIS must be notified before open-source cryptographic software is made publicly available on the Internet, though no review is required. Export regulations have been relaxed from pre-1996 standards, but are still complex. Other countries, notably those participating in the Wassenaar Arrangement, have similar restrictions.
The fight for power has this unavoidable conclusion. The saying that “knowledge is power” is more true than I think most people realize. He who knows the most holds all the power. It doesn’t matter who is in power or what their beliefs are - they would eventually have to resort to these tactics or risk losing their foothold. Those who don’t or can’t afford to will be overrun.
We dislike it even though we would be forced to do the same thing in their position. We dislike it because we aren’t the ones in power. Again, as it goes in the jungle, life isn’t always fair.
> The idea that moves like this will "keep us safe" is utterly preposterous
The "terrorism" rationalization provided for this surveillance has nothing to do with reality. The United States government is not in any way involved in fighting the source of jihadist terrorism, and the state responsible for 9/11, Saudi Arabia. They are allies, and Trump's cabinet is now attempting to arm Saudi Arabia with nuclear weapons. The actual intent of this law is to surveil whistle-blowers and journalists. WhatsApp messages have already been used in the case against IRS whistle-blower John Fry, who exposed the Donald Trump-Michael Cohen hush payments.
It is reasonable for governments to want to be able to wiretap communications. They can wiretap telephones, including mobile/cell phones, for example as this is built into those systems. There is no problem with that and it is actually welcome.
Those apps that provide end-to-end encryption are a problem and they are working on solving it.
Claiming that they should not be able to wiretap lawfully (or even otherwise) is a rather naive view of the world and lawful wiretapping does not imply dystopia.
> Those apps that provide end-to-end encryption are a problem
Are they though? There will always be a means to communicate without surveillance. Backdooring encryption is fundamentally incompatible with privacy, and will be abused - at scale.
For any real cases, the security services have a multitude of other ways of getting the information they need regardless - for example, they could gaining physical access to the target's phone and backdoor/bug it, or swap it out with a backdoored/bugged one.
The real problem with backdooring or outlawing encryption is that it lowers the bar to entry for governments - it makes it too easy, and such sweeping powers will be abused.
> Backdooring encryption is fundamentally incompatible with privacy,
That's a very bold claim.
Lawful wiretapping exists because it is accepted (and reasonable) that privacy should stop in specific circumstances, e.g. a criminal investigation.
As I wrote before seeing this in black or white is naive. Wiretapping is useful for society. The key is to have proper oversight.
By the way, to lawfully wiretap a phone the authorities only need the phone number: The operator will then duplicate all traffic transparently and on the fly. Bugging a phone really means illegal/covert operations these days...
You don't understand. Encryption is necessary because on the internet, there is no distance. Any web service today must be built with the knowledge that everyone, everywhere is attacking it all the time. The only defense against that kind of attack is an encryption that nobody can break.
When a weakness is introduced into that defense, even if it's a secret key held only by trusted governments and only (they promise) to be used in emergencies, that key is a method of attack that anyone, anywhere can use against everyone. The only defense is that the secret key remain secret, and there are an endless number of ways it could be comprimised, ranging from human error, phishing, or plain old brute forcing. A single key for all Whatsapp conversations is a valuable enough prize for criminals all over the world to invest serious money in custom hardware to crack it.
Currently, encryption schemes like Whatsapp's rely on generation of new keys for every message, making the value of attacking any one message limited. Without this defense, Whatsapp will be cracked, sooner or later. And once someone publicly reveals that key, every single message sent before that point becomes compromised. Maybe even publicly exposed. Would you be okay with that? Exposing your private message history to the internet because governments wanted to snoop?
No, you don't. This is a fundamental rule of how encryption works. You can't design around it.
If there is a key which decrypts everything, then there is a risk it can be stolen or guessed and used to decrypt anyone's messages. This risk does not exist in current, properly designed systems.
Any government which wishes to add a backdoor to an E2E encrypted messaging system must understand that they will be HEAVILY undermining the security and privacy rights for all users of the service which has the backdoor.
I think you are the one not understanding at this point. This has nothing to do with "how encryption works".
Whatsapp decided to go for E2E encryption for commercial and marketing purposes following all those privacy scandals.
They did not have to. They could have gone with P2P encryption, i.e. that their databases could have stored messages in cleartext. That way authorities would not have needed to ask for any backdoor. As already mentioned, this is how cellular operators work (that's obviously something governments wanted).
I think we might see legislation brought in in the future in order to force this.
Yes, but if you make it too easy, oversight fails or is worked around with legalese, and the powers are abused at scale.
> Bugging a phone really means illegal/covert operations these days
My view here is that it should be difficult - the security services should only be able to intercept someone's communications with a legally obtained warrant to do so (the oversight you mentioned); then powers are far more likely to only be used where the is a credible threat.
Lawful wiretapping does not imply dystopia, but the actual practice sure seems to. This is very likely to be abused by enforcement agencies and politicians.
> Claiming that they should not be able to wiretap lawfully (or even otherwise) is a rather naive view of the world and lawful wiretapping does not imply dystopia.
I hold the opposite view: that the idea that the evolutionary trajectory of the internet seems wont to continue to allow "wiretapping" (and, for that matter, the existence of a capricious state tout court) is the naive view.
The state is looking increasingly obsolete every day, and moves like this are significant leaps forward in solidifying that conclusion.
AES is far and away the most heavily scrutinized encryption algorithm in history. Of course that doesn't make it flawless, but the level of genius that the authors would need to hide a backdoor in it for all these years boggles the mind.
The implementation of AES in popular CPUs? Yeah, who knows.
Yeah, I would not even go as far as AES in your CPU. Just... any part of your CPU, or your motherboard, or your GPU. RISC-V is still not suitable for desktop, or at least not commercially available AFAIK, and POWER9 is too expensive. I want open software and open hardware!
> They denounce China and Russia for their human rights records in one breath, and seek to strip us of privacy and personal rights in the next - the hypocrisy is simply staggering.
Politicians, generally, are not hypocrites. That implies the guise of good faith. Do you really think the biggest beneficiaries of terrorism are likely to be honest with you? Humans just like being told what to do and what to fear and whom to be mad at, and politicians make eager use of this role.
From the government's perspective, they are to keep "us" safe. It's easier to do that if no one's safe from us. :)
Granted, that's a little over-ominous because the government's mission statement is to keep its people safe, and it's also elected by its people. Either of these two facts changing is the way bigger danger; backdooring centralized services is stuff that happens in the meantime either way.
If you look at the way elections work at a micro scale in the US, you will begin to lose confidence in the assumption that they are elected by the people. Political machines have huge influence in controlling who it's possible to vote for, and swaying low-information voters. That makes sure they have a lockdown on decision-making, even if they allow a few mavericks through the cracks for the sake of plausible deniability.
Even if this or that individual politician gets voted out, or even ten of them, it won't stop the machine's influence. They're still the ones who decide who the replacements can be chosen from.
I've said this before, but you can't outlaw the maths. There's nothing stopping anyone from rolling their own encryption, using well documented algorithms. You'd need to literally outlaw Wikipedia. Hell, even one-time-pads could still be used by truly motivated bad actors that wanted to communicate securely.
They can make it so if they spot you using it (for other than communication with approved banks and retailers and such, maybe), that's instantly something they can charge you with. Then go after a few people who're spotted using it on the Internet by traffic sniffing, meaning the only folks left using it are cranks and actual bad guys.
A total tangent, but the words chosen in this comment and how it relates to the logic behind the US War on Drugs are eery - down to "sniffing" out paraphernalia, "trafficking" illegal goods, end users are "cranks" and bad guys...
That some may get around it isn’t the point. Most won’t risk charges to share recipes with aunt Edna or family photos with Grandpa. Some will keep using it and stay under the radar but any time someone’s caught using it, even if it wasn’t part of a crime, it’ll be added to the list of charges against them. It’ll be dead for common use, and risky and annoying to use for those who keep to it.
But if you want to communicate with somebody else in an encrypted way, then you can likely do so with effort that doesn't even approach a hobby. Setting up a system requires more effort, but these singular cases are hard enough to detect and crack that the law enforcement agencies would never be able to do it. You might not even need encryption, because you could communicate in ways that are just obfuscated enough that nobody's going to check. Eg write with blocks on the ground in Minecraft or something.
If the goal is to catch malicious people that are trying to hide their communications, then outlawing encryption won't work. But it will give the government a good excuse to spy on people.
"I've said this before, but you can't outlaw the maths."
I don't think this is the right analogy - instead, I think a better statement would be "you can't outlaw random numbers".
A random number and the ciphertext output of a secure encryption algorithm should be indistinguishable.
I don't think I am being naive to think that even in our wildest dystopian nightmares there is no real path from (current jurisprudence in five-eyes jurisdictions) to (random numbers being illegal).
Not possible in the US unless the Supreme Court stops giving a crap about the first amendment. Incredibly unlikely no matter how unpopular free speech might become.
If congress and the president decide they want to increase the SC to 99 justices and add and additional 90 of their choosing then that's when the US Constitution officially dies but it can be done according to the law.
The attack on the legitimacy of the courts will fail this time around, just as it always has. The justices rule mostly with integrity and they’re mostly respected and protected.
It's just a hyperbole for packing the court. Allowing one president to appoint >50% of the justices so that the court always rules in their favor instead of waiting for seats to be vacated and re-filled.
You have to kill some of them to put the others in place. If you add 90 slots you can just fill the new 90 slots with your guys. That’s the theory of his statement.
It's easier to have public scrutiny on 9 justices than 99. There isn't enough time for the media or for people's memories to constantly remember to be angry at a few dozen people.
In many cases, (In my country for sure, and I bet this is common elsewhere) members of the legislative branch are approached by people from the intelligence community, who hand them the drafts for stuff they 'need'.
And you can bet those people do understand encryption.
IRC? If that were the case, and open source servers like UnrealIRCd were somehow backdoored in a way the community couldn't detect, you're still free to implement your own backdoor-free server and client if you want. The spec is freely and openly available as RFC1459.
Disagree on hypocrisy. US still affords significant freedoms and largely respects human rights. Whether your communications can be decrypted or intercepted on networks that are government regulated anyway is not hypocritical.
Residents of the US are still free to use whatever mathematical algorithm they want to encrypt their comms. Transporting OTP's across physical borders is trivial, and not technically illegally if not mistaken. Strong encryption is open source as you've pointed out. There's no law against using those open source libraries, nor any discussion to try to censor/outlaw them, AFAIK.
Policing the airwaves and internet pipes hardly qualifies as some major abuse of human rights, particularly when the best that the Intercept/Snowden crowd can come up with regarding things like "Parallel Reconstruction" is "abuse" of "surveillance power" to catch, e.g., methamphetamine traffickers [1].
> Policing the airwaves and internet pipes hardly qualifies as some major abuse of human rights
The leaders of today are not the same as those of tomorrow - sweeping powers to invade anyone's privacy and communications could easily be used for nefarious purposes. I don't trust our current leaders with such powers, much less potentially worse ones.
> Residents of the US are still free to use whatever mathematical algorithm they want to encrypt their comms. Transporting OTP's across physical borders is trivial, and not technically illegally if not mistaken. Strong encryption is open source as you've pointed out. There's no law against using those open source libraries, nor any discussion to try to censor/outlaw them, AFAIK.
Do you really think things will stay this way?
It seems to me that TFA is just the next step on a slow, but steady, march towards an authoritarian nightmare - once they've worn us down some more, there will be serious moves against encryption (it's happened before, and politicians have been bringing it up a lot in the past 10 years or so).
While I don't agree that your argument was high-quality:
Paul Graham:
I think it's ok to use the up and down arrows to express agreement. Obviously the uparrows aren't only for applauding politeness, so it seems reasonable that the downarrows aren't only for booing rudeness.
It only becomes abuse when people resort to karma bombing: downvoting a lot of comments by one user without reading them in order to subtract maximum karma. Fortunately we now have several levels of software to protect against that.
Thanks for clarifying and stating your opinion about the quality of my comment. However, seems a bit too broad-stroke to use downvoting for both the (lack of) quality of the comment and to express disagreement.
I do not personally have downmod capabilities, but I don't think it is necessarily too broad: If you interpret it as "People shouldn't read this", it seems reasonable.
HN doesn't want to encourage discourse, it wants to encourage worthwhile discourse, and the distinction is significant. Consider "people shouldn't read this" as short for "Having made the mistake of wasting my time reading this, I will flag it to help others to not make the same mistake."
Revise that slightly to 'it is a waste if time to read this' maybe.
I downvote quite rarely in HN over disagreeing with someone. Usually it is when I don't feel the reply adds any value, and is actually negative for the discourse.
That is, e.g doesn't reach me anything about the opposing position, or is argumentative without any substance, but distracting from comments that are more constructive.
Of course other people use different judgement. At the same time, HN doesn't hide comments to a great extent. Even 'dead' comments are optionally visible (with the 'showdead' setting) and quite a few of us read HN with that on. It's very rare for downvotes to silence people here who aren't actively disruptive.
Couple that with first enabling downvotes when people hit a certain karma threshold, and various other limitations, and HN is free of a lot of the downvote problems of other places.
That to me makes it less of an issue if people downvote to signal disapproval here.
Often initial downvotes will be countered when people feel a comment has been downvotes too much as well.
Assuming that US citizens are safe, that doesn't apply to citizens of other countries. So even it the US and the UK respect their own citizens' rights (Snowden showed they don't) they won't respect other people's rights. And then surveillance becomes a tool against a countries and policies the US and UK don't agree with regardless if these are a genuine threat or not. So yeah, it is kind of a big problem.
> Disagree on hypocrisy. US still affords significant freedoms and largely respects human rights.
If you are US citizen maybe, for the rest of the world. Definitively not.
Without being a lawyer, I'm pretty sure random drone strike on civilians in Pakistan, torture in Guantanamo or intercepting entire world communication is not an example of "respect of humans rights".
> Without being a lawyer, I'm pretty sure random drone strike on civilian in Pakistan, torture in Guantanamo or intercepting entire world communication is an example of "respect of humans rights"
This is a good point, I think. The US has an appalling record on human rights (aside from your examples, arming terrorists and overthrowing democratically elected governments spring to mind) - as long as we're talking about the rights of non-Americans.
Some of those individuals were guilty of little more than political activism but experienced real harm (e.g. deportation) thanks to surveillance overreach.
Disagree. The end goal has always been to make civilian use of encryption in a such a way as to prevent government from being able to intercept communication illegal. That’s where we will end up.
The US, by their own admission, is "killing people based on metadata" [0].
Which in practice is done by using machine learning [1] on huge data sets gathered with that global surveillance enabled trough Five Eyes.
Because the army of humans that could manually sort trough those zettabytes of data has yet to be cloned. All that ends up in the fancy-sounding "disposition matrix" [2] aka the USGs kill-list. It's just systems upon systems doing their thing and nobody is directly responsible or accountable for anything that ends up happening, like when yet another 30 Afghani farmers get "splatted" by accident [3].
Considering how this has been going on for close to two decades, and the US has a very convenient way going about the casualty statistics [4], I guess these Afghani farmers are just another rounding error in the "war on terror". Figures, because before that they were mostly considered biometric cattle [5] and lab-rats for fantasies about "full-spectrum surveillance" [6].
Note: Under Trump, the USG now even stopped releasing their shined up drone statistics. So it's pretty much impossible to know the full scale about what's still going on to this day.
I truely fear for the future that western governments, in particular the 5 eyes members, are hell-bent on creating. They denounce China and Russia for their human rights records in one breath, and seek to strip us of privacy and personal rights in the next - the hypocrisy is simply staggering.
What's perhaps even more frightening is that so many people believe that moves like this are to keep us safe, will keep us safe.
This can not end well...