*
www.ft.dk

cross-posted from: https://programming.dev/post/37443248

Fight Chat Control.

Comments
Answer

Question no. 1425 (General part) from the Danish Parliament’s Legal Affairs Committee:

“Will the minister elaborate on the minister’s statement to TV2 on the 21st?”

August 2024, where the minister says: "We have to break with the totally mistaken notion that it is every man’s freedom to communicate on encrypted messaging services

(…)”?”

Answer:

We know that social media and encrypted services are unfortunately largely is used to facilitate many forms of crime. There are examples on how criminal gangs recruit completely through encrypted platforms young people to commit, among other things, serious crimes against persons. It is an expression of a cynicism that is almost completely incomprehensible.

We therefore need to look at how we can overcome this problem. Both in terms of what the services themselves do, but also what we from the authorities can do. It must not be the case that the criminals can hide behind encrypted services that authorities cannot access access to.

Therefore, we, as a government, will also strengthen the police’s capabilities in the area of ​​decryption, of course under appropriate legal guarantees, as is also the case today. In addition, the Ministry of Justice has The Criminal Justice Committee has just started working on a terms of reference that will look at the challenges that technological developments present to the police investigation, including the use of encrypted messaging services.

I also note that steps have been taken within the EU towards a strengthened regulation of, among other things, digital information services and social media platforms.

For example, the European Commission has proposed a new Regulation on rules for preventing and combating sexual abuse of children. The proposed regulation contains rules on obligations for certain online services to minimize the risk of their services being misused for online child sexual abuse, and the services can, if necessary, be required to track down, report, remove and block access to material showing sexual abuse of children.

  • Treczoks@lemmy.worldEnglish
    6·
    18 hours ago

    We must break with the totally erroneous perception that governments have the right to trample on peoples privacy.

  • Sina@beehaw.orgEnglish
    5·
    23 hours ago

    The real misconception is that breaking encryption in the big services including Signal and Telegram would stop criminals from using encryption. Unfortunately any compromised service can be used for unbreakable encrypted communication, including gmail. So the only thing this is good for is listening in on our crap…

  • shadowtofu@discuss.tchncs.deEnglish
    58·
    2 days ago

    Around 2010, I was using Pidgin to communicate with friends, a universal client to connect to instant messaging platforms. At the time, this would have been MSN, ICQ, AOL messenger, Skype, etc. Even facebook was running its own XMPP server that you could connect to, and communicate with your facebook friends! Pre-enshittification-times were really amazing.

    In this pre-Snowden era, end-to-end encryption was pretty much unheard of, TLS was used for “serious stuff” like online banking. Still, Pidgin had a plugin implementing OTR messaging, which is essentially an ancestor of the Signal protocol. It worked by sending the encrypted messages as plain text messages over any supported service. Me and my friend (who, I believe, was using a different non-Pidgin MacOS client?) would talk to each other using OTR-encrypted messages via Facebook Messenger. Key verification was not a solved issue and had to be done manually using a different channel. And when you opened Facebook itself to look at your messages, all you could see was a bunch of base64(?)-encoded gibberish. Fun times.

    The only way to outlaw encryption is to outlaw mathematics. If two (or more) persons want to exchange messages securely, they can and will always be able to do so. If I cannot trust my messaging application, I will find a way that I do not have to trust it, and people that have something to hide even more so. Encryption is not a loophole for criminals; it is a bulwark against tyranny. This proposal will solve no problems, but establish a authoritarian surveillance state.

    • zenforyen@feddit.orgEnglish
      14·
      2 days ago

      Thanks for the nostalgia.

      2010 - back then I was an insecure teenager, finding refuge and empowerment in technology, anxious that I will die alone. One year before finishing high school and two before meeting my future wife. I texted her also using Pidgin for ICQ and Google Talk (without the OTR, of course).

      Now I’m a self-confident software developer, instead anxious that I will die in a fascist dictatorship, and absolutely sick of the modern shitnology, preferring to care for plants on the balcony after work, because they are something real and not annoying.

      Tech is just not fun anymore. But maybe it’s for the better, that made me go outside more.

      But back on topic:

      prohibiting encryption is like saying people should not be able to have private conversations without a microphone in the room which the government can always tune in to, if they see the need. Obviously completely ridiculous.

      I guess just in case I’ll keep my illegal encryption software somewhere hidden and encrypted. Will be fun when we will start sending crypto data hidden steganographically in a wall of text that reads like bad LLM output. Have fun scanning all the traffic looking for cues that are not there. Anything can be encoded in almost anything else. There is absolutely no way that a government, no matter how powerful, could enforce any such restriction in a bullet proof way against anyone who puts in the tiniest bit of effort.

      Concerning making math illegal… Reminds me of DeCSS. Been there, done that. When people were wearing shirts with the illegal prime number. Fun times.

    • plyth@feddit.orgEnglish
      13·
      23 hours ago

      There is AI. Facebook doesn’t have to forward encrypted messages. The internet can be locked down to prevent encryptes messages.

      • Nibodhika@lemmy.worldEnglish
        2·
        8 hours ago

        How? I doubt you’re able to propose a solution that can’t be broken in 5 minutes, the only solution is to either accept it or block 100% of the internet, if you leave even a single write access allowed it can be used to communicate, and if it can be used to communicate, it can be used to send encrypted messages.

        • plyth@feddit.orgEnglish
          1·
          8 hours ago

          Single messages can be hidden in random conversations e.g. by typos or other patterns. But the AI will flag anything that could be used to send more than twitter messages.

          If network access is only allowed for bootlocked phones, how would you send those messages but by typing them by hand?

          So there will be 10 messages or more for one meaningful message.

          That’s useful for activists but destroys any ability to organise a movement that needs to recruit followers.

          • Nibodhika@lemmy.worldEnglish
            1·
            8 hours ago

            Single messages can be hidden in random conversations

            That’s all it takes, cryptographic communication is a list of single messages, if you can pass one without being detected you’re done.

            If network access is only allowed for bootlocked phones, how would you send those messages but by typing them by hand?

            First of all that is impossible, TCP/IP is an open protocol, you can build your own small computer and connect it to a network. But let’s for a moment assume this was possible, you can encrypt/decrypt messages with an offline machine and send them to the online one by any number of means, e.g. Build a QR code and scan it with your phone.

            That’s useful for activists but destroys any ability to organise a movement that needs to recruit followers.

            A movement that needs to recruit followers won’t encrypt their messages since they need people to be able to read them. They could use public key encryption to ensure that people could send messages to them and they can sign messages, but encrypting the messages is pointless. You only encrypt messages when you trust the other party, otherwise anyone could intercept and encryption is pointless.

        • plyth@feddit.orgEnglish
          1·
          11 hours ago

          Tell me what you do if only registered messenger services are allowed, that run on phones with intact boot loaders?

          Then forbid any peer to peer connection that wasn’t requested by those services.

          No VPNs, no unlicensed servers.

          There can be a free internet in Africa but Europe can be locked down more than China if so desired.

          • Nibodhika@lemmy.worldEnglish
            2·
            9 hours ago

            You do know that cryptography predates computers right? Anything that can send text can be used to send encrypted messages, don’t believe me? Here you go:

            -----BEGIN PGP MESSAGE-----
hQGMA8yC6PUxUgJ0AQv/bN6XNyCbXByubaxT9SrBIg+qrvJFT8Qp5c8m4IWtt80s
Ugm3H4cWleXFxhQkq8THI2VnXdyNDGFlhpOB0eTeVpXkKlwlWF/cjPV3pCmKnv86
xOGevoKU4Qb0IPN/MAugHHbGPpnPTjH9Mj6WMMA4UwwmPcGvposvpMDrvkbKE4xf
RYj1o9EwGcqcMW0IEzXoX2g2ViZ2qbJGfkTBqm1+SR7uIKet/00MrG6uSW5jv1Hd
a6lyNqu4kiYSHGtQWlLypJDZLe1lbKVu7FKpiE3ZiA7Lt8b4eb8kqdfFzwCZv1L/
kwQbYB+rc88SdwSsYFATV7+hytyyJuZf2WazKe7NzUf8EVkia+I+/WHuuBFzAt6I
2+rEDVZE9MDnwPJkuFKUAL42M9B5UIyKKDDfgbnxiVX9P5MIZTFNWU4d7r75teQT
sPx9gS8BrDggXuC5QjhuyWMQStdFpvh/qtIQPL+XK57X5bKPmKNHGloSV+VjcMvm
WFnpx3Vj99EwzN7XPYfx0ukBfDJrxZUZEls7y5IdlG6pczxd1yqIgrahKVe8PZrj
chH8oT2rAyxqYh0k3ks2GKuuuGI8ICp50d7CsDhexc3Htao+qszIxLk4Jd7VZkkg
rV9oR34r8Z4WLybhWA10wH4FRXfIIppCwocm03wiKUNRadeLLXsnlPGgdiWMjlN8
1JAoYXTMyCWcjM+NFRf4+nCb3Az/Fn7BbtXJU3UcqdBwoCEZZ2sObY3Jy+rLEBYb
NofoNHS2iLZlihdf4kKp8UfwqzQ2bHdSN4r28SVZv+bTnGilH/FGGoU2fkfPPux6
4q/hwtRRryBTgaGk+LqExDXXXBnM+pwjeVZepzEOcUwbTD3E7sBOD7ETW6GvpRQZ
nrcaVeH5YcbBq5QtMXP6WUcDas5JHld+Us8wFOctz5t7IGUwHKZ8Clsk+dfWuoK5
X9eaFCGdfy/xuL8CZ1X99oVO8BATekRaZcNYmWdopf1P339qw0mDusF7r5q3YynZ
HqylFuIro0GK4xorABpErnSzyP5BQMacE5wI5XDWZbkWpocYpNXetl3ZSN+FhW4m
Xa+LVKKZuGxC7lBYlAbzCFQbSXOrdCD6YTG6D1cD6hd3PjxRVl3wpcCdzo5YFISW
+P/XtQe/SV8ZnkN+z+O9Iuu9ajQ/dNL3HZ+y12KBxQDNErKoApDBfEqBgOqj7t8r
RS9CmP2p0UVZThh440FPkJOVN4lml2AxWuMCXJqacu83y0px0lr9Y+0gn3I3Odej
rg==
=kS8o
-----END PGP MESSAGE-----

            There’s no way you will be able to read the message above unless I give you the key for it. How would they stop me from sending that?

            Also, are they going to firewall my VPS? What about my personal server? What if we use text files on my personal server, using ssh keys to connect to it? There’s no way to block all cryptographed communication without blocking all communication.

            • plyth@feddit.orgEnglish
              1·
              8 hours ago

              If you can only send facebook messages, facebook can block anything with more than 5 random characters.

              VPS - virtual private server? The server is behind a router. Of course it can be firewalled. It’s also on a host server so all your files can be read without you noticing.

              There’s no way to block all cryptographed communication without blocking all communication.

              Everything can be blocked by default and only AI monitored channels from official services can be accepted. Short messages can be hidden with crypto tricks but that is a very limited freedom for very few people.

            • plyth@feddit.orgEnglish
              1·
              9 hours ago

              At each router, store the allowed subnets of acceptable servers and dop any other connection. So P2P is blocked by default. But if a connection is needed, the messenger services get an API to unlock routes for channels that they control.

                • plyth@feddit.orgEnglish
                  1·
                  8 hours ago

                  All telecom providers can be required by law to implement it and Cisco and the other router suppliers can add that feature to their operating systems, if they not already have for countries like China.

                  The free internet can become a sandbox in a matter of weeks, maybe even days or hours.

                  The illusion of freedom is too valuable to be destroyed unnecessarily. But if people start to do serious protests I would expect the internet to go down like in Türkiye.

  • jjpamsterdam@feddit.orgEnglish
    102·
    3 days ago

    It’s taken only about 35 years for the “free” countries of Europe to adopt the same mindset that the Eastern Bloc used to have. In large parts of Germany, for example, people can still remember how it was when you could expect your government to listen in on any and every private conversation. It wasn’t good.

    • plyth@feddit.orgEnglish
      1·
      10 hours ago

      It’s for the same reason. China is starting to dominate the global economy and European countries have to protect theirs. It’s unbelievable that they believe that it is a good idea.

      • The Quuuuuill@slrpnk.netEnglish
        331·
        3 days ago

        how many people have you talked to from soviet states? because food insecurity was a serious problem in the highly stratified authoritarian eastern bloc. yes, capitalism kills, but if you understand capitalism to be a system of controlling the workers by having a small cabal owning everything you start to realize the eastern bloc was capitalist as hell

          • Wrufieotnak@feddit.orgEnglish
            10·
            2 days ago

            Yes, the famous communist trams in the villages and smaller cities. Somehow my parents and grandparents never told me about those, but had enough stories about how people waited for cars.

            Now without sarcasm: public transport was something that was heavily invested in in many socialist countries, yes. And that was a good thing. But that doesn’t change that a lot of people still wanted to have a car to get outside the cities or be more independent from PT and it’s time tables in general.

            • comrade_twisty@feddit.orgEnglish
              7·
              2 days ago

              Why would you need to go somewhere outside of the timetables of public transport, all work, government and party events are planned around those. If you leave your home at other times you must have bad intentions!

      • jjpamsterdam@feddit.orgEnglish
        7·
        3 days ago

        The only thing that never ran out was Vodka and Korn. Folks had to wait in line for anything and everything. What a great time it was.

  • Phoenixz@lemmy.caEnglish
    44·
    2 days ago

    We need to do away with the erroneous perception that there is a safe way to break encryption only for the government. That actually IS an erroneous perception

  • Diplomjodler@lemmy.worldEnglish
    59·
    3 days ago

    We must break with the totally erroneous perception that ostensibly democratic governments can be trusted.

  • xxce2AAb@feddit.dkEnglish
    63·
    3 days ago

    “And also at the same time compromise the security of every computing system in the country, lay the foundation for massive abuse of power and murder the concept of privacy. It’s all for their own good.”

  • _haha_oh_wow_@sh.itjust.worksEnglish
    29·
    2 days ago

    Breaking encryption would be an unmitigated disaster, Peter Hummelgaard either doesn’t know what the fuck he’s talking about or is completely insane.

  • sp3ctre@feddit.orgEnglish
    45·
    3 days ago

    What is actually going on with denmark? What is their problem with privacy? Have they always been like that?

    • SorteKanin@feddit.dkEnglish
      4·
      2 days ago

      It’s the current government which is comprised of old parties (well one new party but founded by a well-known politician) full of people who are basically politicians as a career. They care about power and control. Most everything else comes second.

      Luckily we have elections soon-ish, but unfortunately people will probably keep voting for these parties, as they’ve done in the past. It is what it is.

    • Kornblumenratte@feddit.orgEnglish
      17·
      3 days ago

      I don’t know about Denmark, but e.g. in Sweden tax declarations are considered public information. In many areas in the Netherlands, you are able to view the complete ground floor of houses from the street. The idea of privacy differs between cultures.

      Nonetheless, I’m convinced every minister of justice would state the same, even in the most privacy fokussed countries.

      • Ooops@feddit.orgEnglish
        16·
        3 days ago

        Nonetheless, I’m convinced every minister of justice would state the same

        You are right. But that only shows how hard they are trying to destroy democracy now as the EU and many countries’ constitutions consider privacy and the ability to confidentally communicate privately a basic human right.

        References:

        EU convention on Human Rights: “The European Convention on Human Rights protects the right to respect for private life, the home and correspondence. This includes protecting the privacy of messages, phone calls, and emails. Governments can only interfere with these rights when it is specifically allowed by law, and done for a good reason – like national security or public safety.”

        Danish constitution: “§ 72 The dwelling shall be inviolable. House search, seizure, and examination of letters and other papers, or any breach of the secrecy that shall be observed in postal, telegraph, and telephone matters, shall not take place except under a judicial order, unless particular exception is warranted by statute.”

        All those morons could at least openly talk about the fact that they want to change basic constitutional rights. But they don’t as people could realize what they are doing then. So it’s always the same bullshit of bending and bending laws until they break (or courts object), then pretend to be totally surprised, turn around and try the exact same shit again.

      • mumblerfish@lemmy.worldEnglish
        5·
        2 days ago

        Not only tax declarations, but a lot of public info on car ownerships, court cases, personal address, and so on. “Doxxing” is not really a thing, in the same sense, here. But there used to be somethings that were completely off limits, like contents of postal mail. That used to be considered very much a private thing. Until recently.

    • CosmoNova@lemmy.worldEnglish
      1·
      2 days ago

      From the snippets that I read here and there it looks like Denmark has been like this for a long time and it keeps getting worse. They have a very high density of surveillance cameras, loose privacy laws and recently closed their postal services for delivering letters. It only makes sense then to end encryption so you can make no communication whatsoever without the government knowing about every detail.

    • General_Effort@lemmy.worldEnglish
      21·
      2 days ago

      It’s happening all over Europe and the US, but especially Europe. Police were used to being able to eavesdrop on any sort of communication. This becomes ever less possible, while at the same time, you have more and more crimes that are committed solely by communicating and can’t be prosecuted or even detected without massive internet surveillance. I think the US commitment to “free speech”, freedom of information, has a somewhat protective effect.

      Of course, these online-only crimes are 99%+ copyright, but even copyright has gained in favor among netizens. Then you have “deep fakes”. Bunch of other stuff like holocaust denial. Going after such stuff is quite popular among lemmings, too. And how else are you going to enforce all that?

  • acargitz@lemmy.caEnglish
    30·
    3 days ago

    Danes, if you re-elect this man, you are condoning this outrageous position.

    • polakkenak@feddit.dkEnglish
      29·
      3 days ago

      We do and it’s part of our constitution (same situation as Germany about not being updated). Not that any of the recent governments have cared about this minor detail.

      We only recently got rid of another law, which required logging of calls and texts by telecommunications.

      This only ended because the EU courts ruled it was against the right to privacy, and it still took them 8 years to drag their feet following the ruling to abolish the law.

      Various government from both sides of the political spectrum have slowly introduced, or paved the way for, more mass surveillance, but the current government has been extremely vocal about surveillance.

      Edit: penal code says “sealed” messages are off limits. Not that they care 🙄

    • einkorn@feddit.orgEnglish
      131·
      3 days ago

      We (Germany) do, but it has never been updated to include electronic communication.

      • CyberEgg@discuss.tchncs.deEnglish
        17·
        3 days ago

        That’s actually wrong. Art. 10 (1) GG protects the secret of the letter, secret of postal service and the secret of telecommunication (Brief-, Post- und Fernmeldegeheimnis).

    • SmoothOperator@lemmy.worldEnglish
      5·
      3 days ago

      Our constitutional rights ensure that the police must have a good reason to investigate our correspondence. I suppose the issue with well-encrypted messaging for the state is that even with a good reason, the police can’t read the correspondence.

      Not that I support this nonsense, just saying.

    • Ooops@feddit.orgEnglish
      6·
      3 days ago

      would lobby against postal privacy

      No, they wouldn’t because then the stupid masses might wake up and realize how their rights are stripped away. Instead they always pretend that existing constitutional and other laws would not actually protect communication.