*
www.ft.dk

cross-posted from: https://programming.dev/post/37443248

Fight Chat Control.

Comments
Answer

Question no. 1425 (General part) from the Danish Parliament’s Legal Affairs Committee:

“Will the minister elaborate on the minister’s statement to TV2 on the 21st?”

August 2024, where the minister says: "We have to break with the totally mistaken notion that it is every man’s freedom to communicate on encrypted messaging services

(…)”?”

Answer:

We know that social media and encrypted services are unfortunately largely is used to facilitate many forms of crime. There are examples on how criminal gangs recruit completely through encrypted platforms young people to commit, among other things, serious crimes against persons. It is an expression of a cynicism that is almost completely incomprehensible.

We therefore need to look at how we can overcome this problem. Both in terms of what the services themselves do, but also what we from the authorities can do. It must not be the case that the criminals can hide behind encrypted services that authorities cannot access access to.

Therefore, we, as a government, will also strengthen the police’s capabilities in the area of ​​decryption, of course under appropriate legal guarantees, as is also the case today. In addition, the Ministry of Justice has The Criminal Justice Committee has just started working on a terms of reference that will look at the challenges that technological developments present to the police investigation, including the use of encrypted messaging services.

I also note that steps have been taken within the EU towards a strengthened regulation of, among other things, digital information services and social media platforms.

For example, the European Commission has proposed a new Regulation on rules for preventing and combating sexual abuse of children. The proposed regulation contains rules on obligations for certain online services to minimize the risk of their services being misused for online child sexual abuse, and the services can, if necessary, be required to track down, report, remove and block access to material showing sexual abuse of children.

  • Nibodhika@lemmy.worldEnglish
    2·
    1 day ago

    You do know that cryptography predates computers right? Anything that can send text can be used to send encrypted messages, don’t believe me? Here you go:

    -----BEGIN PGP MESSAGE-----
hQGMA8yC6PUxUgJ0AQv/bN6XNyCbXByubaxT9SrBIg+qrvJFT8Qp5c8m4IWtt80s
Ugm3H4cWleXFxhQkq8THI2VnXdyNDGFlhpOB0eTeVpXkKlwlWF/cjPV3pCmKnv86
xOGevoKU4Qb0IPN/MAugHHbGPpnPTjH9Mj6WMMA4UwwmPcGvposvpMDrvkbKE4xf
RYj1o9EwGcqcMW0IEzXoX2g2ViZ2qbJGfkTBqm1+SR7uIKet/00MrG6uSW5jv1Hd
a6lyNqu4kiYSHGtQWlLypJDZLe1lbKVu7FKpiE3ZiA7Lt8b4eb8kqdfFzwCZv1L/
kwQbYB+rc88SdwSsYFATV7+hytyyJuZf2WazKe7NzUf8EVkia+I+/WHuuBFzAt6I
2+rEDVZE9MDnwPJkuFKUAL42M9B5UIyKKDDfgbnxiVX9P5MIZTFNWU4d7r75teQT
sPx9gS8BrDggXuC5QjhuyWMQStdFpvh/qtIQPL+XK57X5bKPmKNHGloSV+VjcMvm
WFnpx3Vj99EwzN7XPYfx0ukBfDJrxZUZEls7y5IdlG6pczxd1yqIgrahKVe8PZrj
chH8oT2rAyxqYh0k3ks2GKuuuGI8ICp50d7CsDhexc3Htao+qszIxLk4Jd7VZkkg
rV9oR34r8Z4WLybhWA10wH4FRXfIIppCwocm03wiKUNRadeLLXsnlPGgdiWMjlN8
1JAoYXTMyCWcjM+NFRf4+nCb3Az/Fn7BbtXJU3UcqdBwoCEZZ2sObY3Jy+rLEBYb
NofoNHS2iLZlihdf4kKp8UfwqzQ2bHdSN4r28SVZv+bTnGilH/FGGoU2fkfPPux6
4q/hwtRRryBTgaGk+LqExDXXXBnM+pwjeVZepzEOcUwbTD3E7sBOD7ETW6GvpRQZ
nrcaVeH5YcbBq5QtMXP6WUcDas5JHld+Us8wFOctz5t7IGUwHKZ8Clsk+dfWuoK5
X9eaFCGdfy/xuL8CZ1X99oVO8BATekRaZcNYmWdopf1P339qw0mDusF7r5q3YynZ
HqylFuIro0GK4xorABpErnSzyP5BQMacE5wI5XDWZbkWpocYpNXetl3ZSN+FhW4m
Xa+LVKKZuGxC7lBYlAbzCFQbSXOrdCD6YTG6D1cD6hd3PjxRVl3wpcCdzo5YFISW
+P/XtQe/SV8ZnkN+z+O9Iuu9ajQ/dNL3HZ+y12KBxQDNErKoApDBfEqBgOqj7t8r
RS9CmP2p0UVZThh440FPkJOVN4lml2AxWuMCXJqacu83y0px0lr9Y+0gn3I3Odej
rg==
=kS8o
-----END PGP MESSAGE-----

    There’s no way you will be able to read the message above unless I give you the key for it. How would they stop me from sending that?

    Also, are they going to firewall my VPS? What about my personal server? What if we use text files on my personal server, using ssh keys to connect to it? There’s no way to block all cryptographed communication without blocking all communication.

    • plyth@feddit.orgEnglish
      1·
      1 day ago

      If you can only send facebook messages, facebook can block anything with more than 5 random characters.

      VPS - virtual private server? The server is behind a router. Of course it can be firewalled. It’s also on a host server so all your files can be read without you noticing.

      There’s no way to block all cryptographed communication without blocking all communication.

      Everything can be blocked by default and only AI monitored channels from official services can be accepted. Short messages can be hidden with crypto tricks but that is a very limited freedom for very few people.

      • Nibodhika@lemmy.worldEnglish
        1·
        18 hours ago

        If you can only send facebook messages, facebook can block anything with more than 5 random characters.

        Congrats, you now blocked people from sharing urls, setting their delivery address on areas where code has numbers, or prevented people from communicating in a different languages or using slangs since it’s impossible to keep track of all of that. Also are you blocking images too? Otherwise you can put text in the image in several different ways.

        VPS - virtual private server? The server is behind a router. Of course it can be firewalled. It’s also on a host server so all your files can be read without you noticing.

        I also mentioned my home server, but in case you didn’t knew you can encrypt files on a VPS, sure there are attacks to access the contents when they’re being decrypted by the VPS, but there are lots of ways to have the server send the content encrypted and only decrypt it locally.

        Everything can be blocked by default and only AI monitored channels from official services can be accepted. Short messages can be hidden with crypto tricks but that is a very limited freedom for very few people.

        How would AI know the difference between “hey check this video <link to video>” and “hey check this video <link to video whose url has an encoded message>”? Or even “see you at the party tomorrow” and “see you at the party tomorrow” (i.e. the secret meeting will be tomorrow). Cryptography is so much more than just making your messages look like random characters, hell, using AI it’s very possible to have it write a text that uses all of the random letters on a gpg encrypted message in a specific way that others can decrypt, but since hose are still random characters it’s impossible to know there’s a message there.

        • plyth@feddit.orgEnglish
          1·
          6 hours ago

          blocked people from sharing urls

          They can check the url.

          server send the content encrypted and only decrypt it locally.

          From where does the server get the content if every port is blocked but from licensed servers? You could contact them directly.

          How would AI know the difference

          It doesn’t have to. People can still meet offline and share secrets. It’s enough to limit the amount of secret communication. It’s enough if people cannot share books and videos in secret.

          • Nibodhika@lemmy.worldEnglish
            1·
            2 hours ago

            They can check the url.

            And do what? The URL might be invalid because it was temporary, or it could be a valid url that has a message in it, it’s impossible to know if the random characters in a girl are random or have a meaning behind.

            From where does the server get the content if every port is blocked but from licensed servers? You could contact them directly.

            How do you think that would work? My server has an IP, I control the ports on that machine. Sure, my ISP could try to block me by putting me inside a LAN or something so I don’t have access to the internet IP, but packages have to make it from and to my computer, so a path must be established, and where there’s a path you can do all sort of fun stuff with it, such as reverse shells or proxies. At the end of the day you can’t block stuff unless you block everything.

            It doesn’t have to. People can still meet offline and share secrets. It’s enough to limit the amount of secret communication. It’s enough if people cannot share books and videos in secret.

            You haven’t proposed any solution to the sharing of videos of books, hell, you can share pirated movies on Facebook if you want to without them knowing by taking a page from usenet and encoding the video in text and publishing it on several different pages and sharing an external file linking all of them together. Add an extra layer that uses AI to convert each post into something that sounds reasonable and no post in particular would raise any alarm, and even looking at all of them together nothing makes sense, unless you know the order and the key to decrypt it.