Who's who?
> "We know that bad guys can walk through the same doors that are supposedly built for the good guys,"
Although which are the good / bad guys is increasingly difficult to determine
In the wake of the Salt Typhoon attacks, which lawmakers and privacy advocates alike have called the worst telecoms security breach in America's history, US government agencies have reversed course on encryption. After decades of advocating against using this type of secure messaging, "encryption is your friend," Jeff Greene, …
The Patrician to Captain Vimes, in Guards! Guards!: "I believe you find life such a problem because you think there are the good people and the bad people," said the man. "You're wrong, of course. There are, always and only, the bad people, but some of them are on opposite sides."
In the UK, the general population are considered to be unwashed serfs by the establishment. .... VoiceofTruth
An arrogant consideration which leads surely enough to one’s own rapidly escalating downfall and ignominious demise, VoiceofTruth. Some would advise let it be, don’t rock the boat, continue to seed and feed them their historical and nonsensical hysterical needs.
An arrogant consideration which leads surely enough to one’s own rapidly escalating downfall and ignominious demise, VoiceofTruth. ..... VoiceofTruth
Sincerest apologies to Voiceoftruth should anyone have disliked and mistaken that arrogant consideration cited above to be VoiceofTruth’s rather than realising it referenced a very useful catastrophic exploitable and exportable vulnerability endemic in the establishment and similarly opinionated operations and wannabe false fake it to you make it Parliamentary democracy type charades ....... which always results in Unusual Unofficial Undergrounds that are simply able to stealthily enable relatively anonymous and practically autonomous AIDevelopment and Remote Spooky Distant Assistants for the protection and servering of Overwhelming Resource Traffic for Super Creative Official Opposition Resistance.
Accept and be grateful such is intelligently designed benign whenever realised and engaged as a life long friend for if ever treated as an enemy and battled against as a fiendishly fielded foe is both the fate and destiny of such humanity dire and existentially threatened in extremis.
I am unsure whether the downvotes are because some have taken an objection to you and will downvote anything you post, or whether it is simply that your posts are difficult to understand ;) .... nobody who matters
A downvote without explanatory feedback, nobody who matters, is akin to vapourware which hosts the shattered dreams of lost opportunities, which is a crying shame whenever evidently abundant.
I cannot disagree though that complex matters are rarely simple to understand, especially whenever one may know only far too little about a lot of what is difficult to understand and accept be more likely honestly true than not.
Fortunately ... nowadays ... only a few need to know and understand what is really happening in order for difficult and different things to be made to happen.
The posts are only lightly encrypted, and decoding just takes a bit of patience.I tend to like the occasional puzzle :). ... Anonymous Coward
Well spotted and understood, AC, .... ancient trusty secrets and methods of encryption for the wretched curse of dark and dirty deeds done dirt cheap are broken and outed, trumped and proven dangerously unreliable and susceptible to catastrophic failures employing and exploiting both current and future opportunities presented by SCADA vulnerabilities and 0days delivering the targeting and exercise and enjoyment of the otherworldly surreal benefits and almighty overwhelming rewards available in the vast virgin rich fields of novel and noble pornographic steganography and quantum communication for command and control leverage in places with spaces where a this can be a that and something else quite different and together something else quite separate and totally different again ...... ad infinitum ...... as the future progresses and produces quite extraordinary but simply super natural universal evolutionary change/Quantum IntelAIgent Leaps/Big Bangs/the Madness and Mayhem in CHAOS [Clouds Hosting Advanced Operating Systems] ‽ .
And your post, AC, is worthy of an upvote .... for being informative and helpful. Bravo.
The last I heard, British Conservatives were still all over the idea that 'only people with something to hide should want encryption'.
Of course, as with the Sir Pterry quote above, whilst this is actually true it is built around the easy to sell misconception that the only people with anything to hide are *bad* people.
My observation, after so many years of empiric data collection, is that many times, those who go into lawyering do so, because their head is a little too soft for mathematics and science, but they still want to be able to piss on the plebes from an ivory tower someplace. And bless them, but they do. Copiously.
"Just this week, CISA published formal guidance [PDF] on how to keep Chinese government spies off mobile devices".
Yeah. Try passing that on to Angela Merkel.
"threat actors"
Where does the USA get the front to say this? The gall of the biggest snooper and interceptor on the planet.
My heart bleeds for those poor innocent American politicians who now know what it feels like to be snooped upon.
The groups that pushed for backdoor encryption- who allowed foreign actors to break in despite warning that they would- should be considered treasonous. It was deliberately harming the citizens, businesses, and government of their own countries.
All brought in with fear mongering, claiming every email and website held paedophiles who'd harm our kids.
These people should be made to take responsibility.
Tis always this way, politicians are happy to impose stupid things against others as a means to be seen to be doing something against the outrage du jour, but get very upset when it comes back to bite them.
Just like the experts told them. But they don't listen to experts any more...
So: the experts have been proven right -- what a surprise. But I doubt that the politicians will learn and start listening to experts in other fields. One set of experts that I would like them to listen to are the climate scientists, some do, most pretend to.
The USA is about to get a dictator who will shut own and ignore all experts that say inconvenient things.
One good thing about Trump in this parcular case is he's a bombastic sort of personality. And doesn't like China getting one over on the US.
The Experts he's allowed to listen to will tell him encryption=ImmigrantPedoTerrorists. We want him to ignore those experts.
It should be pretty easy to convince him to find those responsible for opening up America's communications to the CCP and give them the strongest punishment possible.
So Trump may end up being the best chance we have to get this banned and to enshrine E2EE as a right in law.
Made to take responsibility? Absolutely. Considered treasonous? Not at all. Treason is a very specific charge:
"Article III, Section 3, Clause 1: Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort."
So, implementing backdoored encryption so that law enforcement can tap anybody isn't treason, though it is a really, terribly horribly bad idea, even if the keys weren't provided to (or discoverable by) foreign countries. Providing the keys to foreign countries that are legally considered enemies of the US would be treason. (Weirdly, giving full access to an ally or neutral country wouldn't.)
Except that's actually not true. Here, read it for yourself: Mobile Communications Best Practice Guidance [cisa.gov]
In Europe intelligence agencies have always targeted their own population, not foreigners.
People who want change or criticize the government or leaders are being branded troublemakers, undesirables and traitors and slammed into jail or worse. The best thing to do would be to forbid intelligence agencies to spy on the domestic population, just like in America.
This post has been deleted by its author
As I said many times before, the TTL of sanity amongst these people is approx seven years, which means aggressive calls for backdoors (accompanied by the usual 'terrorists/think of the children' arguments) will surface again around 2032. After them smacking these idiots with a large fish (sorry, slipped into Monty Python mode there) and/or making them look as ridiculous as the previous morons, the time will reset - for another seven years.
Enjoy the time in between.
(and no, I don't have any idea why the cycle time for this lunacy is approx seven years - suggestions welcome).
"As I said many times before, the TTL of sanity amongst these people is approx seven years, which means aggressive calls for backdoors (accompanied by the usual 'terrorists/think of the children' arguments) will surface again around 2032."
I was about to say exactly the same.
The sentence "Encryption backdoor debate 'done and dusted,'' from the White House dude shows a complete lack of memory ! We had the Clipper debate end of the 90s to start with, after the PGP dude faced prison, we probably had many other instances after that got lost for no good reason.
But one thing is sure: we'll have this debate again within the next decade when a new generation of politician will have again the "brilliant" idea of backdoors.
Anyway, thank you, chinese hackers for your support in closing this debate for some years already !
We simply don't believe anything that comes from places like "government", or like NIST.......
Instead we implement our own encryption. So when we communicate over Signal, our messaging is already encrypted before it enters the Signal channel.
The snoops are welcome to break SIgnal (they may already have done so!)....but all they will find is MORE ENCRYPTION!
Have a nice day!
Misdirection....another example:
Quote: "We do this on the basis of GCHQ’s cyber security expertise within the NCSC and also our unique intelligence-based insights, which help to contextualise the threat so that you – every citizen, every business – can take action to protect your sensitive data, your systems, and your IP. " Anne Keast-Butler Director GCHQ speaking at CYBERUK 2024.
But are you actually allowed to "protect your sensitive data" from the NSA or GCHQ? Misdirection and hypocrisy.....big time....all the time!!
But are you actually allowed to "protect your sensitive data" from the NSA or GCHQ? Misdirection and hypocrisy.....big time....all the time!! .... Anonymous Coward
In truth, and in both fields of physicalised and virtual reality, it is only you yourself not allowing and preventing yourself from protecting your sensitive data. One doesn’t have to follow instructions one has listened to or been advised by third parties to submit to.
Are you a man or a mouse? Squeak up if the latter.
Ah....They have never heard of "surveillance capitalism" on Mars.....they need to get educated..... ..... Anonymous Coward
The point being made in the post which resulted in your reply, AC, is that foreign third party permission to protect one’s own sensitive data is an alien requirement which can all too easily be exploited to reveal that which is best protected to remain totally unknown to foreign third parties ..... and one does not have to seek it. It is something you yourself freely deny or grant.
However, the fact that Earthly capitalism might have to rely on the holding and hiding of secrets and sensitive data in order to deliver functionality and prosperity is a colossal vulnerability with a massive arsenal of third party exploits and 0days and alien developments to guard against and try to prevent ever being able/enabled to happen.
Although if that is not true, then is capitalism safe and secure from attacks utilising such a vector ....and it can be explored and shared by means and memes based in the realms of fiction to generate capital and prosperity via the usual media channels that generate capital and prosperity from/for creative fiction.
Finally LE agencies seem to have come around, and perhaps the politicians. NSA and such figured this out almost a decade ago, but LE was resistant, since foreign matters are not their remit (FBI counterintelligence notwithstanding). They'd much rather the Chinese not be able to read it than they be able to. The time where solutions that would allow NSA to read but nobody else were available has passed.
As such data exfiltration didn't appear to require any sort of playful cleverness to achieve - it appears that the Chinese attackers found a dead-boring way to access the pre-implemented backdoors (rather than having to hack a chair out of wood, they just sat on an existing chair).
If encryption is going to work, it needs to be implemented on the devices that make the phone calls and/or send the SMS messages - too bad that would have no legacy support and if you are going to break compatibility, you may as well do the communication directly over the internet, rather than the internet plus a per call minute or per SMS cost.
That still won't do anything against metadata, as it's not like the telephone and SMS networks were designed for privacy - you're forced to select one number and use it forever (lest be faced with the issue of changing numbers) and every call and SMS is tagged with that number.
@GNU_Enjoyer
Quote: "That still won't do anything against metadata"
True....but only up to a point. Buy a SIM for cash. Buy some mobile minutes for cash.
Then the metadata does not point to any person!! (See the definition for "burner".)
Similarly, careful use of a laptop in an internet cafe might not point to any specific person.
Then there's the possibility of hacking someone else's WiFi.....so the metadata points to someone else....
Of course, only really bad people would go to the trouble of disguising metadata! Not!!
>Buy a SIM for cash. Buy some mobile minutes for cash.
That would be completely pointless unless you also buy a new mobile each time for cash, as each mobile chipset contains a uniquely identifiable IMEI.
For a very limited amount of mobile chipsets, a way to change the IMEI has been found, but that is not easy (plus a IMEI not in the database would likely be tagged).
>Then the metadata does not point to any person!!
I reckon a modern tracking device could quickly determine who's carrying it via the camera, accelerometers and/or gyroscope (gait analysis).
>Then there's the possibility of hacking someone else's WiFi.....so the metadata points to someone else....
Connecting to a "open" Wi-Fi network is not playful cleverness, nor a crack.
Attacks against WPA2 to guess the password consists of running pretty boring handshake capturing and then hash cracking software.
Quote: "...each mobile chipset contains a uniquely identifiable IMEI..."
Are you paying attention? The IMEI points to a DEVICE.........not to a person!
Maybe I really don't understand.......but the point of "burners" is that there's no account, no identifiable person on the phone.
If I've misunderstood then someone can elucidate!
The IMEI points to a device, but as soon as that is cross referenced to you (via location, SIM card account, gait analysis, audio analysis, SMS text analysis etc), that IMEI is from then on associated to you and every past and future activity.
Maybe if you are extremely careful (making the device totally worthless as a mobile), you'll be able to avoid associating such device with yourself, but the slightest mistake would lead to a possible association.
If you want reasonably anonymous mobile or phone numbers for SMS only, you'd be better off finding a SIP trunking provider that permits connecting via tor and paying anonymously (good luck with that) and you'll be able to receive and send SMS's (phones calls are technically possible if you find a way to get the trunk to use a TCP media protocol, but the extreme latency will not be a pleasant call experience) - but it'll be far easier to convince those who want to contact you to install GNU jami https://jami.net/ or Mumble https://www.mumble.info/ or Galène https://galene.org/ which happen to actually have real security.
People divide into the 'self-directed' (a tiny minority), 'those seeking to direct others' (e.g. politicians, clerics, ensconced officialdom, dog wardens, and their like), and the 'compliant' (people unwilling to pick a fight).
With regard to privacy, encryption, etc., the self-directed scoff at foolish machinations by legislators (and those 'owning' said persons) whilst arranging workarounds to suit themselves and/or businesses they run. No matter what the self-styled powerful demand, it is nigh on impossible to prevent highly encrypted communication, that is unless digital devices and the Internet are deliberately crippled in a very severe manner.
Members of the 'compliant' are catching on. Hence, the popularity of secured messaging, VPNs, and other means for obfuscating 'digital' activities. This movement caused consternation among government sponsored surveillance apparatuses. It also is inimical to vested interests dependent upon 'rentier economics' fostered by the notion of 'intellectual property'.
Clearly, 'The Great and the Good' of the USA are facing cognitive dissonance arising from the nowadays clearly established impossibility for confidentiality and secrecy being their sole preserve. What passes for government in the UK will huff and puff, as usual.
Dislike it and downvote it as some may be strangely minded to venture, Long John Silver, but one cannot credibly deny the truths shared in your post ....... which does more than just suggest some are determined to be recognised and accepted as just pawns to be sacrificed at the altar of Masters and Mistresses of Greater Intellectualised Property Games.
Quote: "...clearly established impossibility for confidentiality..."
Really? What's this then.....chopped liver?
If it is not confidential......then you can let us know what the message says!
## Begin ######
mHQre7AbW3Knwdav2Tqf8hy3EnSFONcfapUt8f2r2XMRid0dcZqno9I5EFURARAFuH2VCbaPi3UB
KNuLy5uhkLGLa1IH0D6bCFU1gzYvevoP2lUtOzGZorEFMRin2HCFmxkHy9S94jW5Ar4fcVaTAnAN
QJGBUlOLG5mD8ls943W9WRmXqJALMNCtyrank5CnIfkxgZWp6lsv2lCRwtahQtSjwbyvUviTOjmX
094PmhQxetk7AXCb6NuzglwpwN676nC5IlALuFun6t6XaxGBGnOjYzkB4XcJqxWl6FSHc9Kh0Neh
WT23uvOZOtw5qZMbkdMN0hUf4nYxsRuV4ZqzAl0dmzADCNqZObS7YFazQ1IjkBW1a7cvANwnm3UH
iz4JqhSFW9CXa509KNaPm1a1qTyjy5iVKnc5g1OjYfwtq3yTyVK1uF8VGZCJA76tS7erSLyrm1yd
Mryn6r8BSh0hILajsnOjUTKP8BMNyBMrKtk5wHoB8dUJEHkn2pgl4tuvsT2rSXy5OL6fER4nYFsj
0ZYLm3CTqPozabQxOnWVy1WHs3UJg36BMrwh29SnkH67iTqtkLa96J0N8TYlkbUZe5C1kfcVKp6h
yXKts1O9cDmbkPmRmVGr4DS3yP8vgFszytMN87mXiLKlKDoRGVAnupaZCx2VglOXQT8BOvCZGToJ
q9uhEdCjyHcTOBwZaJm1y1QLcbAvSxMLyfupKr6fwt0horGvgDuFoHeFqPczeBOtS7eR69apafmb
Y1SL29cLqZ8Ra7yR8LMtqrkB0BCx0Jcr2Z6HEHeJuXuVwrKVahQHqjGJAZWb2RCZcZGF23u3wVcp
MPS7ILYvsJ0TYRMlmtmPEzopgxOf8puTeBkpkhyzyTYrqrYfk1CnaZOTi1oZgtkxuzUNSTQ34z65
QlCVuHo10xi7EXSPkVInE5clwTk7KfGN85mdEPk1O94DyfIv812lAbkB6PKLoFg1s7WjknoB896N
6ncR0FY3IXOTm5i1Sb4VYvozGDmfElKhwZS9g5Q7oBShMLItS7M18RcnsraNQBAPmpkXwpwnITGH
Grelq7QDcfgXWbgtAdsBcZAdWzMtmTaTidknWlkdkVahCRYbKp0DkZazo3qn4tgJOHop0TuXAzcr
E7In8XyTCv2paheROP8hKZOBsNAPkzYdKBiBizoZufYHoPytaJyTO9oLG7eZU5E1KRcVWjE3cp2H
elWne7K7WxelGZkXoF6xStoXu7CDcpkZk78j2PmNGJsRunGBqfobabGJEdm1mHkBU9Gf4X4HojUz
KviVU92xIB8l21EVKXiNYrcVGDWn0VMLsVCr8z6fkpC1QXoPoHk7KLgv47UFS3Sh03Qd4BO1cLu7
InidCTqdMpq3SrSBWbk3efkZ8jGvyZYpyDQjejO1gh0DcBoxutMzMlgjgnkH2b83qFKbaLGZGR8j
KHSBAzWj6Z8B2rsJaXetOxqxaTYbsHCXePQhqZWt2joNMRqXydOvOxSzopqXY9kFAdi56X0tWVUP
EXurEvyV6v0ziN8l0BqNSzMv8f0bUHuLQtcTmpAlejylmToJoH0FYf6NyXyN8nM1qvkT6F0BI98l
QLGNYhi9Ib0JgpoR0p0JgpYvSrcBgrYZWR2B814teT89KvUvghih6xSds7wrUXsXWZoPmtEFa923
4vgPynCBQHib2JmPu9mtW1SPqFaxgnAlcx4vORkrgbkTGHsd8tQFIfaP4PmNqXsRsvgv8RM9QVYX
MTWDSVKvMJOXKdC5yR0vS3MrGLE7Sr2DGDe1sdOPQ5ATQDuPsHCfIhWfmhWP2RCZaLGviH4XOZQ7
sTORexevS7mpSvu52dWXQ5kRKTsp4Lcp2H6T87G96nSVKJkrc9c7uBGhGVq5elELStAbmVMzKDQj
UVol0nc1wDgbi5MfEBUzSnAjqHun4TqbSFE1gDM9ELOFOZ2lcJo9KVeL6foz4Z2FIfKtAjqXYlet
4j8HgTAtebQp6fMDmT09kdwDobyBclM7OnUJUj41SnCF6Fqb0hA7g5wh0DaNs705eVIJwHWHw7cr
Wzs3w9Mt0N07KZCBE3ypclk3alibmd0fiPCHYXEr6zYPy9Y1WZkTEzajq9I1c9CVC3GlQzIfAteH
K72DCfUf4Fmxi123anuhyJyN8hM9SbCtsN4vAvezypa7cPoBcDCVUVKt2PG1SbA7WZmDevSTcROT
e3iRG7Av
## The End ######
Of course, when the feds pushed for these backdoors, they were told exactly this would happen; that with a target that juicy, it WILL be cracked into and used by whoever (China, or Russia, or North Korea, or some organized crime, or some disorganized crime... i.e. random hackers...).