United Kingdom
General community for news/discussion in the UK.
Less serious posts should go in !casualuk@feddit.uk or !andfinally@feddit.uk
More serious politics should go in !uk_politics@feddit.uk.
Try not to spam the same link to multiple feddit.uk communities.
Pick the most appropriate, and put it there.
Posts should be related to UK-centric news, and should be either a link to a reputable source, or a text post on this community.
Opinion pieces are also allowed, provided they are not misleading/misrepresented/drivel, and have proper sources.
If you think "reputable news source" needs some definition, by all means start a meta thread.
Posts should be manually submitted, not by bot. Link titles should not be editorialised.
Disappointing comments will generally be left to fester in ratio, outright horrible comments will be removed.
Message the mods if you feel something really should be removed, or if a user seems to have a pattern of awful comments.
view the rest of the comments
My understanding is they've done bugger all. MP's behind the bill have merely said they won't use the provision, primarily because there is no sufficient technical means to do so, but the wording of the bill hasn't changed.
If the bill goes through as is then businesses may be compelled to create the means to do so, regardless of it breaking encryption - maybe they won't do it right away, but they'll have the perogative under law. It wouldn't be too much more effort to throw in a gag order and prevent public disclosure. I'm sure Signal and a few others would kick up a stink and leave if they were targeted, but I could see Facebook and Google signing up, for a price. Hell I'd be more surprised if WhatsApp didn't already have backdoors.
What will happen here will be exactly like what happened with the net neutrality laws in the US. Even if we beat it once they'll just keep trying until the media gets fatigued and they can pass it without a large amount of uproar. There's no legal way for us to stop them.
Not there is a feasible way to remove e2e from the internet. tons of banks would just stop working in the UK. the bill wouldn't last a week.
I see this argument every time this comes up but it's not true. The end to end encryption they are talking about is between users so the service provider doesn't have access to the data.
You sent a WhatsApp message and it's encrypted right through to the recipient's phone.
Your banking doesn't do that, it's encrypted between you and the bank.
Don't get me wrong, I agree with you there's no feasible way to stop it and hasn't been for 30 years since the release of PGP, but it's not about encryption in general, it's specifically encrypted communication between individuals and bringing other stuff into it just weakens the argument against it.
They might be referring only to instant messaging, but in a technical sense your communications with your bank are encrypted e2e, where one end is the bank and the other one is you. there is no intermediary. The important part in what you said is the recipient, there user recipient in my communications with the bank is the bank itself.
Anyway, if this bill is only about instant messaging, disregard my message, but I hope messaging apps just stop working.
Yeah totally agree in the technical sense but if they want to spy on your banking they can go to your bank. If they want to spy on your instant messaging they can't.
The bill doesn't mention encryption at all, it only creates the ability to compel service providers to grant them access on request. Breaking the encryption is the only way they could do that. The law isn't telling them not encrypt traffic directly.
Up until the last decade, law enforcement could access pretty much any communications with that appropriate warrants. They could intercept mail, tap phones, get access to emails. E2E being so widespread is fairly new and I vaguely remember messaging platforms implementing it to avoid all the potential legal problems with law enforcement around the world and and international user base. I have no source for that though.
I can imagine it's a potential minefield that they don't want deal with so removing their own access solved that problem.
Don't get me wrong, I believe people should have access to private communications and I think all the rhetoric about protecting children is BS. It's just an easy way to quiet the dissenters then they expand those powers later on.
Tbh you can just do it client side once it's decrypted. It may not be that hard to circumvent but the vast majority wouldn't bother.
I'm hoping this just doesn't get passed in its current form. But not sure the house of lords will have much understanding of this stuff.
They want to do client side scanning which technically keeps E2E encryption but basically destroys the principle behind it. Today it's CSAM, tomorrow its terrorism related phrases, next year its "anti-government sentiment"
Which won't affect the majority of people at all. Which is how they get away with it.
The people who do care will just move to safer alternatives.
Literally. I believe most criminals aren't using WhatsApp. Moreso some weird thing called "EncroChat"
Exactly.
But you do hear a lot about Facebook groups for it and shit. I'm guessing many of them are just stupid as fuck.
Which I guess is the target of this.
If they're that stupid can't they just have people infiltrate the group like they do with encrochat