The belief in encrypted message apps is a gold mine. In Brazil, the former president Lula has been convicted to jail. A hacker broke Telegram and got the messages that demonstrated a conspiracy between the judge and the prosecution: https://www.wired.com/story/brazil-hacker-bolsonaro-car-wash...
The conviction prevented him to run for office (he was the favorite in the polls). Yesterday the ex-president got his political rights back and will probably be candidate in 2022 to try to defeat Bolsonaro.
Everything due to the hacker (And the journalist Glenn Greenwald of Snowden fame)
>The belief in encrypted message apps is a gold mine.
I think you mean "the belief that non-E2E encrypted messaging apps are actually E2E-encrypted messaging apps" is a goldmine. Ditto TFA.
Real E2E systems aren't invulnerable: there are certainly hacks that target endpoint devices. But it's astonishing to me how many people end up using centralized, non-E2E apps when secure ones are available.
This is fantastic content, but I should caution that in general it is not a good idea to measure international justice , using US law as your standard.
The US is just simply centuries ahead of everyone else.
Take for example Ex Parte. The concept of ex-parte does not exist in Brazil, or in the vast majority of the world.
Case in point: Ecuador. Lawyer Danziger took on monster Texaco/Chevron and got a huge 10B judgement against them for environmental destruction. Now he's sitting in a US jail for doing something perfectly legal in the tiny andean nation.
"A U.S. district court later ruled in support of Chevron's allegations that the report had been ghostwritten by Mr. Donziger and his associates and an environmental consulting firm hired by the plaintiffs in addition to participating in the bribing of the deciding judge."
Donziger looks like a crook according to your provided reference.
But there is 2 sides to every coin. Hundreds of people living on less than $1 per day died from painful cancer with no access to treatment - in their mid 20's - because of the oil spilled by the Oil firms there.
Donziger wanted to make that right.. against overwhelming odds. He represented the impoverished victims. He starts looking somewhat decent under that light, don't you think ?
Was there another way? I'm not really sure. So I go back to the facts. The law in that country, is clear.
Strictly speaking, that was not illegal. We have a judge, busy, perhaps even incompetent, wanting out from a complex opinion. He took the easy road out. To anyone in the US, this would seem bad. But that sense of justice is skewed to US law, which is unfortunate because US law and procedure is lights years ahead of other countries.
What I am saying is that there is room for considerations outside what is appropriate, because other legal systems are not build to defend the powerless, only the powerful.
US law procedure is very good at defending the powerless. That's almost always never the case elsewhere.
End-to-end encryption protects against interception. No encryption will help you if your phone is compromised since the data is just sitting there in the clear.
The judge may have been compromised but there are also cases where brazilian judges retaliated against WhatsApp when it failed to deliver decrypted messages:
>But critics say more than 90% of its customers are criminals.
They're a bit thin on the details of exactly who those critics are, which makes that statement inadmissible other than for us to draw the inference that the critics are law enforcement agencies - or worse still, governments.
Don't get me wrong, I'm not condoning the misuse of encrypted messaging, only pointing out the convenient straw man that's been erected here to manipulate readers' emotions in order to short-circuit their ability to think critically about what's ACTUALLY been done by the authorities.
Subscriptions are €2100 per year. It looks like the features it has over cheaper or free alternatives are disabling camera, GPS, and microphone, deleting messages after 30 seconds, a "panic" password that if entered causes the device to be wiped, and the app is apparently somewhat hidden so it isn't immediately apparent to someone looking at your device that you have it.
I'd not at all be surprised if they had a disproportionately large number of criminals among their users. There are plenty of non-criminal uses for which you need highly secure messaging, but much fewer for which you need 30 second deletion, a panic mode, and to hide the fact that you have a secure messaging app.
Regimes that invade your devices may be closer to home than you think. Whilst a manager at AWS I was traveling frequently. Security asked me not to carry work computers or smartphones across US, UK, or PRC borders, the habit stuck.
I would expect those features would not be very useful in that situation, due to the differences in the burden of proof and the rules of evidence in a court of law and in the court of a suspicious spouse.
If you emergency wipe your phone when you see the police knocking on your door that is quite unusual, but it just indicates that you have something you do not want the police to see, and that keeping your secret is important enough to go through the hassle of dealing with a wiped phone.
That something might be completely non-criminal but that would be extremely embarrassing or socially or professionally damaging if it got out. Even if it is something criminal, it might not be the particular crime that the police and prosecutor want to charge you with. The prosecutor needs to prove you did that particular crime, not merely that you have secrets (everybody has secrets), and so the fact that you wiped the phone probably isn't even admissible as evidence.
Emergency wipe your phone when it looks like your spouse may get a hold of it? Good luck talking your way out of that.
Of course there are legitimate cases that want to use these features, but I have my serious doubt there's enough legitimate market to support such a price.
I can't help but wonder how many criminals you've met. I've "met", well observed those who robbed stores I used to own on about a monthly basis. One smashed the glass door of a cigarette display with his arm. The loss of blood was so great he had to get his grandma to run him to the local hospital, where the police picked him up. Another threw a brick at the shatter proof glass door, the rebounding brick knocked him out. A third stole lottery tickets, all numbered, which he redeemed a suburb away which set off alarms. The police picked him up at the store. Then there are the numerous thefts of CD's, condom's and other small items - in a store with 32 cameras.
These activities are very high risk, very low reward. Almost all repeat offenders are caught. In fact of the hundreds of robbers that passed through our doors, only one wasn't convicted. The penalties when caught are large.
In my experience, planning and doing something that would make life easier this time tomorrow isn't something they do, or they wouldn't be robbing a store today. If they are a king pin importing drugs the time span might expand to a year or two, but nonetheless the calculation they will be in jail after that and have lost all their gains plus some hasn't been made, or perhaps just not appreciated.
These people aren't the sort of people who spend €2100 worrying about tomorrow. It's possible the people who do spend that sort of money aren't any nicer, but they are smart enough not to be criminals.
Is it misuse? Being able to say what you want (illegal or not) without the government knowing about it is arguably one of the most advertised features of encrypted messaging.
(I agree with your assessment, of course. Just curious what your personal stance is.)
I take it as axiomatic that if I use a medium to coordinate a murder, it's a misuse of that medium.
OTOH, I do not take it as axiomatic that if I use a medium to coordinate commission of a crime, it's a misuse of that medium. There are plenty of crimes that are not only perfectly fine to commit, it may even be immoral to not commit them.
If people commit murder using tools they have available, once you have enough users, it is inevitable people will use your service or medium to commit murder. It’s true to Facebook, it’s true for taxis, it’s true for screwdrivers, it’s true for hotels, it’s true for pretty much anything.
Unless something has clearly been designed to cause problems this way, it’s just blaming the tool instead of the user.
Get a group of 20 random people together and tell me there isn't a dickhead in there somewhere that will intentionally misuse things for whatever perceived advantage they can get.
It's the typical "think of the children" or "but the terrorists" approach. Everyone is treated like a criminal because some of them could be.
Calling the users "criminals" makes it harder to defend them at first glance because the first reaction is "you're defending criminals". And attaching a number to this, even an impossible to support statistic, is meant to make the statement more believable, everyone likes nice, round numbers.
Of course they hope nobody raises the not so obvious points. Even taking that statement at face value (which you definitely should not) what about the other 10% non-criminals whose privacy was violated without any reasonable cause? Where else are they using the excuse that 90% success rate is acceptable? If 90% is enough to paint everyone with the same brush, when 90% of users are not criminals why aren't the other 10% also treated as innocent too?
In reality just about 100% of "critics" saying this are law enforcement agencies or governments who will violate your rights or break the law in a heartbeat if it means getting their way.
is that quote any more of short-circuit than using the phrases law enforcement agencies or governments as a pejorative?
I mean, isn't it fairly legitimate for law enforcement agencies or governments to criticize software which facilitates crime, or stops those agencies from stopping it?
People always reflexively dismiss this argument, but crime is a real issue.
Crime is arbitrarily defined. For example, in the UAE, possessing porn is a crime; would you want to go to jail if the authorities found an explicit picture on your phone?
Also, LEA and govts routinely abuse their powers in the name of fighting "crime" or "terrorism" or whatever is the newest thing they can scare people with. It is only reasonable to assume malintent in their propaganda.
Just because certain behaviors aren't universally criminalized didn't mean law is arbitrary. If someone shot your family you would no doubt not think laws against homicide are arbitrary.
Moreover, misuse of a thing does not invalidate the proper use of the thing, a principle which also applies to legislation and law enforcement.
You're running into the distinction between natural rights and legal rights. You possess certain rights because you are a human being. One of those is the right to life. You could be in a place with no recognized law, but you can be damn sure that murder would still be punished.
Demonstrates what I've heard before as a warning about those cracking bounties. If someone is able to break it, is it more valuable for them to claim the reward or exploit it? Especially when the crack could be sold to or done by government actors.
>It defended its services, stating they “strongly believe that privacy is a fundamental human right.”
> But critics say more than 90% of its customers are criminals.
How do the critics know? This appears to be an attack on privacy. The implied idea is that personal communication for all should be published at least to law enforcement so law enforcement can do a better job of finding the baddies.
Given that the app has features like "delete messages after 30 seconds" and "enter a panic password to delete all your data", a 90% drug-dealer/political-activist ratio doesn't seem far-fetched to me.
If you build an anti-witch-hunt app, most of your clients will be witches.
One is not caused by the other, and reality never ceases to surprise. Though with the monetization model, I will admit, they surgically targeted their demographic.
Besides which, stop marginalizing the 5 civil libertarians you insensitive clod.
(The Aphorism goes: Make a country where witch hunts are illegal, then the population will be 5 civil minded libertarians and a million witches).
Of course nobody wants to discuss that the 5 civil minded libertarians might have a point, and the unsaid snicker that reverbrates in the ensuing silence is that if you make something easier, you select for it, therefore one should not make undesirable things easier. Therefore the implication is left that the one being persuaded is too dim to realize the consequences of their decision.
This goes completely out the window when one takes into account that there may be a legitimate, though unpleasant need to tolerate the existence of something unpleasant due to the greater damage that could result from doing something drastic.
Fun and hilarity only continue to escalate from here. The wise would be well advised to simply move on.
As a Belgian citizen (but not a criminal, as far as I know) I'm very interested to hear the HN community's take on this. The local press is saying no encryption is safe for the police (anymore) and that it was Belgian law enforcement that was able to crack the encryption of the app the criminals were using.
I wonder if the press knows what it's talking about.
From what I read in the Dutch news, they managed to crack about half the messages so far. That they haven't cracked them all indicates that it is not a vulnerability in the encryption itself. I suspect that the police managed to gain physical access to the servers and went from there. Opsec is really really hard.
Fun, unrelated story: apparently some of the intelligence operations managed to get their hands on the laptop of a target while it was at some maintenance store to get the screen replaced. They managed to install a physical keylogger inside it with its own radio, but hooked up to the laptops power supply. This is the kind of shenanigans you have to be aware of and defend against when you run a service like Sky ECC. The slightest slip up and you are doomed.
It'd be nice a to have police officer talk about this :-)
But is it me or police techniques such as gaining physical access to criminals, flipping them to informers, close surveillance, etc. continue to be very efficient even in the face of quite good technology ?
To expand in case it isn’t clear... if you have a federated client it has to work to a standard, a backdoor at the client could be added on one app but probably not all the options. If you were trying to hack a system like this and they don’t use a federated client, the only option is the “official app” and authorities could have taken control of that, added a backdoor, and pushed it out as an update.
This could still happen with any one or two or multiple federated apps, but the changes at a lot less likely this would go undetected.... then again... I have less faith in the “many eyes” theory of these things since HeartBleed was an OpenSSL flaw for years and that was open source no one ever noticed.
Most likely Sky ECC had some kind of weakness or vulnerability that made it vulnerable to attack.
Encryption is really hard, and one mistake can unravel all of your efforts. I doubt that a boutique shop like Sky ECC's owners had the resources to secure it as well as they claimed.
If you go to their store page, you'll see their side of the story. Basically they say that the hack clients were sideloaded / modified versions. Which if you think about it, might be the way the police cracked the network.
"Sky ECC platform remains secure and our authorized devices have not been hacked.
There have been recent news articles that claim Sky ECC has been hacked and is involved in criminal activity. This information is not accurate. We have looked into these claims and discovered that a small group of individuals illegally created and distributed an unauthorized version of Sky ECC which they modified and side-loaded onto unsecure devices. Security features that come standard with the Sky ECC phones were eliminated in these bogus devices. ..." [0]
Sowing confusion with bold claims of compromise will lead criminals to not believe encrypted platforms are not secure and not use them, instead using easier to intercept methods of communication.
I don't. In fact I don't believe any kind of PR, really, as that whole exercise is more about telling a favorable story than actually informing on anything.
But those bold claims of compromise are backed up by a large, international, and simultaneously-executed roundup of the service's users, who from the likes of it all had Sky ECC in common. Also, the last time this happened was when Encrochat was compromised? That wasn't even all that long ago.
Because Signal definitely will comply with a judge if given good reasons, like "here is a criminal organization using your app, help us dismantle it" and Telegram is the same as Signal with the exception is Russian.
Also encryption is as good as its weakest link, in this case are humans. Probably police flipped some criminals to be informers and now it's running a smoke&mirrors campaign in media in order to send rest of criminals to make more mistakes.
As for the ideal way to do organized crime the main ingredient is to own judges + police and you're set for life. From time to time let some minor transport get intercepted by your corrupt policemen, have some small fish get fried by your judge and stir waters for a few days in media in their favor. Maybe this news is exactly that and while the newspapers are reporting few millions captured you haul the rest of billions without a hiccup.
Love the disclaimer ("but not a criminal, as far as I know").
Have you read those bizarre fake facts like "it is illegal to eat oranges in your bathtub in California" ? If you haven't, I am sure you have broken myriad weird laws like that and are, in fact, a criminal ! :-).
When your client base is comprised of child traffickers, cocaine smugglers and murderers. A company that prides itself on hiding nefarious figures with little to no legitimate clients will surely find itself at the end of a LEO hack.
Maybe I'm overconfident in the security of an up-to-date iOS device with a complex passcode, but I would have just used Signal if I was tasked with running the IT ops of some crime syndicate.
Turn of all cloudy functions, hell maybe use some kind of enterprise MDM to enforce polices on your subordinates.
Signal is bound to a phone number, no? I think I would go with OTR via XMPP, or whatever is a modern protocol. Or maybe Matrix is now a good alternative?
I didn’t use OTR since a long time now, so not sure if that’s still a good choice, but it’s quite versatile and easy to setup.
There are no such thing as burner phones in many countries any more. You have to show ID to buy a SIM card, and a copy is made and sent on to the authorities.
Also, Signal revalidates the number when restoring from backup. If you don't have the number any more, you can't revalidate and have to start over with a different number.
I bet you 50 euros that I could pay a random homeless person or drug addict to go buy a basic android phone with SIM card and service at retail. The sort of people who are running drug smuggling and middle/end-retail distribution operations have access to lots of such persons.
I'm not going through the hassle of buying a new phone just to create another centralized chat account. I have email (with GPG if you don't mind that,) a jabber account with OMEMO enabled clients, and SMS. Two people have bothered to ask if I want to use signal and everyone just uses SMS.
The OMEMO killer feature is that it can deal with clients that are offline. Unfortunately it needs access to cryptographic state stored on a server to do that. So it can't be used in a generic way like OTR. In the case of OMEMO it uses a generic XMPP persistent data feature to store that state. So OMEMO causes a requirement for a particular feature enabled on the server ... which is slightly tacky in the XMPP world.
Any technical info on how the app was compromised?
If I worked for the government and I wanted to break into an app, I'd simply send a letter to the app store saying "Yeah you have to post this app update that contains code written by government hackers to leak the keys / messages of (investigation targets | everyone). If you don't, your executives / employees will (be sent to jail | be kidnapped by black ops forces, shot, and buried in an unmarked grave). Ditto if you tell anyone about this letter."
> If I worked for the government and I wanted to break into an app, I'd simply send a letter to the app store saying ...
There is no need for the "if" qualifier. How about this:
You pass a law that says the government can compel any software company to assist them in any way they deem fit. For example they might demand Apple assist them by modifying their iPhone keyboard so it sent all the keys tapped together with the app they sent those keys to (eg, the key strokes the sent to Signal). The law could also demand Apple provides access to any device they target by auto installing the new keyboard app via auto updates. For good measure, the law could carry an automatic gag order, preventing any disclosure of these requests for Assistance and Access.
The country that actually passed such a law is Australia. It's called the "Assistance and Access Bill 2018". [0]
So there you go, it's already been done. There is no need to speculate about what might happen - it's already happened.
Not 100% sure about the iOS side of things (my guess is because App Store apps are signed by Apple and you can get a new dev cert issued to you from Apple, Apple could sign what ever app the 3 letter agency supplied them. But but someone will notice that there was a new update and it wouldn’t take long before news of which would get back to the devs, same would also apply to Android), On Android you used to have to sign your apps yourself before uploading them to the play store. The store wouldn’t accept an app signed with a different key. Even if you bypassed that (by sideloading the app for example) the OS would still refuse to update the app.
It was fairly common to see on Android dev forums people posting “I’ve lost my signing key, what do I do?” To he told they gotta upload under a different package name and hope their existing users would migrate over to the “new app”
Now these days Google offer to hold your signing keys for you (cause if you lose your keys you lose the ability to update the app) and if you want to use Googles App Bundle ability you have to opt in (because Google repackage your app for different device types automatically) but you are still free to hold the keys yourself and sign your builds without Google taking a peak at them. Opting into App Bundles for an existing app requires you to upload your existing signing key, so Google can sign on your behalf and devices with your existing app will accept the updates Google’s bundle process produce.
Now of cause Google could push some updates to Android as a whole and make a back door to bypass app sig checking, but that would be opening holes on a lot of devices, most of which won’t actually be your target. And if we are going to go down the road of back roofing OS’s to allow apps from unknown keys, might as well just back door the OS and skip the process of creating a fake update for that one app.
Now if the app is using Google’s App Bundle feature, it would be possible. But if you were creating a “secure messaging app” why would you hand the keys to the kingdom to anyone else? Just write some extra build scripts, compile the different builds your self and keep those security brownie points.
If a government habitually did this, then you can be sure that people working for such a government would be treated the same way. You need to at least have the illusion of fairness. If you don't, then it eventually explodes in your face.
I had just read about Dutch meth. That's one thing I never thought I would hear about, Dutch meth. However, a Breaking Bad European spin off would be interesting.
Not quite Breaking Bad, because it comes at the story from the other direction, but there's a German show on Netflix called How To Sell Drugs Online (Fast), which is pretty entertaining so far.
I expect if the series lasts long enough they'll work the storyline up to manufacture.
If you visit the app's website, you get this big popup.
-------------
Sky ECC platform remains secure and our authorized devices have not been hacked.
There have been recent news articles that claim Sky ECC has been hacked and is involved in criminal activity. This information is not accurate. We have looked into these claims and discovered that a small group of individuals illegally created and distributed an unauthorized version of Sky ECC which they modified and side-loaded onto unsecure devices. Security features that come standard with the Sky ECC phones were eliminated in these bogus devices.
Sky ECC considers these actions as malicious and we are taking legal action against these individuals for defamation and fraud.
We have also blocked these users from our system and enhanced security to prevent reoccurrence of this issue. The implementation of these enhancements temporarily interrupted our Sky ECC service which has now been re-established.
We continue to stand by our position and our product. We strongly support that people have the fundamental right to privacy. With the extensive and broadly documented rise worldwide of corporate espionage, cybercrime and malicious data breaches, systems like SKY ECC are the foundation of the effective functioning for many industries including legal professionals, public health providers and vaccine supply chains, celebrities, manufacturers and many more.
We believe that the individual right to privacy is paramount for those who are acting within the law and we do not condone the use of our product for criminal activity. We also have our Terms of Service that every user must adhere to and, provided that they do, our company will work feverishly to protect their rights with the world's most secure platform.
Sounds like they are attempting to stop the unauthorized/compromised versions from working with legit versions, or some sort of validation routine such as keys only provided to the client if installed via legit means and passes some sort of local audit (yes, all defeatable, but making the process harder).
>Sky ECC promised a 5 million USD (€4.2 million) prize on its website, which is currently down, to anyone who could crack its encryption.
>
>It is not yet clear if Belgian authorities plan to claim the reward.
For the EncroChat takedown they didn't crack the encryption. They instead flipped an employee who cooperated in the installation of a remote access Trojan on all the phones. Are they actually claiming they did something different here?
The Trojan angle is pretty solid because EncroChat was at one point fighting malware on the phone[1]. Not so much for the insider angle so I was probably thinking of another case. Too late to edit unfortunately...
> since they remove GPS, microphones, have a custom OS and provide anonymous burner SIMs on a subscription
That is, do a bunch of crap that will immediately make you stand out to any modern (by which I mean, total) surveillance agency. The syndicates' problem isn't stupidity but immodesty – typical of organized crime. They thought they were, not smart, but the smartest, and that made it easy for other criminals to sell them garbage security products.
> From a network perspective it’s indistinguishable from a 4G hotspot
Not exactly, because that would depend on how competent the network is. For a "dumb" network yes, they won't know whether it's a 4g hotspot or not, but it's conceivable that an all-knowing adversary (eg. NSA) can infer the make/model of the phone based on fingerprinting or even the IMEI.
Kinda true.
If they are talking the truth, they said they could see the phones turning on around the harbor of Antwerp, Rotterdam and in Colombia.
The 3 key points for probably 50% of europe's coke.
How that they can see them being turned on might be something to do with your comment.
So this puts an absolutely huge amount of trust in one place (the Sky ECC) company. A single point of failure that can control and have access to everything if it goes rogue. Surely just having some internally maintained ROMs with Signal/Telegram/Riot/OTR and your own process for procuring and cycling burners would be better if you have the money and resources?
Why would you work at a criminal syndicate where you could just work in big tech with these levels of skill? These syndicates would have to pay $1 million /yr minimum to justify the risk.
Depends on the cirumstances. For example, if you have a criminal record, some of big tech is quite a bit less interested in talking to you. Criminal syndicates, obviously, don't consider a criminal record a deal-breaker.
How do they hire talents? You can make lot of money legally if you’re a smart person in tech, I guess they have to offer either ridiculously high salaries, or something else?
Convenience. Why bother with stuff like, say, validating your Signal "safety numbers" to ensure that you are actually talking to your contact and not the police? Instead, just farm out all the boring detail to someone else and buy a "secure" phone for $1-$2k. Unfortunately, at that point you are no longer effectively end to end.
There was a case where a company was selling a "PGP phone" where it turned out that, to save having to bother the customer with key generation on the phone, they were doing it on the servers[1]. So the police grabbed the servers with all the private keys and there were a lot of sad customers.
To do end to end encryption in a way that works, there is a minimum level of understanding required. These "secure" phones are really a type of scam that preys on the not sufficiently informed.
Another likely scenario, people who do "underground" things prefer using not so popular tools to evade authorities but that may prove to have the opposite effect if they're not built robustly.
Provided you sometimes meet your fellow criminals in person, or you have deaddrops or runners who can distribute things for you, you could just hand out a terabyte+ harddrive worth of pads every once in a while.
I’m a little surprised they would choose to advertise the fact that they’ve been able to gain access to this traffic.
Surely disclosing that will just have driven the same users to other apps and they’ll have to start from scratch (and presumably get lucky again in the future)?
They have to disclose the source of information to be able to use it in criminal cases.
>Surely disclosing that will just have driven the same users to other apps and they’ll have to start from scratch
From the sounds of it this app had already been cracked when the Eurochat bust was announced, allowing them to scoop up all the users who tried to just move to the next alternative. I imagine trust in the "secure communications for criminals" ecosystem will be low for a while.
Police did a similar thing with darknet markets, they secretly took control of the second largest (Hansa) and then publicly announced the bust of the largest (Alphabay). They ran it for a month, collecting all the information (and money) they could (even pulling tricks like deleting all the images so drug vendors might accidentally reupload ones with EXIF data) before shutting it down. All the better to erode trust in the entire ecosystem.
Change my mind on this, but in countries with freedom of speech, the only reason to have this much 'privacy' is if you're doing something shady. Again, looking for a conversation here.
edit: By 'this much' I mean going extreme lengths to secure privacy, the online equivalent of using a numbered swiss bank account. Nice discussion so far, thoroughly enjoying it. I don't mind the dislikes, if that makes your day better, dislike away.
This inevitably came up back when I taught privacy and security classes. I always asked everyone with kids to raise their hands (most hands went up).
Then I would ask "don't raise your hands, but when dealing with your kids, have any of you ever acted in a way wasn't captured on camera?"
I don't mean beating or physical abuse or anything that horrible, and everyone knew it. Combine young tired kids with a cranky, tired adult, and it's almost guaranteed that the adult will have had at least one rage meltdown.
They probably only yelled and ranted. But they probably looked like a monster doing it.
How quickly would such an image or film go viral? And how condemned would the person be?
We are all foibly humans, we all have moments that we regret or that fill us with shame. And we're all glad they weren't recorded for posterity.
Privacy isn't about protecting your best face, your public face. It's about protecting all of your faces, all of your moods, your knowledge, your relationships, etc.
We have free speech, but do we have freedom from judgementalism? Until we do, we all need privacy.
Thanks for the example there. I should have clarified better I meant more like the online equivalent of numbered swiss bank accounts, not a simple visit to the doctor's office or yelling at kids. I think one of the key discussions of this decade will be how much is too much privacy - and how little is too little privacy. We will see products and services triumph and fall based on this discussion.
It's about trust. If someone is trying to find out what I'm doing, I'm going to hide what I am doing because they are acting suspicious. The more asymmetric the power balance, the less trust can exist.
A less biological, more modern concern, is that a potentially super-intelligent actor (e.g. an ML team dedicated to finding human weakness and exploiting it, like marketing depts do) could find out things about me that even I didn't know and use it against me.
In the modern world complete paranoia and distrust in is the only strategy with guaranteed sucess which respects our drive to survive. Mass-manipulation of elections is a symptom of the disease.
One aspect to this is that cultural norms, and those in power, change over time. There are tons of people who said or believed things 10 years ago that would get them fired today. And that’s in countries with freedom of speech.
I’d be shocked if most people would be ok with public disclosure of every inconsiderate, off-color, or poorly worded joke you’ve ever made in private. That’s leaving aside things like intimate conversations with a spouse/SO, etc.
That said, I wouldn’t be using a service like this to get there, but I do value the ability to use a privacy-focused messaging app in my day-to-day life.
Not sure of the provenance of the quote, but I heard it from Steve Gibson: "I don't have anything to hide when I'm using the toilet, but I still like my privacy when doing so."
Exactly this, +1. I definitely have nothing to hide but I really don't want my photos of my kids to end up in some dark web location used by pedophiles, just because google is an idiot and let it slip while backed my photos without my consent in their cloud (true story, I had to fight 3 months to have that backup deleted from their server).
That's nice but it can't work in every circumstance. Perhaps the abusive spouse is a cop, for example, or someone with connections to the local government who would be likely to find out if the police were involved. Perhaps the victim simply isn't convinced that they would be taken seriously or receive sufficient (and timely) protection against retaliation. It's good that there is a system in place which should help the majority of victims, but sometimes unique circumstances call for unique solutions.
The key word in what you wrote is "shady" because that word is going to be open to interpretation by the enforcers who are almost certainly corrupt to some extent. So, it's better to just limit the power of the enforcers as much as possible (in other words, the maximum limit that you can convince your society to allow).
Can you look up emails or listen to phone calls of a high ranked politicians or the rich elite? You can't because they think it's none of your business and have power to do their business in secrecy. There's a lot of shady people doing some large scale crime.
You can want to keep something secret without doing something shady.
How you want your doctor to tell you that you've got gonorrhea: in a private conversation in their office, or through shouting it at you in the waiting room?
Some great ideas thanks. But I feel most of the examples given are not adequate. By 'this much privacy' I meant going out of way to use 'untraceable' software. I don't think a doctor's office is relative to this, more like a numbered swiss bank account.
Ok, think of someone in a situation where the cost of being discovered is too great, even if unlikely.
Whistleblowers, human rights activists, people in abusive or dangerous living situations they can’t immediately escape, sexual assault victims seeking support in private, a well known person who has personal issue they want to keep to themselves.
If you stand to lose a lot by being identified, then you’re a use case.
Why is using untraceable software something that should be considered as "going out of your way", in your opinion? I think it's just because it's relatively uncommon today. But if all software was close to the untraceable end of the spectrum by default, the world would be better place for it.
Interesting point. In the Netherlands, many houses don't have curtains, you can see directly into the living room from the street. It stems from the old tradition of wives being accountable when their husbands were at sea.
I learned from your comment (perceived) privacy is also cultural.
I think examples presented in the thread are edge cases, and we never design systems based on edge cases. I think we should stop normalizing advocating for extreme privacy.
Protecting personal information is a different level of privacy than total privacy/anonimity. The first is reasonable, and covered by GDPR and the like. By asking for total privacy you are just asking to make it simpler for crooks. Also, people are always asking for total transparency from governments, so why is a little reciprocity so bad?
The conviction prevented him to run for office (he was the favorite in the polls). Yesterday the ex-president got his political rights back and will probably be candidate in 2022 to try to defeat Bolsonaro.
Everything due to the hacker (And the journalist Glenn Greenwald of Snowden fame)