• ryannathans@aussie.zone
    link
    fedilink
    arrow-up
    46
    ·
    24 days ago

    If signal pulls out of Europe we’re in a pretty fucked state. Apps like signal will be reduced to operations it a few fringe countries eventually

    • ISOmorph@feddit.org
      link
      fedilink
      arrow-up
      31
      ·
      edit-2
      24 days ago

      Signal is nice because it has a pretty good adoption rate even with non techies (which is why they’ve been mentioned by name in the chat control proposal). But privacy enthusiasts will still have briar/simplechat/xmpp. Those aren’t centralised like Signal and will be a lot harder to regulate

      • 0xtero@beehaw.org
        link
        fedilink
        arrow-up
        31
        ·
        24 days ago

        ChatControl 2.0, if passed means your entire device is backdoored so it doesn’t matter what apps you installl, they can get your info pre-encryption

          • 0xtero@beehaw.org
            link
            fedilink
            arrow-up
            22
            ·
            edit-2
            24 days ago

            It’s great as long as you can guarantee that the person you’re communicating on the receiving side does the same. Otherwise it’s useless as your messages will be read on the receiving device. In practice it will make private communication extremely cumbersome and niche.

            Also, the authorities can backdoor your custom ROM device at will, when seized.

            • Em Adespoton@lemmy.ca
              link
              fedilink
              arrow-up
              4
              ·
              24 days ago

              Steganography. There’s more than one way to protect your communication.

              And encryption in transit is better than no encryption at all (assuming the baddies don’t already have full access to your phone data).

              • 0xtero@beehaw.org
                link
                fedilink
                arrow-up
                2
                ·
                23 days ago

                assuming the baddies don’t already have full access to your phone data

                That’s the whole point of Chat Control 2.0

                • Em Adespoton@lemmy.ca
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  23 days ago

                  Not quite; Chat Control hearkens back to Apple’s doomed attempt at on-device CSAM filtering - the idea is that on-device images and message contents would be scanned for known hashes. This means a nation state could go fishing on devices for known content, but it wouldn’t allow them to indiscriminately sift through all the content at rest — they’d have to know what they were looking for.

                  That’s where the steganography comes in, because the hash based approach will fail if the content they’re looking for is obscured in some manner.

          • rbn@sopuli.xyz
            link
            fedilink
            arrow-up
            16
            ·
            24 days ago

            Custom roms is your best bed

            Didn’t know they come with sleeping facilities. They’re so versatile nowadays! SCNR

          • 0xtero@beehaw.org
            link
            fedilink
            arrow-up
            5
            ·
            edit-2
            23 days ago

            They will begin so, but the regulation means the authorities can backdoor your device way easier than they can today. It doesn’t mean your custom ROM device will be free of the scanning software forever.

            It also means that you need to know that the receiving device you’re communicating with is clean custom ROM device, otherwise your messages will be scanned on the receiving side.

            The regulation is a complete shitshow privacy nightmare hiding under CSAM trenchcoat. We’d do well to organize and fight against it, instead of trying to back down to the perceived safety of esoteric custom ROMs.

            • eleitl@lemmy.zip
              link
              fedilink
              arrow-up
              1
              ·
              22 days ago

              I like to be in control of what happens on the hardware I own and what services I use. If given no choice I will cease using them altogether. I agree that the law is an absolute shitshow, but with the recent speedrun to totalitarianism we should not fool ourselved that it won’t be passed. It will be, eventually. It doesn’t hurt to start digging the trenches meanwhile. For it is a war.

      • jnod4@lemmy.ca
        link
        fedilink
        English
        arrow-up
        10
        ·
        24 days ago

        You won’t be able to install those apps soon after Android bans sideloading of apps that aren’t signed, or bans sideloading of apps that are not from the playstore itself.

        What then?

        • ISOmorph@feddit.org
          link
          fedilink
          arrow-up
          14
          ·
          24 days ago

          I don’t think privacy enthusiasts use vanilla Android. People will stick to Lineage/Graphene for as long as it works and then switch to something like Postmarket. It’s already in a state where it’s rough but usable.

          • rumba@lemmy.zip
            link
            fedilink
            English
            arrow-up
            10
            ·
            24 days ago

            Europe: Companies can’t lock down your operating system.

            Also Europe: Companies must force back doors into their operating systems.

            I wonder how long those two things can coexist.

            • Em Adespoton@lemmy.ca
              link
              fedilink
              arrow-up
              7
              ·
              24 days ago

              Well, Google’s current behaviour is already putting the future existence of F-Droid into question.

              • rumba@lemmy.zip
                link
                fedilink
                English
                arrow-up
                3
                ·
                23 days ago

                We need FOSS phones badly and in numbers that manufacturing isn’t horrible. That is until our governments force carriers not to connect them.

                If I could find a reasonably priced 8" Linux tablet, I’d sell my phone and buy a cellular wifi AP.

          • Default Username@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            5
            ·
            24 days ago

            Yes, but not everyone they want to talk to will go through that effort. It’s already hard enough to convince someone to download another messaging app that they will only use with you.

  • utopiah@lemmy.ml
    link
    fedilink
    arrow-up
    35
    ·
    edit-2
    24 days ago

    Canary coal mine kind of signal (pardon the pun)

    Edit: they also obviously do not have a choice. If they legally must weaken their work and the core of their work is that it’s not weak… then they have no work. So they can’t accept it.

  • absquatulate@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    24 days ago

    I don’t understand how this “threat” is supposed to work. If the law passes won’t any and all chat encryption be affected? In that case it doesn’t matter how you get the app, or if you manage to get it in europe. Its encryption will be broken/unavailable.

    • LastYearsIrritant@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      25
      ·
      24 days ago

      Laws don’t magically break encryption. I’m not sure what you’re trying to say.

      They’re trying to force Signal to weaken the application, Signal says they won’t do it.

      They can ban Signal for not complying, but you know how difficult it is to ban a digital application? It might make it more popular since it’ll be one of very few actually secure messaging apps out there.

      • absquatulate@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        23 days ago

        I imagined the law would be enforced by a deal with google and some global android state approved keylogger/backdoor completely bypassing all apps including Signal. But yeah, I’m having trouble wrapping my brain around this.

        • Captain Beyond@linkage.ds8.zone
          link
          fedilink
          arrow-up
          2
          ·
          22 days ago

          Recently Google announced they were going to restrict certified Android devices to only allowing apps approved by Google. An F-Droid member found references to “blocked developers” in the new verification code. It’s not unreasonable to assume that this developer blocklist could be region-dependent and Google could use this ability to block Signal from being installed in EU.

    • douglasg14b@lemmy.world
      link
      fedilink
      arrow-up
      10
      ·
      edit-2
      24 days ago

      Encryption isn’t magically broken because a legislature says it is.

      They have to apply teeth to a market they control. Not everything is within their control. Though, signal is.

    • janonymous@lemmy.world
      link
      fedilink
      arrow-up
      6
      ·
      24 days ago

      I suspect that signal will be asked to add a backdoor to their encryption, they will refuse and subsequently banned from EU app stores.

      • utopiah@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        24 days ago

        banned from EU app stores

        What even is that? Aren’t the 2 app official app stores American anyway?

        • PotatoesFall@discuss.tchncs.de
          link
          fedilink
          arrow-up
          7
          ·
          24 days ago

          Yes they are based in america but they have to comply with regional laws since they operate internationally. the apps available in these stores, and the laws that apply to them, differ per country.

          • utopiah@lemmy.ml
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            23 days ago

            If I understood correctly “they” here means Google and Apple because they are corporations that sell products, advertisement brokerage, SaaS, physical devices, etc in the EU. They have to comply otherwise they wouldn’t be able to make money if one of the most profitable markets. They solely chose to comply because it puts their baseline at risk, not solely because of regional laws.

  • MynameisAllen@lemmy.zip
    link
    fedilink
    arrow-up
    6
    ·
    24 days ago

    Shocker. I do however wonder what prevents someone from downloading and installing the apk to their phone. Am I wrong in believing this is a real way to bypass them leaving a market?

        • 14th_cylon@lemmy.zip
          link
          fedilink
          arrow-up
          1
          ·
          23 days ago

          yeah, except according to my understanding of the topic, there is not much adult alternatives. graphene will have the same problem.

          • f4f4f4f4f4f4f4f4@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            5
            ·
            23 days ago

            If you are running Android Open Source Project without Google Play Services, Google has no control. However, manufacturers could be pressured into locking bootloaders and then no one gets AOSP or GrapheneOS at all.

            • eleitl@lemmy.zip
              link
              fedilink
              arrow-up
              1
              ·
              23 days ago

              You can move to WiFi tablets then. The hostile network boundary would then begin on your MiFi router.

    • ISOmorph@feddit.org
      link
      fedilink
      arrow-up
      7
      ·
      edit-2
      24 days ago

      Doesn’t Signal work with phone numbers? They will probably block every EU number from accessing the service to protect themselves legally. Maybe you could use something like jmp.chat to circumvent that? Probably need a VPN as well to mask your IP. In any case, it will decimate the user base, so you’re left chatting with yourself anyway.

      • ashx64@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        23 days ago

        To my understanding, you just need a phone number to make an account. I think it can be a burner number. But then if you ever lose access to the account you can’t recover it.