Why no campaign against US and EU anti-encryption bills?

Both the US and the EU now want to monitor all internet communications, but there has been a deafening silence in reaction; nobody, not even Tor, Monero, or privacytools.io, is trying to raise awareness. There have been a few blog postings, such as this one from Tutanota, but there hasn’t been much else. Why aren’t there banners and blackouts all over the place like when SOPA was proposed? As an example:

Is this deafening quiet a veiled recognition that the digital rights movement is doomed? Is there any hope left?

4 Likes

US and EU already do and they did this before (scan the net/messages) so what changes? You can not force every company, even tho there are so much different encrypted protocols, decentralized networks…
You cant break encryption just like that, it need “backdoor” and well the “backdoor” is/was already in facebook/google so… Use real encrypted app and problem solved.

4 Likes

If Apple’s previous intentions are any indication, backdoors will almost certainly be implemented if these legislation are passed. That will be the end of digital privacy if that happens. Even Tor will lose its use; after all, what good is an anonymous browser if your hardware is spying on you?

Hecoobuh so you telling me that hardware will spy on us? and what about software that encrypt communication? vpn? tor? how the fuck you want to get it decrypted? so apple will now have quantum cpu special cores? sure :smiley:

We’re doomed.

1 Like

People here clearly haven’t read about things such as intel management engine, your hardware is spying on you and encryption is worthless if the data is extracted at hardware level. If you get keylogged by the hardware in your keyboard then adding tor just means they receive the data from an exit node instead of home ip

Ho, ho, ho, Merry Christmas! Yes indeed some of us are well read on various subjects including fun ways to exploit air-gap systems!

Here’s a small sample:

Air-Gap Research Page
https://cyber.bgu.ac.il/advanced-cyber/airgap

Naughty hardware betrays the human. So what’s the solution? I don’t see any, especially when certain companies (cough cough M$) have sway over new hardware designs.

In the end, it’s all Alphabet soup anyway, so what are you gonna do?


This message did not originate from Room 641A.

I’m sorry but this is just hyperbole. This is not going to break Tor and no, IMEI is not logging your keystrokes. Evidence, please.

Honest question: why this when you could use this time and energy to launch a campaign opposing anti-encryption bills in the US and EU? Apple’s plans show that, if these proposals are enacted, they will be implemented in the worst way imaginable: backdoors in all new devices.

Your precious anonymous browser will be worthless when users can no longer trust their devices to not spy on them, and all the work you put into developing it will go to waste. Including this very hack week.

What? Disable IMT & AMT. :joy:
The buyers have the power and the choice. Buy server or workstation motherboards without this crap. Buy OpenHardware with Libre/Coreboot, Risc-V, Openpower. Avoid Apple & Google phones and hardware bundled with Win OS.

There are many things you can do good, low-emission cars, renewable energy, protect animals,… Hacking anti-surveillance software is what the Tor project does.
Why don’t you start doing it yourself in a group that organizes political actions?

Can you provide a link to where we can buy these devices? I’ve seen coreboot laptops on eBay but its on regular laptops and it sounds like you need to know a load of command line scripts just to actually switch the thing on, then you have to know how to set bios passwords in it too. “Just use X Y Z” is simple to say but not so much to actually do. I hope you can prove me wrong!

Used Laptops on eBay: search Coreboot ThinkPad X200, X230, T520, T440
When I become a multimillionaire, my next Tor server: Talos II Mainboard
https://ryf.fsf.org/categories/laptops

Router, SBC or WLAN-AP → PC-Engines

The NitroPad option doesn’t look too good according to feedback on the linked page.

Submitted by gcrl on 25. May 2020 - 12:27

“Really should come with a WiFi card that uses Free drivers. Free Software Foundation recommended OSes won’t accept the currently built-in proprietary WiFi card('s drivers), and for good reasons. This is a security concern in itself, built in NitroPad’s hardware. ME switched off, Heads, Qubes OS et cetera - all very nice; but including a proprietary WiFi card is a serious security risk that should (have) be(en) eliminated by default, i.e. before purchase. Ubuntu is NOT A SECURE OS, too: It contains spyware (data leaking to Canonical and Amazon), nonfree software (and recommends more of it). It should be avoided at all costs, if one cares about her privacy. Vanilla Debian, Parabola, Trisquel (is it still actively developed?), Qubes OS, Tails would be acceptable alternatives - and they are as user friendly, besides Qubes OS perhaps. Otherwise, quite nicely done of course. Thank you for doing this.”

The Librem14 does look and sound impressive but for the full setup with the requirements needed to smoothly run Qubes it would cost $1,567 without shipping so its not really viable, especially for entry level users. It has a wifi card so presumably comes with the issues seen in NitroPad.

The NovaCustoms one seems more easier to understand but still over $1,000 to start off. I guess its pointless to buy a regular laptop with coreboot on it since the drivers are still spies? The Librem14 has coreboot listed but next to something which is crossed out, and when you look whats crossed out it leads to further removed items PureBoot – Purism its pretty confusing. I’d like to try secure hardware but it feels like I’ll spend over a thousand on something which I don’t know how to use properly, inevitably I’ll fuck up something and have no idea to fix it. Heads grub stack shell loaders doesn’t mean anything to me yet I’d have to understand it to use it.

UPDATE: I have since found a device that appears to have everything needed but I’d like to ask a few questions to someone with knowledge but without bothering the seller. I’ve set up a PIN protected temporary email address which will die in 7 days. If there is any kind soul willing to answer a few questions then please send a message here 1rn~mvy4max@mailto.plus Thanks

To answer your question about campaigns: on the Tor side, we’re focusing our efforts on participating in campaigns organized by the Global Encryption Coalition and other allies. Here’s a quick example of another campaign from Open Rights Group where we challenged the UK’s Online Safety Bill.

I encourage you to look to some of the advocacy NGOs / nonprofits in this space, some off of the top of my head include Fight for the Future, Global Encryption Coalition, Internet Society, Center for Democracy and Technology, CitizenLab, EFF, & Open Rights Group if you’re looking to either participate or amplify advocacy efforts.

Is this deafening quiet a veiled recognition that the digital rights movement is doomed? Is there any hope left?

I am hopeful that this movement is not doomed, in fact, it’s reaching a point in world awareness where there is growing support for privacy, autonomy, and human rights online from broader audiences. We’ve witnessed what has happened when these things are abused, and as a society, we understand that privacy isn’t just “hiding bad things,” but protecting our humanity from exploitation.

Finally, it’s important to remember that Tor, Monero, and even Tutanota are communities building software. There are groups solely focused on advocacy, and advocacy orgs are almost always the folks behind campaigns like the SOPA one you mention. Looking to them for leadership, like we do, can be helpful!

Edit to add: I forgot to mention that loud community push back last year influenced Apple to pause its plans for client-side scanning. That gives me hope too. While the work isn’t over yet, it’s good to see a corporation responding to public and expert pressure.

6 Likes

So why hasn’t some NGO started a public awareness campaign on this yet?

Seriously. SOPA and the repeal of Net Neutrality were nothing compared to what we are facing today, and yet advocacy groups have still organized extensive online campaigns to make sure that everyone is aware of them and that as many people as possible contact their representatives.

However, nothing akin to that is occurring right now, when the Free World is actually at risk of devolving into a 1984 surveillance dystopia. There isn’t a single banner to be seen. On social media, there isn’t much of a fuss. There aren’t any websites going dark in protest. The only noise is silence. I don’t get this at all.

I guess people just gave up the fight. Is it too late to stop it now? Probably

1 Like

So why hasn’t some NGO started a public awareness campaign on this yet?

What is “this”? I look to Fight for the Future for an example. They are leading a tremendous amount of advocacy work to defend encryption and freedom from surveillance. I encourage you to drill down specifically on which bill or legislative action or policy that you think is the most dangerous and then look into the action taking place, and go from there. Find out what the real tactics are—or if there are any—and lend a hand.

Fight for the Future was a baby organization back in 2012 when they organized the blackouts. We always need more people in this fight. If an awareness campaign feels like the most important void to be filled, how can you help make it happen?

3 Likes

The seemingly concerted efforts by the governments of the Free World to destroy our online privacy, either by prohibiting end-to-end encryption or, in the worst case, by backdooring our devices.

The EARN IT Act in the US, Chat Control in the EU, and the Online Safety Bill in the UK.

A lot less action than there was against the far less dangerous SOPA and ACTA, and the absence of efforts to alert the public is particularly worrying.

It’s not a monumental task to write blog posts and display banners. A huge portion of the population can be reached by Wikipedia alone, and they often put up banners so it’s nothing new to them. There just isn’t any will to do this.

One should have begun as soon as the European Commission published its anti-encryption proposal; the fact that the EU, a longtime bulwark of privacy, is now considering doing away with it has unmistakably shown that, should this trend continue, there won’t be a single privacy-friendly government left in the world.

However, considering that even this hasn’t generated much of a stir, it is now abundantly evident that the lack of awareness campaigns is only a symptom of the true problem: we’ve lost the will to fight. How can it be revived? I have no idea.

Could you please state exactly where in the EU commission’s proposal they delineate or even mention the breaking of end-to-end encryption and scanning of messages? I have not been able to find anything.

1 Like

@smith It’s always ironic that some government agencies hate encrypted solutions while choosing to use them for their own needs…
:wink: The European Commission moves to the “Signal” for internal communication Signal is an open source secure messaging app with end-to-end encryption. It is praised by Edward Snowden and other privacy activists, journalists and researchers.