This is why you should prefer a better protocol like SimpleX
this post was submitted on 25 Feb 2025
633 points (99.4% liked)
Privacy
38001 readers
415 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
And I want a better future. Guess we're both gonna be disappointed ain't we
Stop this!
Would anyone accept if the government installed a door into your house that only they have the key to?! Just in case they need to come in and avoid kicking the normal door when I am not home...
Only Swedish backdoor I want is...
Ah the ol' Kingsmen ending.
As ever, a "technical backdoor" for anyone is for everyone.
This is why you make a protocol rather than an app so there is no owner.
Protocols are much more difficult to create and implement.
The barrier for technical ability and maturity is much higher. Which is why you don't see them as often, and when you do see them they tend to suck, have massive gaps, or some other significant failing that prevents them from really scaling out.
Building reliable and robust protocols with a hobby project is a nearly impossible task, it takes a lot of effort and a lot of minds over a long period of time to settle on the specifications. And just as long to actually implement it.
Usually this requires some sort of funding and dedicated resources from the get-go. Which many of these projects lack.
"But doing things correctly in life is difficult so why try".
People still do and build thinga the correct way. See Matrix and Element.
Can’t the protocol be blocked at networking level by the ISPs ?
Just send it through SSH?
In theory yes. In practice you cannot expect that every user maintains a server and one with internet facing ssh, specially a message app and the average non technical user.
People can use email without having to setup their own mail server.
Article with no trackers
The encrypted messaging app Signal is growing – now even the Swedish Armed Forces are using the app.
But the government wants to force the company to introduce a technical backdoor for the Police and the Swedish Security Service.
"If it becomes a reality, we will leave Sweden," says Signal's boss Meredith Whittaker, in an exclusive interview with SVT.
If the government has its way, the bill will be passed in the Riksdag as early as March next year.
The bill states that companies such as Signal and Whatsapp will be forced to store all messages sent using the apps.
Leaving Sweden Signal – which is run by a non-profit foundation – now states to SVT Nyheter that the company will leave Sweden if the bill becomes a reality.
"In practice, this means that we are being asked to break the encryption that is the basis of our entire business. Asking us to store data would undermine our entire architecture and we would never do that. We would rather leave the Swedish market completely," says Signal's head of Meredith Whittaker.
She says the bill would require Signal to install so-called backdoors in the software.
"If you create a vulnerability based on Swedish wishes, it would create a path to undermine our entire network. Therefore, we would never introduce these backdoors.
But don't you as a supplier have a responsibility to support efforts against crime?
"Our responsibility is to offer technology that upholds human rights in an era where those rights are being violated in more and more places. In today's digital world, there are very few places where we can communicate privately or whistleblow.
The Armed Forces critical Meredith Whittaker mentions the Chinese state actor Salt Typhoon's 2024 attack on several internet service providers in the United States, where text messages and phone calls were leaked. She believes that a Swedish back door would open the door for the same thing.
"There are no back doors that only the good guys have access to.
The purpose of the bill is to enable the Security Service and the police to request subsequent notification history for persons suspected of crime. Both authorities were positive in the consultation round.
"The opportunities for law enforcement authorities to effectively access electronic communications are absolutely crucial," Justice Minister Gunnar Strömmer (M) said earlier at a press conference.
But the Armed Forces are negative and recently the Armed Forces urged their personnel to start using Signal to reduce the risk of eavesdropping.
In a letter to the government, the Armed Forces writes that the bill will not be able to be realized "without introducing vulnerabilities and back doors that may be used by third parties".
The Swedish government can go suck a lemon.
The government is very split on many questions. Privacy being a weird one because it's the (somewhat) left-leaning Social Democratic that usually come up with these crazy ideas without understanding the implications of privacy.
See Chat Control 2022-2024 https://www.techradar.com/computing/cyber-security/chat-control-all-you-need-to-know-about-the-eu-plan-to-scan-all-your-whatsapp-chats
I don’t think this will happen: Their department of defense has adopted Signal for internal communication, and there is no way in hell they would want a backdoor built in. In fact, the article says they have already opposed the suggestion.
I really like that Signal is able to update itself. Even our of the stores, it can still be up-to-date.
Because that worked so well with the US government’s back door into telecom companies. I don’t think they got the Salt Typhoon group out of the system yet.
Then they get it through fdroid?
Governments have long wanted backdoors on secure private communication, and so long as we have an ownership class, they always will.
And backdoors will always be more useful to hackers, industrial spies and terrorists than they are these departments of state looking to ensure national security (or watch for proletariat unrest. We're already pissed.)
And the private sector will always route around these backdoors, possibly by modding the client or offering new services that are still secure.
States should get used to disappointment. Investigation bureaus should prepare for going dark. Once upon a time they had to rely on detective work rather than asking Google whose phones were near the incident or what web-surfers were asking questions about the circumstances pre-hoc.
view more: next ›