Crypto Wars: Hungarian Presidency continues fight against encryption

59 pointsposted 10 months ago
by layer8
(heise.de)

42 Comments

BLKNSLVR

10 months ago

It's only possible to target services that have a central point of contact / administration. I don't want to invoke 'web 3.0' specifically, but the essentially headless decentralisation of encrypted communications services would be like trying to catch 'all the gas in the room' in your hand with a single clap, wouldn't it?

It feels like, even if they win this battle in the crypto wars, the real battleground has actually moved on anyway.

As an aside, that recent "Ghost Chat" infiltration[0][1] that apparently took down a few international crime gangs, wouldn't a Matrix / Synapse server and clients be a better option for encrypted communications than a custom phone/app?

[0]: https://www.abc.net.au/news/2024-09-17/afp-raids-ghost-app-f...

[1]: https://news.ycombinator.com/item?id=41566948

__MatrixMan__

10 months ago

Most ISP's have a central point of contact / administration, and can be compelled to only forward encrypted traffic if it's explicitly permitted. I think that covers most everything, besides the chattering of a few ham radio operators here and there.

pb1729

10 months ago

It wouldn't cover steganography. What looks like an unencrypted video file may have an encrypted message hidden in the noise.

idontwantthis

10 months ago

Also wouldn’t cover encrypted messages sent in the clear. Exchange keys ahead of time and you’re just sending noise to each other. I guess you could still target users sending random noise under the assumption they are using encryption.

__MatrixMan__

10 months ago

Do you think they'd be trying to take encryption away if they weren't already inspecting the packets deeply enough to notice the difference between natural language and encryption noise? One has to imagine that the whole point is to read the underlying message, right?

rysertio

10 months ago

It's extremely costly to deeply inspect terabytes of traffic.

__MatrixMan__

10 months ago

Assuming the compression is lossless. As it is you have to go looking for places on the web that will even host a bit-for-bit copy of an image you've uploaded. Though I suppose there will always be options.

But if they become too much of a hassle they'll become the domain of people who have something to hide, which would be a significant downgrade.

I myself have nothing to hide, but I want to provide cover in case you do.

RcouF1uZ4gsC

10 months ago

It doesn't have to be absolute. Just cross some threshold of inconvenience.

user

10 months ago

[deleted]

rysertio

10 months ago

> Most ISP's have a central point of contact / administration, and can be compelled to only forward encrypted traffic if it's explicitly permitted.

We standardized https. So it should be a lot harder than usual techniques.

BLKNSLVR

10 months ago

That feels like a large escalation from where we're currently at though. That would put a dagger through a majority of self-hosters.

__MatrixMan__

10 months ago

They can apply for an approved key if they need to, that way that key can be revoked if they misbehave.

I know it sounds drastic but imagine the kind of person who would try to prevent encryption in the first place. We should expect drastic steps from them.

aussieguy1234

10 months ago

Let me guess, its the usual justifications. CSAM, terrorism?

Well, if you give the government too much power, sooner or later they will become the child abusers and terrorists. And at that point, there will be no police you can really call, since those in power will be able to act with absolute power and absolute impunity.

Nursie

10 months ago

Hungary is widely acknowledged to be in a state of nascent dictatorship anyway.

I don’t think it really works to call out a potential slippery slope when the country is already overtly on that pathway. Those in power there can already operate with relative impunity.

(This is the reason that when Trump says “Orban likes me!” it’s not actually a flex)

rdm_blackhole

10 months ago

As per my comment above, this draft law has nothing to do with Hungary.

The only reason Hungary is currently associated with the "Chat control" draft is because Hungary currently holds the EU presidency and as part of their mandate they are free to set goals and negotiate with other countries in order to come up with future laws.

First, these drafts mostly originate from the EU commission, so Hungary is not the one who came out with it in the first place. Secondly, Belgium which had the presidency a couple of months ago also tried (and failed) to get this draft across the line.

So yes, Hungary, which may or may not be on it's way to become a dictatorship is very happy to keep pushing for these negotiations to happen but let's also take a moment and remember that Sweden, France, Spain and many more countries are also happy with it.

So to me, the question is how can we take EU countries seriously when they talk about privacy when so many of them are ready to create a system of blanket surveillance on all their citizens?

Nursie

10 months ago

> So to me, the question is how can we take EU countries seriously when they talk about privacy when so many of them are ready to create a system of blanket surveillance on all their citizens?

Well I guess they draw a distinction between allowing state-level actors to access information in the name of stopping crimes and/or national security concerns and allowing the same sort of access to commercial entities.

I'm not saying that justifies it, but it's a different threat model - accessing data about your own citizens for state reasons, rather than collecting data about everyone for commercial gain.

Let's hope it gets knocked back again.

rdm_blackhole

10 months ago

In that case then the definition of privacy needs to change because to me privacy is a binary state. Either I have it or I don't.

Secondly, this piece of legislation is not only a threat to the people of Europe, it is actually a gift to the autocracies of the world like China, Russia and Iran and more who as soon as it is implemented will deploy tremendous amounts of efforts to break into it.

By going forward with this law, we are advertising to the world, hey we got a backdoor here, come and use it! Instead of making it harder for foreign powers to break into our system, we are creating multiple points of failures where the data could be intercepted.

Nursie

10 months ago

> In that case then the definition of privacy needs to change because to me privacy is a binary state. Either I have it or I don't.

That seems a little, well, binary.

I don't have (nor want) a lot of privacy from my partner. I have a lot more from my boss, who clearly doesn't need to know about the pimple on my ass. He also doesn't need to know my car registration, which the government does, or parts of the government. You need to look at your threat model and understand what it is you want to protect and from whom. "Privacy" is a bit more complex than on/off.

I agree, the backdoor is a poorly thought out idea, it's an authoritarian fantasy which (like many authoritarian fantasies) doesn't take into account the practicality of the idea or the second order consequences. That back door will indeed be a target, so the people of the EU have to worry about not only their own governments misusing the data but (as you say) other powers finding ways in as well.

On the corporate side, the threat model is different - companies don't want the expense of doing security well and they have a profit motive of being able to sell data. This treasure trove could also be useful to foreign actors, or those (like Cambridge Analytica) who would use it for domestic political aims. EU citizens are relatively well protected from this type of threat at the moment, US citizens not so much.

Should weakness in one mean you don't listen to anything out of the EU when it comes to privacy? Again I think that's too binary. The EU has some great ideas and laws about protecting us from the excesses of corporate data hoarding, those should be celebrated, just as we excoriate them on attempts to create a state panopticon.

blub

10 months ago

Based on election results and popularity, the Hungarian government is more democratically legitimate than the French and German ones.

The wide acknowledgement is only wide in a particular EU bubble.

Nursie

10 months ago

> Based on election results

That's a bad place to start when looking at autocracies which distort the democratic system to provide an illusion of legitimacy. But you knew that.

blub

10 months ago

Hungary is a democracy. The election was monitored by the OSCE, which concluded that the elections “were well administered and professionally managed but marred by the absence of a level playing field”.

I don’t see how that’s worse than the French people voting Macron out and France still being governed by Macron and his people.

Throwing around words like autocracy is by now lame and tired, just like those crying racism all the time.

CRConrad

10 months ago

> Hungary is a democracy.

Oh, is it still? OK, maybe... But just barely, ad not for long.

> the elections “were well ... marred by the absence of a level playing field”.

Yeah, that's what should'a tolja it's not much of a democracy any more.

> I don’t see how that’s worse than the French people voting Macron out and France still being governed by Macron and his people.

That's probably mostly because the French people have done nothing like voting Macron out. France hasn't had a presidential election this year, not last yar IIRC.

> Throwing around words like autocracy is by now lame and tired

Yeah, you're right, it is. When it's unwarranted. But do you know what's even more lame and tired? Defending autocrats.

Especially if it's done as badly as your attempt here.

oofdoof

10 months ago

The title is terrible. I was also misled.

Maro

10 months ago

> Hungary is widely acknowledged to be in a state of nascent dictatorship anyway.

I'm Hungarian, I hate Orban [1], but your comment is not accurate. It's not "widely acknowledged" and nobody is seriously using the word "dictatorship" to describe Hungary or Orban's regime, including Orban's fiercest opponents [in Hungary]. We have had various forms of dictatorships in Hungary, and this isn't one of them.

What we have today is most commonly referred to as an authoritarian form of democracy. But we have elections every 4 years, and if people were to vote against Orban, he'd be gone. The last one, in 2022, there were 20k opposition observers in the voting offices and they certified that everything was legit. Having said that there are multiple aspects that make the elections unfair. As we say in Hungary, the "football field is tilted to favor one side". For example, the election map is heavily optimized to favor Orban. Or, state media and 100% of state funds has been captured by Orban to run his misinformation campaigns, which does mean that by the time elections come, a significant % of the population has been indoctrinated and brainwashed. And so on.. But still, it's not a dictatorship. It's just that people are stupid, just as in every country, and unfortunately in 2010 Orban received a 2/3 majority which he used to accomplish the initial "tilt", and he's masterfully kept it up ever since.

Why is Hungary not a dictatorship? Your personal freedoms are not in danger, nobody has ever been killed or even hurt for political reasons in Hungary (unlike Russia). We have freedom of speech, you can go in front of the parliament building and say the nastiest things about Orban, and you'll be fine (unlike in Russia). We have opposition parties, who according to their seats in parliament receive state funding. We have fairly conducted and counted elections (unlike in Russia). We have tons of opposition media and they are free to operate, eg. the biggest Hungarian language political Youtube channels are opposition.

However, Hungary is definitely not a healthy democracy. We have widespread corruption wrt state funds. We have a significant imbalance in media reach in favor Orban. Orban is more than willing to run toxis misinformation campaigns and seed division and hatred that will take many years, possibly generations, to weed out. And, for still unknown reasons, Orban is in bed with Putin and runs Russian misinformation campaigns in Hungary. And so on..

Related to the OP, I can tell you that Orban and his cronies run a variety of misinformation campaigns [in Hungary], but nothing related to cryptography.

[1] https://bytepawn.com/why-i-dont-live-in-hungary.html

Nursie

10 months ago

I will defer to you as you are Hungarian and obviously a lot more informed than I am, but I will say a lot of the things you bring up seem to be a matter of degree.

From what I can see out there on the internet, it's more than just the media - Orban's cronies seem to have captured the judiciary as well, which helps shield them from investigation. He also seems to be trying various tactics to suppress political opposition - https://www.theguardian.com/world/2023/nov/23/orban-accused-...

I think I'm going to stick by my evaluation of 'nascent dictatorship', though perhaps 'nascent autocracy' is more accurate if it's not all about the one man. And it does seem to be widely acknowledged that democracy has been undermined there, to the point it doesn't function.

> I can tell you that Orban and his cronies run a variety of misinformation campaigns [in Hungary], but nothing related to cryptography.

Yeah fair enough, it seems that a lot of other governments are all in on this sort of thing, and the headline is particularly misleading.

Maro

10 months ago

> From what I can see out there on the internet, it's more than just the media - Orban's cronies seem to have captured the judiciary as well, which helps shield them from investigation. He also seems to be trying various tactics to suppress political opposition.

Yes, this is true unfortunately. On the other hand, most of our political opposition [1] was so lame that Orban's baseline tactic was pretty much to just let them do their thing, and that repeatedly led to these parties to self-destruct.

To be clear, the situation in Hungary is shit, but it's not a dictatorship..

[1] between 2010 to 2023, before the new 2024 wave with Peter Magyar and his new Tisza party

CRConrad

10 months ago

> your comment is not accurate. It's not "widely acknowledged" and nobody is seriously using the word "dictatorship" to describe Hungary or Orban's regime, including Orban's fiercest opponents [in Hungary].

Yeah, exactly: in Hungary. The rest of the world is bigger than Hungary, so the terms used in the rest of the world are more wide-spread than those used in Hungary.

Maro

9 months ago

Sorry, you're talking nonsense.

CRConrad

9 months ago

[flagged]

Maro

9 months ago

We agree that Orban is terrible for both Hungary and Europe. I hate Orban and have never voted for him. In fact, I hate Orban and his system so much that I refuse to pay taxes to him --- the last time I did was in 2015, since then I've been living abroad.

Having said that, Hungary is still not a dictatorship, inside or outside Hungary, per the Democracy_Index [1]. Your country, Finland, with 9.3, has one of the highest scores! Congrats, you have come a long way since the Cold War ended. Hungary has a significantly lower score at 6.7, which makes it a "Flawed democracy". If you check this list, you will find lots of other european countries in the "Flawed democracy" bucket, and with a lower score than Hungary.

"And Hungarians in general as right-wing nutjobs for keeping re-electing him" - I'm not offended by this, but surely you know that no country is a homogeneous set of people. Very roughly, Hungary has about 9.6M people, 8.2M in the voting age, in the 2022 election 5.7M voted, and about 3M of those voted for Orban, unfortunately [2]. (Among them was much of my family I'm afraid.) But you see, there are 5.2M people in the voting pool who did not vote for Orban, so it's not true that hungarians in general are "right-wing nutjobs".

Having said that I have a pretty low opinion of a significant portion of my Hungarian countrymen, but not specifically because they're all "right-wing nutjobs". I would say the root problem is that they (like Trump voters in the US) have access to an infinite stream of information on the Internet, some of it high-quality, some of it low-quality and misleading, and they should be smart enough to tell signal from the noise, inform themselves and have reasonable opinions.

"Why don't you get rid of him while it's still legally possible to do so?" - Naturally you don't follow Hungarian politics, but the way 2024 has been going so far, I strongly suspect that Orban will at a minimum lose his 2/3 majority in 2026, possibly the election. He and his cronies are making a lot of mistakes, there are scandals happening almost every week now. There is now a singular opposition party called "Tisza" which has about the same ~40% support as Orban today (so both are at roughly 40%). The only problem is, this new opposition party is so far a one-man show by a guy [3] who used to be in Orban's Fidesz party. So although he probably wouldn't be as bad as Orban, esp. at the beginning, he would still be right-wing.

[1] https://en.wikipedia.org/wiki/The_Economist_Democracy_Index

[2] https://hu.wikipedia.org/wiki/2022-es_magyarorsz%C3%A1gi_ors...

[3] https://hu.wikipedia.org/wiki/Magyar_P%C3%A9ter_(jog%C3%A1sz...

CRConrad

9 months ago

> the way 2024 has been going so far, I strongly suspect that Orban will at a minimum lose his 2/3 majority in 2026, possibly the election.

He has a 2/3 majority?!? And won't (possibly) lose it until 2026? How long has it been known that he's a raging nutjob and asshole -- one decade, or several? Possibly losing his huge majority in over a year from now... That's far too little, far too late.

> But you see, there are 5.2M people in the voting pool who did not vote for Orban, so it's not true that hungarians in general are "right-wing nutjobs".

Enough of them are indifferent enough to right-wing nutjobbery not to vote against Orban's right-wing nutjobbery, which makes them enablers of him and it.

Over time I've come to think that all peoples are in the end responsible for their own leadership: If a majority of the people is against oppression, then they should vote against it. If they can't vote, they should rise in revolution. If they don't, they're not sufficiently against it to warrant being called civilised.

That's why Germans carried (and to some extent still carry?) a collective responsibility for Nazism (and anew do so for the AfD and BSW nutjobs they're voting into power nowadays); why Russians carry a collective responsibility for Putin (and before him, for Stalin. And Ivan IV); and why Hungarians carry a collective responsibility for Orban.

IMO.

user

10 months ago

[deleted]

worstspotgain

10 months ago

Hungary's is one of Putin's puppet regimes, so it's really about Russian-style repression of the opposition.

rdm_blackhole

10 months ago

You obviously have not read about this piece of legislation otherwise you would not have posted this comment.

The law in question also dubbed "chat control" has been on the table for the last 3 years now. It's been rejected each time so far but it comes back every 6 months without fail.

The reason Hungary is associated with "Chat control" this time is because Hungary holds the current presidency of the EU. This presidency changes every 6 months. Before Hungary, it was Belgium which was in charge and they too tried to get this law passed.

This is what a country with the EU presidency does, they set their goals and then try to reach a consensus with the other countries. "Chat control" is one of these goals just like it was one of the goals of the Belgium presidency.

So to come out and say the Hungary is pushing for this because they are Putin's puppet is not accurate at all. The EU commission, which I am pretty sure no one can accuse of being a puppet of Putin is the one who keep bringing this law not Hungary or a specific country in particular.

Now, I am not saying that Hungary is not happy about this, in fact they may well be very glad that this law is being discussed (as it would allow them to enable a state of total surveillance on their citizens) but please let's remember that even Sweden and Spain are amongst the many countries in the EU that are actually supporting this law.

To me that is the bigger problem, how can the EU be so supportive of personal privacy then come out with shit like this?

worstspotgain

10 months ago

Sure, but you're drawing a distinction without a functional difference. The following can both be true:

- Hungary's Putin-puppet regime is in favor of banning encryption so as to repress the opposition and stay in power indefinitely.

- Other EU political actors are in favor of banning encryption for their own reasons.

My comment did not imply that all non-puppet political actors in the EU were against banning encryption.

rdm_blackhole

10 months ago

> Hungary's is one of Putin's puppet regimes, so it's really about Russian-style repression of the opposition

Your first comment was vague and that is why I thought it was worth responding to it. I am glad we agree that Hungary is not the only one who is pushing for this law but you singled out Hungary in your comment so what was the intent there then?

To be honest, I am just a bit fed up with people talking about Hungary as the bad guy in this particular instance due to it's ties with Putin all the while forgetting that even the "nice" and "progressive" countries such as Sweden and France and many others which are usually clamoring for privacy and sovereignty from big tech are also pushing for it.

To me in this specific case Hungary is not the problem. The problem is the law itself and the fact that this law keeps coming back again and again in the so called bastion of democracy that is Europe (supposedly).

123yawaworht456

10 months ago

- Hungary's Putin-puppet regime is in favor of banning encryption to repress the opposition = bad

- Other EU political actors are in favor of banning encryption to repress the opposition = good

aguaviva

10 months ago

Hungary's Putin-puppet regime

This may feel nifty to say and/or believe in, but has no connection to reality.

Source: any Magyar you will talk to.

Edit: For example [0], posted 5 minutes after I posted this.

[0] - https://news.ycombinator.com/item?id=41625251

worstspotgain

10 months ago

Oh sure, friend. Not a puppet, not a puppet. He's stubborn for Russian fossil fuels, held up Sweden's entry into NATO, and curried a thousand other favors, but they were all just meetings of the minds. /s

Same goes for Lukashenko, Maduro, and Vučić, or for Farage, Weidel, and all the other nice folk who used to poll sub-5% before Russia's troll army started peddling their sewage. The only thing less likely than you convincing me that he isn't would be me convincing you that he is, considering that you hopped onto this thread for this argument.

aguaviva

10 months ago

You can believe in whatever caricatures you want. I see no need to convince you of anything.

Maro

10 months ago

> Hungary's is one of Putin's puppet regimes

I'm Hungarian, I hate Orban [1], but your comment is not accurate. We have a lot of problems in Hungary (see my other comment in the thread), but we're not Putin's puppet regime. A puppet regime would imply that Orban was put in place by Putin and/or is kept in place by Putin, and is purely doing Putin's bidding. I've never heard anybody serious say this, nor have I ever seen any evidence of this. Although rhetorically Orban is definitely pro-Russia, in the end (after wasting everybody's time for a while) he always goes along with EU resolutions against Russia.

Orban doesn't need Putin to stay in power, he has access to all of Hungary's tax income, and effectively also beyond that, due to the 2/3 majority which allows him to rewrite the constitution at will.

Likely reasons Orban is friendly with Putin: (i) access to Russian oil (ii) Hungary's one and only power plant is Russian tech run by Russian techs (iii) Orban's regime is like a soft version of Putin's, so criticizing Putin would in some sense mean critizing himself, it'd be counter-productive for him.

[1] https://bytepawn.com/why-i-dont-live-in-hungary.html

hulitu

10 months ago

Maybe, but this was started by the Biden's puppet regimes.