BLKNSLVR
10 months ago
It's only possible to target services that have a central point of contact / administration. I don't want to invoke 'web 3.0' specifically, but the essentially headless decentralisation of encrypted communications services would be like trying to catch 'all the gas in the room' in your hand with a single clap, wouldn't it?
It feels like, even if they win this battle in the crypto wars, the real battleground has actually moved on anyway.
As an aside, that recent "Ghost Chat" infiltration[0][1] that apparently took down a few international crime gangs, wouldn't a Matrix / Synapse server and clients be a better option for encrypted communications than a custom phone/app?
[0]: https://www.abc.net.au/news/2024-09-17/afp-raids-ghost-app-f...
__MatrixMan__
10 months ago
Most ISP's have a central point of contact / administration, and can be compelled to only forward encrypted traffic if it's explicitly permitted. I think that covers most everything, besides the chattering of a few ham radio operators here and there.
pb1729
10 months ago
It wouldn't cover steganography. What looks like an unencrypted video file may have an encrypted message hidden in the noise.
idontwantthis
10 months ago
Also wouldn’t cover encrypted messages sent in the clear. Exchange keys ahead of time and you’re just sending noise to each other. I guess you could still target users sending random noise under the assumption they are using encryption.
__MatrixMan__
10 months ago
Do you think they'd be trying to take encryption away if they weren't already inspecting the packets deeply enough to notice the difference between natural language and encryption noise? One has to imagine that the whole point is to read the underlying message, right?
rysertio
10 months ago
It's extremely costly to deeply inspect terabytes of traffic.
__MatrixMan__
10 months ago
Assuming the compression is lossless. As it is you have to go looking for places on the web that will even host a bit-for-bit copy of an image you've uploaded. Though I suppose there will always be options.
But if they become too much of a hassle they'll become the domain of people who have something to hide, which would be a significant downgrade.
I myself have nothing to hide, but I want to provide cover in case you do.
RcouF1uZ4gsC
10 months ago
It doesn't have to be absolute. Just cross some threshold of inconvenience.
user
10 months ago
rysertio
10 months ago
> Most ISP's have a central point of contact / administration, and can be compelled to only forward encrypted traffic if it's explicitly permitted.
We standardized https. So it should be a lot harder than usual techniques.
BLKNSLVR
10 months ago
That feels like a large escalation from where we're currently at though. That would put a dagger through a majority of self-hosters.
__MatrixMan__
10 months ago
They can apply for an approved key if they need to, that way that key can be revoked if they misbehave.
I know it sounds drastic but imagine the kind of person who would try to prevent encryption in the first place. We should expect drastic steps from them.