Signal: Will leave the EU market rather than undermine our privacy guarantees

Neither Whatsapp nor Signal can do anything about it, since they don't know the content of the messages. That is the whole point of their protocol. That is the whole point of privacy.

Nobody falls for that crap. We all know that CP is being presented as a scapegoat here because, "how can you be against something that MIGHT help against CP!?!?!" while in fact and in the end it'll be used to spy on everything.

You're right. But apparently every time this topic comes up we cry that this is abuse of our freedom.

Tech is not good or bad but it does have unintended consequences and open new ways for abuse. This is tough to swallow for us who work in tech but is obvious to everyone else. If we stay in denial and do not volunteer to help use tech smartly to compensate for bad side effects, they will vote in some dumb law and some bad guys will exploit it for surveillance later.

what else are governments going to do

One way that would put down lots of exploitation and support privacy of adults would be video and online surveillance of all children when not alone, using a parent-controlled computer to detect bad things happening. This could start in kindergarden and school and gradually expand to all spaces that are not home. Children have some right to privacy, but not as strong as adults.

On the 16-th year, if the child wants so, surveillance gets turned off and he/she is granted more privacy. Like with age limits on car driving or working, at some point the state says, you are old enough to take responsibility, we won't protect you from harsh life anymore.

This is a targeted, reasonable solution with little collateral damage, that upholds the right to privacy for adults. It's what parents would want, instead of the bureaucrats. And who really, actually cares about safety of the children, parents or bureaucrats?

The bad stuff will just move somewhere else as it always has done.

Compromising everyone's privacy will eventually mostly affect innocent people. Or even cause the platforms to cease existing altogether, which looks like a real possibility with Signal. Pedos will just move on to whatever service isn't compromised yet. You can outlaw or hamper secure encryption in some jurisdictions, but due to the generic nature of computers you can't in principle stop people from using secure encryption.

Your argument makes as much sense as banning knives because they are sometimes misused to attack people. What about alcohol? Some people drink and drive, we should ban alcohol too!

CP is a pretext to grab power, the same way terrorism was 20 years ago. If a government actually cared, they would start dismantling the catholic church. Risking a slippery slope fallacy, I see no way governments won't expand the scope of this intrusion. Before you know it, being critical of a certain foreign government [0] or teachers criticising the department of education [1] will be limited.

0 - you know what conflict I mean. Will we have to resort to coded messages wherever we go?

1 - https://www.theguardian.com/politics/2023/oct/21/uk-governme...

This argument is more thought provoking than people may think.

What we see is a shift of power. Electronic communications started out as private enterprises, then mostly taken over by states because of the need centralization, and now almost completely taken over by private enterprises one layer above. Governments are still trying to make sense of what happened and find their role in this new world.

Platforms are centralization at work, and it's not that far fetched to think that states could do a better job than Twitter or Facebook. Platforms have immense power. After all, we mostly agree that Facebook very literally facilitating genocide was not good for society. What we disagree on is how much they knew and how much was circumstantial.

There is also this idea that jurisdictions matter for platforms. The Chinese connections with Tiktok owners are problematic since we know for a fact that they have the power to influence elections. The American ownership of Facebook is not similarly problematic, largely because the CIA and other institutions interests mostly align with ours.

It would not surprise me if the Saudi money financing Twitter/X would turn out to be just as important as the financing of 9/11.

In light of that, it should not be surprising that EU states wants to play the game too, even if it will have very little practical effect.

We keep having "anti child exploitation" measures, like all the bloody time. It's been decades by now.

And the problem keeps getting worse.

So either it's just not working whatsoever and this is useless and should stop. Or it's never really about child exploitation.

Just like "temporary measures" against terrorism which have been temporary for 30+ years now (no, it didn't start on 9/11).

Almost like it was never about terrorism.

Why do you take their motives at face value?

Obviously, the moment these platforms lose privacy, the criminals cease communication on them immediately. So they're the last group this is aimed at.

The solution to crime is the same investigation and detective work and anonymous tip offs and so on that it's always been. People going undercover and infiltrating these groups and then bringing them down.

By chasing the criminals off this platforms, all that happens is the detective work gets harder. Now they've got to go find where to start their infiltration, all over again.

This outcome is so obvious that the only conclusions available are that the lawmakers are either IQ 60 morons, or that they have malicious intent.

Why should everyone have to suffer so that state's job in catching criminals is made dead easy ? Such criminals are a microscopic minority of the population. Governments - esp in the west - have disinvested in traditional investigation and moved to using mass surveillance as their default operating strategy. And citizens are being made to pay the price.

Just put the entire population in jail, I'm sure you'll be able to prevent a lot of crime that way.

People often forget just how much we get from the EU that's taken for granted. Everything from practicalities like no roaming costs and consumer protection, all the way to freedom of movement, peace and overall stability.

If you have to run every image and text through some sort of "filter" you cant turn off... Yes.

Thats a LOT of compute.

In Germany at least, unless you opt for a super cheap package(e.g. sponsored free or less than EUR 6/-), calls and texts are unlimited in local(country level) networks, only data volume is limited. Not sure about other EU neighbors.

I pay ~0.10€ for a text message - but I don't know anyone who uses text messages for communication so it's not a problem. I could buy a cheap plan for unlimited text messages, but I don't want a fixed monthly fee and prefer prepaid.

France: Hold by beer. https://en.wikipedia.org/wiki/List_of_incidents_of_civil_unr...

A lack of rioting doesn’t mean people don’t care.

Example from last year: https://en.wikipedia.org/wiki/Dutch_farmers%27_protests?uses...

> they just can't provide an automated means to do that for you

What I'm wondering is whether two separate applications can be set up to communicate automatically, with one handling messaging and the other being responsible for encrypting and decrypting the data.

What would be against the law in that case? The messaging app? The encryption app? Or the interaction you are doing in that moment?

I am using a special keyboard that outputs these sequences automatically. Must my keyboard driver send the keypresses to the EU? Fine, here are they: AFC628BCF627.

I understand Signal is handicapped now, but I couldn’t care less about Signal. I only care about being able to communicate in private. Why don’t we implement this stuff at a lower layer?

Surely the guys on top must see this is an endless game that they will never win? It’s not an arm’s race, it’s fundamentally impossible.

Implemented mass-surveilance is proof that democracy is dead.

E2E encryption would prevent anyone from intercepting texts by mathematic certainty.

At least on a mass scale, if we worry about back doors.

This SaaS fad is the underlying technical enabler of the spying and need to go away.

I guess Google is the main culprit by making P2P coms hard.

Asking faceless corps to open their users' mailboxes willy nilly is way easier then asking the voters to.

Apple's proposed algorithm was probably the best so far.

The problem is not going away, we in tech are partly responsible and we should promote good ways to deal with it. If we don't then a solution will be found anyway, it'll just be a bad one.

A trusted app running on arm execution level 3 could make use of the NPU to offload some of the work?

I don't know how to help folks that didn't treat the apple csam fiasco as a massive wake up call to ditch the ecosystem.

We have linux phones these days, caly, and grapheneos. There really isn't reason to give up on general computing. (Ignoring the propriety baseband blobs.)

For now I have a Tasker job routinely deleting WhatsApp's media directories. Unfortunately everyone is using it so I have to stick with it. Hate WhatsApp with passion.

If this law passes, bye bye.

I don't know about any place where expressing eurosceptic views would get you called "far right", let alone a Nazi.

I think elsewhere online this may happen.

Also, some public broadcasters use the "far right" word group suspiciously often, almost as if it was some kind of effort to softly suggest to people how not to vote, but I must be imagining things, because they would never do that:)

Where are you living, if you don't mind sharing? I don't know about any place where expressing eurosceptic views would get you called "far right", let alone a Nazi.

Try the largest German-speaking subreddit, for example.

Yeah, UK left because they thought EU wasn't draconian enough.

governments having low level dirt on their populations feels like manufacturing excuses to send people to war and remove their autonomy

Any intelligent criminal will just meet face-to-face to discuss their criminal activities. None of these apps protect against someone taking a photo of the screen and snitching to the authorities about what was said in exchange for less jail time.

ironic that this is exactly the thing the US/EU political leadership have been bashing the chinese for since forever.

there's a good reason for that. it's not controlled by and for the benefit of our oligarchs.

Signal is not selling anything. So my guess is that distribution is enough. So my guess this would also apply to e.g. Thunderbird then.

Current nonEU members like Switzerland or England are vasals of who?

Prices of energy and basically everything in EU is so ridiculous high. Free marked is crippled because of centrally planed economics pushed by EU grants.

you can have an economic community without the political aspect of it

I think the widening of the EU that we have seen precludes the deepening of the EU that you advocate. This is a difficult balance. we should want deeper coordination within the EU. But we should also want to help and integrate our neighbors, rather than seeing them languish and become, as you put it, vassal states. And those goals are at odds.

This is partially because coordinating more countries is inherently more difficult if everyone can veto. But cultural diversity also plays a role. Deepening coordination means letting the EU decide more. Letting a more similar culture decide more will feeo better. beyond that, they are probably more likely to decide what you would have decided anyway. That is how a wider EU works against a deeper EU.

It’s funny that those chat censorship laws seems to be mostly at EU level. Very few countries have something similar going on locally.

Centralised government and power is much more dangerous for society, than decentralised nations.

Im not sure why someone in Brusell should vote about regulations for entire Europe.

You cannot imply same rules for entire nations like all are the same. They are not. They have different cultures, different values, different taxes, different wealth, etc...

Leaving the EU, however, triggers competition. These small European countries will compete for talent/money/knowledge and that means more freedom and less taxes.

But hey gotta deny the EU is not working even after hitting the wall and your face is dangling from the other side right?

I've stopped taking the whole "change it from withing / reform" arguments seriously when it comes to anything larger than a village or small community. The entire system has gotten to this point because the rules, processes and incentives all aligned and co-evolved to get it here. Every single one of those "memes" (borrowing from Dawkins here) will fight very hard for its own survival. And their survival depends on the status-quo staying as is without change.

The only way forward is to not participate and/or burn it all down and start from scratch. And we all know what a polite and neutered society we are currently because things are relatively "okay" for us, so we're not at threat, so we're not willing to do the drastic measures necessary for correction here. That includes me, as I will not be sending my sons to the slaughter.

Sure, voting system remains same.

It hasn't really been hurting them either. By the way, UK had GDP growth by .6% in first quarter of this year, which is a lot more than a lot of other EU countries.

Presumably Signal will remain available in the UK. At least, it could.

I can only hope… but won’t hold my breath.

Spain too

Yes, I’m not saying it’s impossible. I still need to travel to my residence country’s capital which is several hours away and not free to get to in order to cast my vote in person. That’s quite a hurdle and I’m not surprised that participation is so low as a result.

It varies from country to country who you can vote for to oppose such legislation. You need to investigate your local representatives.

Also, the Commission only proposes legislation, it doesn't enact it. Only the EU Parliament can enact legislation. The comission is similar to the Government of most democratic countries, also in the fact that it's not directly democratically elected. However, you still have plenty of democratic control over it, just not in EU specific elections, but in your own country's elections.

Edit: mistook the Council for the Commission. Corrected in line.

This is not reality TV, it's important that you cast a vote aligned with your views, not who is most likely to win or loose. If you're unsure which party represents your views, you can use tools like https://euandi.eu/

The EU structure is democratic, you can see a summary of each body and how its formed at https://european-union.europa.eu/institutions-law-budget/lea...

What type of question is that?

If you’re so curious, yes, on top of being pro/Russia I’m also a Mets fan. LGFM! How does knowing more about me help bring this conversation forward? Should I in turn ask about your favorite MLB team?

Wilders only formed a coalition about two weeks ago, and he isn't the prime minister so wouldn't be in the Council anyway.

As for the others, why do you think these laws come from the council? EU law never comes from the council, it's always proposed by the Commission. There's a list of people who are most responsible for this specific law here:

https://www.reddit.com/r/europe/s/Q4fRGd1a2e

None of the people on the list are heads of state, as per usual. They are senior members of the Commission and the usual assortment of lobbyists who feed them ideas.

So why did gp talk about the alt right?also I disagree, there is a binary left right in Europe too. Unless it's for social stuff then most parties are on the right in Europe lol

SMS is far less convenient and lacks many important features, like groups, emojis, speed and presentation.

Independence from known data harvesters is the only reason I got pretty much all of my contacts to switch.

Rich messaging with images and videos is not universally available without signal or WhatsApp etc... And it's very easy (at least here in the UK) to end up sending an mms message which still costs an arm and a leg.

I use iCloud Keychain for passwords. It's a trade-off between security and convenience.

Passwords aren't as critical in my opinion, because I can always change them. Sure, it would suck if someone broke into my hosting account or my bank account, but I could probably fix it somehow. I was more thinking about secrets that I don't want people to find out, because there is no way to make people forget something they learned about me that I wanted to hide.

That one's easy, he just gives all his passwords to Apple Inc.

there are multiple open-source implementations

No. Signal locks not not just third party software but also builds of their own "open source" code via timebombed forced updates. It's somewhat impractical to use signal except via blinding accepting updates from them.

As a result every signal user is sadly quite vulnerable to getting pushed a bad update, particular since app store policy changed to require the app store itself being able to sign updates.

Signal could mitigate this by allowing third party clients and/or not timebombing support.

Right. There is no way for me to verify that the Signal app isn't actually a trojan created by a US agency with a clever marketing team. It sounds far fetched, but it wouldn't be the first secure messenger that was later revealed to be a covert spying device.

I still use the app, because I trust Signal more than Facebook, but the encryption isn't why I trust them.

I agree, and that's a major part of why I use Signal, but I just want to say that most of my friends (and even family) use Signal, so at this point it's also a network effect for me.

It’s all using cryptography.

Cryptographic signatures are heavily used in these networks. People sign the transactions using elliptic-curve cryptography (or they are moving to some quantum-resistant thing). Then a blockchain or other decentralized network stores the transactions while a programming language is used to make sure that everyone and every node is following the rules.

Being able to finally trust the code instead of a middleman has the potential to be extremely useful despite your insistence that it cannot possibly have any uses because you personally don’t like it. Because trust is costly, and being able to reduce the attack surface enables much larger coordination and larger value to be managed collectively, with far less corruption.

If you ask the average person

I don’t know Europe’s polling. But in America, the majority is against [1][2]. (The only ones showing marginal favour ability are industry polls [3] by low-quality pollsters [4].)

You just enjoy shitting on anything that has the word “web3”

I’ve made a lot of money from investing in companies that do things around crypto. Its users are a population willing to pay high fees for nebulous ideological points, almost uniquely so outside religion and politics.

[1] https://www.cnbc.com/2022/12/07/just-8percent-of-americans-h...

[2] https://www.pewresearch.org/short-reads/2023/04/10/majority-...

[3] https://projects.fivethirtyeight.com/pollster-ratings/ Harris

[4] https://www.businesswire.com/news/home/20240507551232/en/DCG...

I support (some forms of) cryptocurrencies and I support end-to-end encrypted messaging, but combining both in the same app is so obviously unintelligent that questioning the motives is inevitable.

Cryptocurrencies are taxable assets. While private communication enjoys some legal protections in many countries, trading taxable assets does not.

If an app allows you to trade taxable financial assets, it means that tax authorities have every right to demand access, even if it's just to confirm your claim that you didn't use the feature.

Exactly. If web browsers weren’t as big of an ecosystem as they were, they’d have pushed for OS makers long ago to ban them. After all, they can load abitrary content including copyrighted information and CSAM! And they can circumvent the 30% that Apple charges in the app store.

The Web was the one anomaly in the Matrix. Where it’s just too big for more countries (except China, North Korea, and soon Rusia) to bring to heel.

Browser makers are really your last line of defense. And rather than making MORE decentralized ecosystems, the geeks on HN spent a decade fighting against anything that smelled of decentralized encryption and digital signatures. Which is sad! We could have had far more innovation and reached critical mass same as the Web did. Instead, small teams working on Freenet or MaidSafe (Autonomi) are our best hope for a privacy future.

And it can be banned at the protocol level.

I guess Matrix and Tor might be considered the only successful projects for privacy, and Tor kinda sucks for real privacy because it’s basically still a web host.

Hitler conquered several countries in under a year and there were no signs of that slowing down, Russia has been at a stand still in Ukraine for over 2 years now. Current war is closer to ww1 than ww2.

I appreciate the downvotes, but I'm honestly looking forward to hearing a better alternative (than helping Ukraine financially and with weapon shipments). I imagine people expressing "anti-war" opinions live far away from the frontline, don't have to worry about their country being next, and it's easy for them to say "just end the war". But maybe I'm wrong. So please when downvoting also spare a minute to share what your preferred solution is.

What makes you think your country will be next?

What makes you think that your country is threatened?

Those are incomparable. One is a political influence via civilized methods, money and propaganda. The other is a brutal military aggression.

The proper acceptable course of action for Putin & Co. was to compete economically and propagandistically, not invade with soldiers. They tried before with Yanukovich, but in 2014 these russian collaborators lost grip on power, and Putin & Co., instead of folding up graciously, or trying with another helper later again, went insane and tried to force their interests with military methods. That is an escalation that has no moral justification.

Most of my family use my brother's Matrix server, but it's the Element app that makes it appealing to us all. Client side scanning could be enforced in the app, regardless of the server's protections.

Not on iOS.

Last time I checked (2018) the support for media&file sharing was in a quite bad shape in all available Android clients. Even without e2e encryption enabled. Is it good now?

By clients having support and/or plugins for things like OMEMO and OTR.

Moxie wrote an extensive blog post outlining the reasons they were not going to make use of a decentralised system.

I believe its this post here, but someone correct me if this is the incorrect link: https://signal.org/blog/the-ecosystem-is-moving/

Over a quarter of the country are immigrants, so they’re indeed immigration-friendly

If you have the means, yes.

it is for highly skilled/specialized workers coming from the EU. I've emigrated to Switzerland more than a decade ago and couldn't be happier.

If you are an EU citizen you have free movement rights to move to Switzerland.

but not securely

what

switzerland is NOT in EU

GDPR doesn’t mean you follow “new EU rules”.

It just means you only store the data you need, you track how the data is used, and you allow data subjects the possibility to modify/remove said data.

I expect applies to any app on a phone that is registered in the EU. If you wanted to and were able to buy a Swiss phone with Swiss number you might be okay.

Developers could start to employ software activism and dis-allow licenses for software they develop by European governments citing the reasons.

Perhaps Signal can deploy a version for Europe that is licensed for use only by governments and scans the hell out of them looking for corruption using AI.

The Signal client and (irregularly) the server are published as open source. You can run your own Signal instance. If you want to complicate your life, of course.

No web interface and constant need to link to other devices.

That sort of feature is dangerous, and very likely to cause at least one vulnerability. If I were running signal, I would be very reluctant to, and careful in implementing it.

Seems like you are talking about Telegram, not WhatsApp?

Volt has way more political stances, so it's a less neutral choice. If you care most about internet freedom the ones to go for are the Pirates.

It's indirect, but in their policy programme (https://volteuropa.org/storage/pdf/eu-elections-2024/volt-eu..., page 45) they mention:

Transform the Declaration on European Digital Rights and Principles for the Digital Decade into a binding legal instrument, so that the Declaration is upheld at every step of policy making.

The Declaration that they mention is not from Volt, it's from the EU itself and can be found here: https://digital-strategy.ec.europa.eu/en/library/european-de...

Privacy and individual control over data

17. Everyone has the right to privacy and to the protection of their personal data. The latter right includes the control by individuals on how their personal data are used and with whom they are shared.

18. Everyone has the right to the confidentiality of their communications and the information on their electronic devices, and not to be subjected to unlawful online surveillance, unlawful pervasive tracking or interception measures.

Of course, given that this Declaration is signed by the same parties that are currently pushing the ChatControl measures being discussed doesn't fill me with much confidence.

In Poland, women are probably more often the victim than men, but in U.S., reported statistics are very surprising.

men and women were equally likely to experience nonconsensual sex, and most male victims reported female perpetrators. [1]

[1] https://www.scientificamerican.com/article/sexual-victimizat...

They won’t be able to operate that over public networks in China, because the routers will drop their packets.

You’d need to roll your own mesh network — definitely doable in local areas but the question is how to connect them over wider distances without going through the Great Firewall. Satellites?

We already have this - it's called Tor and I2P.

You could just change your App Store region to any country outside the EU. For example all you need to change to US is an American phone number and credit card.

No unless you jailbreak your iPhone (good luck with that) or re-sign the app every week because that's your only option without a $100/year developer account.

You could buy an android phone and download the APK from their homepage.

https://signal.org/android/apk/

Which are technical aspects of a fundamentally social problem. It's not the market platform itself that dodged the government - it's the people on the market.

Keeping stuff in pockets is overrated. There are ridiculously small portable laptops though.

https://www.gpd.hk/gpdmicropc

Plus the court can simply be ignored when it comes to data protection. See:

- Safe Harbour - Privacy Shield - Data Privacy Framework

Mobilecoin doesn’t use mining

Their stated design goal was to create an actual usable payments system; not a speculative asset .

Edit : Urrgh got that wrong . Fixed distribution of coins and yes the founders control most of them

I'm not sure that this would work, mainly because it would mean that all the documents would have the same hash, rendering the content ID system useless. I don't know how many bits a content I'd contains, though, but I imagine it's enough to avoid having too many collisions (as that would reduce the usefulness of the system).

Thanks. I missed the "links" in that list while I was wondering why "images" and "photos" are included together in that list.