In China, basically every enterprise uses a VPN to get uncensored internet when needed.
annette_runner@lemmy.world
on 18 Apr 21:22
collapse
It’s definitely not integral. You could just control the connection points. Ie, all your software tools on intranet and wired connection only. Any data can be decrypted.
NaibofTabr@infosec.pub
on 18 Apr 21:48
nextcollapse
No one can bank online without reliable encryption. No one can transact business online without reliable encryption.
annette_runner@lemmy.world
on 19 Apr 01:18
collapse
You can actually. It just wouldn’t be encrypted.
halcyoncmdr@lemmy.world
on 19 Apr 03:29
nextcollapse
Instead you just have to trust that anything you’re doing is actually with who they claim to be. No encryption means no identity or security guarantee.
annette_runner@lemmy.world
on 19 Apr 04:35
collapse
This specific thread is talking about transacting business and banking online. You should be more careful to keep your arguments separated. Otherwise you not only look like an idiot but you also prove you can’t multitask for shit.
annette_runner@lemmy.world
on 19 Apr 06:05
collapse
This specific thread is about criminality of encryption.
That’s correct, but your point is not clear. Public infrastructure is not a closed system. If your “closed systems” have to communicate, they either build and support their own parallel infrastructure or don’t, or communicate without encryption over public infrastructure. Which is not acceptable.
People used encryption for commercial purposes since Antiquity.
If your point is how it mostly was right “before radio transmission” - that latency would break civilization. You’d have to send messengers with safes for correspondence. The contents of which would be encrypted.
By the way, in those days nobody in their right mind would suggest banning encryption. If you need to read something - get a court order to read it first, if you read it without that you’ve committed a crime and it’s not admissible. If it’s encrypted, you could get the court to demand someone to decipher it, if it’s certain that they can.
A lot of steps, see, to not infringe on private life.
henfredemars@infosec.pub
on 18 Apr 21:00
nextcollapse
They’ll send you to the Gulag here even if you didn’t commit a crime.
annette_runner@lemmy.world
on 18 Apr 21:20
nextcollapse
I think it’s contextual. It is definitely relevant to bring into a criminal case that criminals made attempts to obstruct gathering of evidence in commission of the crime. It’s no different than shredding or burning paper files. Evidence of criminals taking steps to hide the criminal activity is how you prove that a transgression is willful rather than negligent. That matters in cases like murder.
Encryption is also criminal in some contexts, like encrypted radio broadcasts on frequencies for public use.
It definitely belongs as a talking point in a courtroom, imo.
revv@lemmy.blahaj.zone
on 18 Apr 23:30
nextcollapse
With respect, this is a short-sighted take. There’s literally no legitimate crime that is made worse because a person tried to avoid it being detected. Plot a murder over tor? Not a good look. But in what universe is someone less morally culpable because they just posted on craigslist?
On the other hand, allowing the use of encryption or other privacy methods to affect the criminality or punishment assigned to an action just creates a backdoor to criminalizing privacy itself. Allowing that serves no real purpose in deterring folks from hurting others, but it sure does further the interests of an oppressive or authoritarian regime.
annette_runner@lemmy.world
on 19 Apr 01:17
collapse
How does covering up a crime not make it worse when it allows you to get away and commit more crime?
Doing crime in the privacy of my own home allows me to get away with it and commit more crime, doesn’t mean we should have transparent walls that everyone can watch what you do through.
annette_runner@lemmy.world
on 19 Apr 06:11
collapse
I don’t disagree with that but the article is talking about what arguments are permissible in a court room which is a little different. Same as using tools to commit a crime. It’s not illegal to own or use tools but when used in commission of a crime, this can be a factor in proving elements of a crime that require proof of intention or malice.
Not sure I understand how you are reading the article. That’s like saying having a steak knife in your home is a factor in proving elements of a crime. Tools are completely neutral parties that are unrelated to prosecution, and encryption should be no different.
It’s no different than shredding or burning paper files.
Both are normal if you work with information you wouldn’t like to leak. Or something very personal.
They are that thing you said only if they are unusual for the circumstance. When that gives information that a person did something not normal.
Because that’s a sign of something, kinda similar to shaking hands and missing shovel and sudden lack of time for guests.
Encrypting everything on Internet-connected machines is not unusual. It’s perfectly normal. It’s f* obligatory.
Encryption is also criminal in some contexts, like encrypted radio broadcasts on frequencies for public use.
Because that’s almost jamming, if everyone could broadcast all they can, nobody could use those frequencies. And since you have to make space there, private transmissions probably belong somewhere else. Doesn’t matter when using wire. This is irrelevant to encryption.
It definitely belongs as a talking point in a courtroom, imo.
No it doesn’t. Even if someone suddenly started encrypting everything, no. Maybe they learned how the world works and decided to learn to do it just in case.
CalipherJones@lemmy.world
on 19 Apr 16:50
collapse
“After Salt Typhoon’s hacking campaign targeting US telecom networks came to light last fall, then FBI director Christopher Wray described the phone company breaches as China’s “most significant cyber-espionage campaign in history.” The intrusions, which in some cases exploited the wiretap mechanisms built into telecoms for law enforcement use, prompted CISA and FBI officials to go so far as to recommend that Americans use end-to-end encrypted communication apps like Signal and WhatsApp to avoid leaving their texts and calls vulnerable to China’s real-time spying.”
They’ll just make it a crime and pretend you were wrong all along. We’re not playing by moral rules anymore.
rottingleaf@lemmy.world
on 19 Apr 15:10
nextcollapse
Encryption is not just not a crime, it’s a republican virtue, those arguments usually used about guns, they are even better applicable to encryption. Encryption is actually a civil duty, because of herd immunity being damaged by people not using encryption. That public institutes’ erosion we are seeing in the last decades - it’s because the technological progress made the need for encryption to blow up, not accompanied with sufficient public perception. That erosion is a result of bad people having gotten orders of magnitude more information about everyone to plan their actions.
I believe in some jurisdictions it is in some circumstances a crime, yes.
cy_narrator@discuss.tchncs.de
on 21 Apr 01:02
collapse
Encryption is like a lock, it has keys. Its like saying “All of you should provide a print of all your keys used in your home to the police, else how would we know you are not hiding a body in there?”
threaded - newest
Yet.
It's kind of integral to the function of enterprise?
The entire financial system literally relies on encryption
Lots of really critical stuff needs encryption, it's absolutely insane to try and ban it.
to try to* ban it
People lock their doors; everyone understands.
wHaT aRe ThEy HiDiNg!!??!1?
In China, basically every enterprise uses a VPN to get uncensored internet when needed.
It’s definitely not integral. You could just control the connection points. Ie, all your software tools on intranet and wired connection only. Any data can be decrypted.
No one can bank online without reliable encryption. No one can transact business online without reliable encryption.
You can actually. It just wouldn’t be encrypted.
Instead you just have to trust that anything you’re doing is actually with who they claim to be. No encryption means no identity or security guarantee.
Closed systems don’t require encryption.
Are you stupid enough to actually think the Internet is a closed system?
No lmao. How did you get that from all the talk about radio transmission and encryption?
This specific thread is talking about transacting business and banking online. You should be more careful to keep your arguments separated. Otherwise you not only look like an idiot but you also prove you can’t multitask for shit.
This specific thread is about criminality of encryption.
In which case anyone who wants to can read the message traffic and make changes to it before passing it on to the receiver.
No, you can’t conduct business this way.
Thats why it would have to be a closed system with controlled transmissions rather than omnidirectional radio transmissions.
You mean, for everyone to have their own infrastructure, many times what we have now, and still some jerk can literally wiretap like in old times?
Or send messengers?
No, you are wildly incorrect for multiple reasons both technical and practical.
I'm not even going to waste any more of my time pointing out how intensely ridiculous your assertions are.
Please tell me banking didnt exist before radio transmission.
Please continue to highlight your spectacular ignorance so that everyone knows for sure that you should not be taken seriously.
Everyone? You mean the 10 people that read this thread?
That’s correct, but your point is not clear. Public infrastructure is not a closed system. If your “closed systems” have to communicate, they either build and support their own parallel infrastructure or don’t, or communicate without encryption over public infrastructure. Which is not acceptable.
People used encryption for commercial purposes since Antiquity.
If your point is how it mostly was right “before radio transmission” - that latency would break civilization. You’d have to send messengers with safes for correspondence. The contents of which would be encrypted.
By the way, in those days nobody in their right mind would suggest banning encryption. If you need to read something - get a court order to read it first, if you read it without that you’ve committed a crime and it’s not admissible. If it’s encrypted, you could get the court to demand someone to decipher it, if it’s certain that they can.
A lot of steps, see, to not infringe on private life.
They’ll send you to the Gulag here even if you didn’t commit a crime.
I think it’s contextual. It is definitely relevant to bring into a criminal case that criminals made attempts to obstruct gathering of evidence in commission of the crime. It’s no different than shredding or burning paper files. Evidence of criminals taking steps to hide the criminal activity is how you prove that a transgression is willful rather than negligent. That matters in cases like murder.
Encryption is also criminal in some contexts, like encrypted radio broadcasts on frequencies for public use.
It definitely belongs as a talking point in a courtroom, imo.
With respect, this is a short-sighted take. There’s literally no legitimate crime that is made worse because a person tried to avoid it being detected. Plot a murder over tor? Not a good look. But in what universe is someone less morally culpable because they just posted on craigslist?
On the other hand, allowing the use of encryption or other privacy methods to affect the criminality or punishment assigned to an action just creates a backdoor to criminalizing privacy itself. Allowing that serves no real purpose in deterring folks from hurting others, but it sure does further the interests of an oppressive or authoritarian regime.
How does covering up a crime not make it worse when it allows you to get away and commit more crime?
Doing crime in the privacy of my own home allows me to get away with it and commit more crime, doesn’t mean we should have transparent walls that everyone can watch what you do through.
I don’t disagree with that but the article is talking about what arguments are permissible in a court room which is a little different. Same as using tools to commit a crime. It’s not illegal to own or use tools but when used in commission of a crime, this can be a factor in proving elements of a crime that require proof of intention or malice.
Not sure I understand how you are reading the article. That’s like saying having a steak knife in your home is a factor in proving elements of a crime. Tools are completely neutral parties that are unrelated to prosecution, and encryption should be no different.
Both are normal if you work with information you wouldn’t like to leak. Or something very personal.
They are that thing you said only if they are unusual for the circumstance. When that gives information that a person did something not normal.
Because that’s a sign of something, kinda similar to shaking hands and missing shovel and sudden lack of time for guests.
Encrypting everything on Internet-connected machines is not unusual. It’s perfectly normal. It’s f* obligatory.
Because that’s almost jamming, if everyone could broadcast all they can, nobody could use those frequencies. And since you have to make space there, private transmissions probably belong somewhere else. Doesn’t matter when using wire. This is irrelevant to encryption.
No it doesn’t. Even if someone suddenly started encrypting everything, no. Maybe they learned how the world works and decided to learn to do it just in case.
It’s the Cypherpunk’s Manifesto all over again.
<img alt="" src="https://imgs.xkcd.com/comics/legal_hacks.png">
Too bad the paper proclamation that is the constitution means nothing today
And backdoored encryption is just as bad as unencrypted, maybe worse, since it lulls you into a false sense of security.
Mathematically worse.
“After Salt Typhoon’s hacking campaign targeting US telecom networks came to light last fall, then FBI director Christopher Wray described the phone company breaches as China’s “most significant cyber-espionage campaign in history.” The intrusions, which in some cases exploited the wiretap mechanisms built into telecoms for law enforcement use, prompted CISA and FBI officials to go so far as to recommend that Americans use end-to-end encrypted communication apps like Signal and WhatsApp to avoid leaving their texts and calls vulnerable to China’s real-time spying.”
wired.com/…/chinas-salt-typhoon-spies-are-still-h…
Encryption is only a crime if done by a poor or not the government. So long as it’s got the rich people backing it, it’s not even in the same league.
When will you people see that this world doesn’t have universal rules. It has rules for the poor. And those for the rich.
© Rage against the Machine
Encryption is not a crime *unless you’re doing it to someone else’s data to extort them for bitcoins
Legalize it
They’ll just make it a crime and pretend you were wrong all along. We’re not playing by moral rules anymore.
Encryption is not just not a crime, it’s a republican virtue, those arguments usually used about guns, they are even better applicable to encryption. Encryption is actually a civil duty, because of herd immunity being damaged by people not using encryption. That public institutes’ erosion we are seeing in the last decades - it’s because the technological progress made the need for encryption to blow up, not accompanied with sufficient public perception. That erosion is a result of bad people having gotten orders of magnitude more information about everyone to plan their actions.
Encryption should be no more a crime than locking your house or storing your valuables in a safe.
Who is the removed who would that encryption is a crime?
A fairly large portion of governments globally
I believe in some jurisdictions it is in some circumstances a crime, yes.
Encryption is like a lock, it has keys. Its like saying “All of you should provide a print of all your keys used in your home to the police, else how would we know you are not hiding a body in there?”