Comment by strcat
4 days ago
France has made it clear they expect to have a backdoor in end-to-end encryption apps and disk encryption. They've been saying that it's unacceptable not to have a backdoor in a bunch of these news stories they've gotten published by contacting the media. They've said if we don't cooperate with that, they'll take similar actions against us as they did SkyECC and Encrochat meaning hijacking our servers and trying to have us arrested.
Le Parisien has 2 articles about this, not only one, and https://news.ycombinator.com/item?id=46038241 explains lack of technical ability to compromise security after the fact. Titan M2 is specifically designed with insider attack resistance so that Google making an update disabling the brute force protection won't be accepted by the secure element without the Owner user successfully unlocking first. We don't have the signing key for the Titan M2 firmware anyway. This is part of our required hardware-based security features which we're working on providing in a Pixel alternative with a major Android OEM working with us right now. We talked to them about the France situation already and it does not negatively impact our partnership. It may be a good idea to speed up an official announcement with them to counter the narrative being pushed by France's law enforcement agencies now.
> France has made it clear they expect to have a backdoor in end-to-end encryption apps and disk encryption.
Note that "France" and "Johanna Brousse" (as the lead investigator lobbying for more agency data access) are not the same, by a couple million people.
Now's the time to get ahead of this. Communicate openly why Open Source matters, what's at stake, and try to ally with existing organizations like the EFF, IETF, Linux Foundation, CCC e.V. and others. They know how to deal with the media, and it's okay to ask for help.
Please let another person check the article from a non-technical perspective, because that's where journalists have a strategical bonus. If the blogpost/article/video/whatever contains too much technological lingo, the masses won't be able to understand it.
Wish you the best.
PS: I hope that you can see that not all people are as messed up as the kiwifarm doxxers. I've seen their "call to arms" to start new swatting attempts etc. Stay safe.
PPS: Don't engage with people that have anime avatars. Just block them. Your time is wasted trying to read or reply to them. Hate is a mind infiltration technique.
I appreciate the answer and the work on GrapheneOS! It seems there's a lot of work going on with the QPR1 release and this French matter doesn't make things easier for the team. Good luck!
Le Parisien is not the french state. I doubt you had any interaction with the french authorities at all.
You are unable to any legal recourse because none of your rights have been violated (yet).
To be fair, the quote in the second article is from Johanna Brousse who is behind the Durov arrest.
> "Mais ça ne nous empêchera pas de poursuivre les éditeurs, si des liens sont découverts avec une organisation criminelle et qu’ils ne coopèrent pas avec la justice."
> “But that won't stop us from prosecuting publishers if links to a criminal organization are discovered and they fail to cooperate with the justice system.” (DeepL)
I understand this can be seen as more threatening even if the whole quote softens this a bit.
To be even fairer, where in the french legal codes does it say "introduce backdoors!"
I'm all for assuming the worst, but not to the point of putting words in someone's mouth.
Only a total idiot would wait to actually be arrested, fined, or even harassed, before doing something about it.
Maybe he is going to get arrested, maybe we are observing an persecution complex.
1 reply →
> They've said if we don't cooperate with that, they'll take similar actions against us as they did SkyECC and Encrochat meaning hijacking our servers and trying to have us arrested.
No, they haven’t.
You are letting your paranoia talk by widely amplifying the content of two newspapers articles in media affiliated with the far right.
I’m quite surprised by your reactions to be fair because both SkyECC and Encrochat were actually affiliated with organised crimes. As far as I know, GrapheneOS isn’t.