Comment by AndrewSwift
9 hours ago
It would be nice to have details:
It rewards or penalizes online services depending on whether they agree to carry out “voluntary” scanning, effectively making intrusive monitoring a business expectation rather than a legal requirement.
This is the same way the law in many EU countries mandates ISPs to store communication logs for every internet subscriber for months or longer.
The legal mandate was shot down by the EU courts, but every country then figured out their own loophole and as a result data retention is effectively mandatory but not by clear and public law.
As a first step, after that they will expand it and force to do it effectively boiling the frog.
https://en.wikipedia.org/wiki/Boiling_frog
From the second paragraph in your link:
> While some 19th-century experiments suggested that the underlying premise is true if the heating is sufficiently gradual, according to modern biologists the premise is false: changing location is a natural thermoregulation strategy for frogs and other ectotherms, and is necessary for survival in the wild. A frog that is gradually heated will jump out. Furthermore, a frog placed into already boiling water will die immediately, not jump out.
It is just a saying my dear friend. I added link because I was not sure how known it is in other countries - if at all.
But of course some HN commenter had to do: 'well actually...'. :D If I would write something like: 'Better late than never' would you be correcting me too? 'Well actually studies shows that it is better never...'
I recommend some chilling with a nice cup of tea.
1 reply →
It's just a metaphor.
Business, eh. Maybe it's time to go open source and fully distributed peer-to-peer. Something like Tox[0] or SimpleX[1].
The (actual) solution should be to fix legislation to adequate protect privacy, because they'll attack this next.
But meantime, a technical solution is better than nothing.
0. https://tox.chat/
1. https://simplex.chat/
> Hi Mom, please install this peer to peer dark net chat to talk to me in the future, thanks Oh honey, why don't we just use iMessage instead. Thx bye.
I have been successful in getting non-technical people onto Signal. As far as a technical product goes, Signal is kindof shit (among other things: no support for non-Debian-based Linux forcing users to use sketchy third party repos when they are a massive target for backdoors, really shitty UX for backups), but it gets the job done and seems to have robust encryption from what other people say (I am not qualified to evaluate this myself).
If a P2P solution that solved the aforementioned Signal issues were to have excellent UX, then that could probably work.
Lastly, what counts as "excellent UX" for technical and non-technical people seems to differ. For example, I consider Discord and Slack to be quite intuitive and easy to use, but multiple technical people have expressed to me that they find it to be very confusing and that they prefer other solutions, such as GroupMe in one example. To me, GroupMe shoving the SMS paradigm into something that's fundamentally not SMS is more confusing and poor UX, but to these non-technical people that seems easy. I suspect that Signal's shortcomings that I perceive are an example of this: making UX trade-offs that work great for non-technical people but are less good for technical people. I'm not sure what these specific UX trade-offs are, but I suspect that it's something akin to having a conceptually sound underlying model (like Discord or Slack servers/workspaces and channels), versus having really obvious "CLICK HERE TO NOT FUSS" buttons like GroupMe, while having graceful failures for non-technical users that can't even figure that out (like just pretending to be SMS in GroupMe's case if you can't figure out how to install an app, or don't want to put that effort in, something that many people know how to use).
Whet nerds perpetually don't understand, is that regular people hate the apps that nerds love, which are largely apps made by nerds who hate the apps that normal people love.
This seems a bit more polished: https://tryquiet.org/
But some friction is to be expected.
2 replies →
My (very non-technical) 70 year old mom was actually happy to use Element because it has a nice desktop client, so she can more easily type and see pictures than on her phone screen. Simplex Chat would have worked for her as well.
Exactly this
But people like to sensationalize stuff
This is less worse than the original proposal
Oh and honestly game chat rooms should not be private.
(of course personal 1:1 messages should)
This achieves every goal the original proposal achieved, except the wording is sneakier.
Services are obligated to do risk analysis and take appropriate safety precautions against high risk actions. High risk actions include "anonymous accounts", "uploading media", and of course "encrypted messages".
The moment they catch the next random pedo, every messenger app on their phone will be tasked with explaining why they didn't do enough to stop the pedo. They'd better get their business together next time, because otherwise they might be held liable!
There's no law that says you have to hand over arbitrary data to the police without a warrant but when Telegrams shady owner landed in france, he was locked up until his company pledged to "work together with police better".
Don't be fooled by pretty words, none of this optional stuff is optional for any messenger the government doesn't already have the ability to read along with.
You're reading too much into this
Technical gotchas are not the same as legal gotchas
1 reply →
> of course personal 1:1 messages should
And what my undersensationalized friend do you understand by the word chat?
Maybe read the whole thing and learn the word steelman instead
> Oh and honestly game chat rooms should not be private. you are part of the problem