this post was submitted on 21 Sep 2023
153 points (97.5% liked)

Europe

8324 readers
1 users here now

News/Interesting Stories/Beautiful Pictures from Europe 🇪🇺

(Current banner: Thunder mountain, Germany, 🇩🇪 ) Feel free to post submissions for banner pictures

Rules

(This list is obviously incomplete, but it will get expanded when necessary)

  1. Be nice to each other (e.g. No direct insults against each other);
  2. No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
  3. No posts linking to mis-information funded by foreign states or billionaires.

Also check out !yurop@lemm.ee

founded 1 year ago
MODERATORS
 

The U.K. Parliament has passed the Online Safety Bill (OSB), which says it will make the U.K. “the safest place” in the world to be online. In reality, the OSB will lead to a much more censored, locked-down internet for British users. The bill could empower the government to undermine not just the privacy and security of U.K. residents, but internet users worldwide.

you are viewing a single comment's thread
view the rest of the comments
[–] Weslee@lemmy.world 24 points 1 year ago (3 children)

The big thing I'm mostly concerned about is this mysterious backdoor they are supposedly forcing tech providers to build into all devices - what exactly is this and what stops anyone from learning about it and exploiting it?

[–] UnknownQuantity@lemm.ee 21 points 1 year ago (2 children)

It's fairly simple: encrypted software developers will leave the UK, because no one would trust the security of their SW. I'm not sure if there is an exception for online banking, but perhaps this bill will stimulate the mattress industry and encourage return to the old ways of storing money.

[–] 0x815@feddit.de 7 points 1 year ago* (last edited 1 year ago) (1 children)

Even if there are exceptions for banking apps, would you trust them? What will private companies do to protect their trade secrets? What will children and other victims of sexual abuse do when they seek help and need a safe and private environment?

Edit for an addition:

UK mass interception laws violates human rights and the fight continues... [May 2021]

The Grand Chamber of the European Court of Human Rights ruled that the UK government’s historical mass interception program violates the rights to privacy and freedom of expression.

[–] UnknownQuantity@lemm.ee 3 points 1 year ago

I see your point and agree. I use online banking and I trust that my bank doesn't want to compromise my account by adding some back-door. Having said that I have no doubt that should and government agency request access to my financial data, they would do it in a blink of an eye.

Yes, the law is a bad one and people should voice their protests, but I'm afraid that nothing will ultimately change and we'll have more bad laws in the future.

[–] Flax_vert@feddit.uk -1 points 1 year ago (2 children)

Tbf banking uses encryption for transactions exclusively between you and a bank. I don't think the law is "no end to end encryption at all"

I'm using signal no matter what dishi rishi tells me to do.

[–] UnknownQuantity@lemm.ee 1 points 1 year ago

I didn't say they're banning encryption, I was just referring to the back-door requirement. An encryption with a back-door is no encryption at all.

Signal as far as I know isn't based in the UK and hence not subject to these laws.

[–] 0x815@feddit.de 1 points 1 year ago* (last edited 1 year ago)

banking uses encryption for transactions exclusively between you and a bank. I don't think the law is "no end to end encryption at all"

They apply client-side scanning. Meaning the data gets scanned before it gets encrypted. This is like someone looking over your shoulder.

[–] Gamey@feddit.de 3 points 1 year ago

Australia did something similar ages ago, just for absolutely every peace of software even if a aingle employee lives from their but this one targeting encryption is bad too, it basically means every encryption software developer will leave the UK and proper encryption will be illegal to use.

[–] stevecrox@kbin.social 2 points 1 year ago* (last edited 1 year ago)

The issue is end to end encryption.

The law change requires messaging applications to be able to provide messages between people using their service.

In the 00's, messaging applications would have a secure connection between themselves and person A and anouther secure connection between themselves and Person B.

Person A would encrypt the message, send it to the service, who would decrypt it, open a connection to Person B, encrypt the message and send to Person B.

So if the police got a warrent for communications of Person B (say the police think the person is involved in human trafficking), then the messaging service could provide all messages sent to Person B.

Message services have taken themselves out of the loop, Person A now encrypts the message and sends directly to Person B. So the police appear with a warrent and the message service shrugs its shoulders since it hasno means to get the data.

The law effectively requires messaging services to design the apps/service so they can comply with a warrent.

The issue is less encryption and more the balance between your right to privacy and states right to intrude.

This is why banks aren't upset, they aren't talking about back dooring encryption and bank encryption is between you and the bank so they don't have to do/say anything.