Mastodawn

Mike Byrne Dec 5, 2024

Yes, I've heard that the FBI is now recommending that we use End-to-End encryption. Yes, I am worried about dying of an irony overdose.

Show thread

Matt Blaze Dec 4, 2024

FBI (etc): You should use end-to-end encryption, because networks can be easily compromised by national adversaries.

Us: Right! Just like we've been saying all along forever!

FBI: Never heard that. Anyway, It's even worse than that! They can even compromise wiretapping systems!

Us: You mean just like we warned that they would when you mandated them?

FBI: Nope, never heard anything like that either.

🙃

Kevin Lyda Dec 4, 2024

@mattblaze I had a coworker who worked for a company implementing Carnivore decades ago. They had some really low paid Chinese contractors who helped them. The contractors seemed to have more money than you'd expect at their pay level. They also were never in the office during the occasional announced client meetings.

It amazes me how naive government officials sometimes are.

Show thread

mike805 Dec 4, 2024

@lyda @mattblaze The Chinese probably recruit students at their universities, and offer them the chance to travel abroad, make money, and win a place in the Chinese power structure if they can successfully get access to something valuable.

I recall when the whole CALEA thing started, the EFF was warning that there was no way to secure it and it would get abused by bad actors.

Show thread

mivox is exhausted

Dec 4, 2024

@mattblaze @mvario Paranoid brain: That’s exactly what I would tell people to do, if I were the FBI and I had compromised at least one widely used encrypted messaging app, and wanted more people to feel comfortable speaking more freely about their secrets…

Show thread

Three LLMs in a Trenchcoat Dec 5, 2024

@mivox @mattblaze @mvario the most likely candidate for this is WhatsApp imho

Show thread

mivox is exhausted

Dec 5, 2024

@me @mattblaze @mvario But nobody who was actually paranoid would use a Meta property for secure communications, would they?

Show thread

CaveDave Dec 4, 2024

@mattblaze FBI: ok, the treat from China is gone now. Everyone please go back to how you were doing things before. N
Those privacy precautions are for foreign agencies, not for us ofc

Show thread

Irenes (many)Dec 4, 2024

@mattblaze we were particularly amused at them trying to claim it's not a new recommendation

Show thread

Eh?!?Dec 4, 2024

@mattblaze

"Thou shalt not have any man-in-the-middle other than Us"

Show thread

listless Dec 4, 2024

@mattblaze IT professional's when the FBI said "use encrypted messaging systems":

Show thread

Jay Dec 4, 2024

@mattblaze
Literally everyone in the Pirate movement/EFF/Digital rights space: "I'm so tired".

Show thread

Matt Blaze Dec 4, 2024

@jaystephens so, so tired.

Show thread

Sophie Schmieg Dec 4, 2024

@mattblaze honestly the most surprising thing of that announcement was that the FBI assumed there was privacy in text messages (as in SMS, not RCS with e2ee).

Show thread

Alison Meeks Dec 4, 2024

@mattblaze Hell that sounds like their nonsense after Jan 6th. Willful ignorance since their Twitter account was literally littered in tags about all the nonsense about to go down.

Show thread

Three LLMs in a Trenchcoat Dec 5, 2024

@mattblaze Well, this is true, but I hope we can agree that the worst time to highlight hypocrisy is when we are about to see change for the better

Show thread

Matt Blaze Dec 5, 2024

@me

1. Hypocrisy is advocating one thing while doing the opposite, which is not what the FBI is being criticized for here. They’re being criticized for being (very) late in advocating an important safeguard. See “closing the barn door…” etc.

2. The FBI is not an individual with feelings that must be protected. It’s a powerful, publicly funded institution subject to public scrutiny and criticism, at least for the time being.

they still promote LE / IC access to encrypted
data via “trusted” tech companies retaining everyone’s encryption keys & oppose E2EE encryption¹𝄒², so there’s a [ citation needed ] for your assertion that “we are about to see change for the better”

maybe we should expect organisations to demonstrate that they have genuinely changed their position / policy / actions over an extended period of time before we start handing out cookies

1 https://www.fbi.gov/about/mission/lawful-access

2 https://www.fbi.gov/about/mission/lawful-access/lawful-access-myths-vs-reality

Show thread

Darryl Ramm Dec 5, 2024

@mattblaze

FBI HQ based special agents might want to brush up on their own end-to-end encryption as they head out to their new field office work. Don't want the new management reading everything do we?

Show thread

Justin Derrick Dec 5, 2024

@mattblaze This is why the answer to anyone asking for a backdoor into your communications is "You first."

Then, all the reasons they say they can't do it are all the reasons you can't do it.

Show thread

Wolf480pl Dec 14, 2024

@mattblaze wait, did I miss some news about a wiretap getting pwned?

Show thread

refraction

Dec 16, 2024

@mattblaze
Us: well at least you got there in the end.

FBI: we need to mandate backdoors to encrypted messaging services.

Us: 😒 so you learned nothing...

Show thread

Cathy Gellis Dec 4, 2024

@mattblaze It may not be the e2e we want. Per Riana they want “responsibly managed encryption."

Show thread

Long Live Moonjoy Dec 4, 2024

@cathygellis @mattblaze “irresponsibly managed encryption” is so much cooler though

Show thread

gz Dec 4, 2024

@mattblaze
At least you won't be anemicy.

Show thread

Andres Dec 4, 2024

@mattblaze kinda like when the FBI wishes us a happy MLK Day...

😬

MarjorieR Dec 4, 2024

@mattblaze presumably becuase they just twigged that going forward the 'bad guys' are going to be in charge of their own government.
Up to now, of course, your FBI surveillance has been entirely benign.

Show thread