UnshakledApr 13
Techlore

Not a drill 🚨 Florida is trying to backdoor encryption.

Their new bill asks for "social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.”

This is nothing new. Nevada tried it last year. UK is trying it. France. Sweden. The sooner we come together and stand for privacy as a human right, the sooner we can stop blaming a political party. People on both the left & right are proposing these backdoors globally.

Apr 12 at 8:36pmWeb
Show threadTechloreApr 12
These attempts are a massive overreach that make *everyone* less safe. There is no such thing as a backdoor for only the good guys. Americans should be well aware of this fact after events like Salt Typhoon which jeopardized millions of people.
https://techcrunch.com/2024/10/07/the-30-year-old-internet-backdoor-law-that-came-back-to-bite/
The 30-year-old internet backdoor law that came back to bite | TechCrunch

China reportedly hacked the wiretap systems required by U.S. internet providers under a 1994 U.S. wiretapping law.

TechCrunch
Show threadTechloreApr 12

The @eff did excellent coverage of this story:
https://www.eff.org/deeplinks/2025/04/floridas-new-social-media-bill-says-quiet-part-out-loud-and-demands-encryption

Speak to your reps! Talk to people you know about this. And donate to orgs like the EFF to help fight these things.

And finally, join the discussion on our forum to discuss with others in the community. Dive in here: https://discuss.techlore.tech/t/floridas-new-social-media-bill-demands-backdoors-in-end-to-end-encryption/13381

Florida’s New Social Media Bill Says the Quiet Part Out Loud and Demands an Encryption Backdoor

At least Florida’s SB 868/HB 763, “Social Media Use By Minors” bill isn’t beating around the bush when it states that it would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.” Usually these sorts of sweeping mandates...

Electronic Frontier Foundation
Show threadPaulHulfordApr 12
@techlore my question is can companies break e2ee? If they don't have the key there is nothing they can do. What is being ask is for tech companies to no longer offer e2ee, right?
Show threadDrRac27Apr 13
@paulhullford @techlore if they write the code and publish the apps you download they could code into the app that every message should be encrypted with two keys. The e2ee key as well as some key for example that some state has. They could even do it without getting access to the data themselfes and let the government generate the key and only provide the public key to e.g. whatsapp
Show threadPaulHulfordApr 13
@DrRac27 @techlore, that's a good point which is why open source code is important. It's also something they could push as an update without telling people if the source code is closed.
Show threadDrRac27Apr 14
@paulhullford @techlore they could also push an update without telling if the source is open. If they have reproducible builds one could at least check but then the app stores could deliver different versions to different people. Trust is always involved somewhere and most people use Android or iOS so you have to trust Google or Apple which are both US based and absolutely not trustworthy.
Show threadPaulHulfordApr 14
@DrRac27 @techlore it does make it difficult to know who to trust. It a comes down to who do you trust
Show threadTim Ward ⭐🇪🇺🔶 #FBPEApr 12
@techlore Presumably people have tried to explain to them that "mathematics doesn't work like that, and you can't change mathematics by passing a law". Presumably the legislators just think that this is someone's opinion which they can ignore if they don't like it.
Show threadSamuel LisonApr 13

@TimWardCam They’ll legislate a “backdoor” to make it the providers problem. And because there’s no way to do it, they’ll just be forced to disable E2EE or cop a fine for not enabling an impossible backdoor?

Or, do they make it so the central server has its own copy of the private keys that are created on each device on creation of a conversation/group/room.

Show threadJohn K.Apr 13
@techlore This eventually will trickle down to having to backdoor in TLS and then it is game over for e-commerce e-banking etc. When they realise that it will be too late. At least then we won’t have to worry about Shor’s algorithm…
Show threadOnly ExceptionApr 13
@techlore eeeeewwww. Keep my privacy out of your gruby little hands uncle sam
Show threadMrClonApr 13
@techlore yeah, it's bipartisan bullshit