Kirjoittaja Aihe: Yksityisyys, tietoturva, vakoilu, salaaminen  (Luettu 11354 kertaa)

Lalli IsoTalo

  • "Hallituksenkaataja"
  • Jäsen^^^
  • ***
  • Viestejä: 52 543
  • Liked: 98985
  • Emeritus mediaöyhöttäjä
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #60 : 10.11.2023, 10:01:34 »
Saas nähdä miten tämä EU:n avoin digi-id-salaliitto kansalaisten master-outtaamiseksi tulee onnistumaan. Meppien pitää vielä äänestää tästä.

Vaikka sinulla ei olisi mitään salattavaa, niin digi-id:tä kannattaa yrittää vältellä kuin ebolaa, lassakuumetta, kuppaa, ruttoa ja hiviä.


Lainaus
Very bad news. The European Parliament and Member States just reached an agreement on introducing the Digital Identity, #eID.

Directly afterwards, #EU Commissioner Breton said:

"Now that we have a Digital Identity Wallet, we have to put something in it...", suggesting a connection between #CBDC and eID.

[CBDC = Central bank digital currency]

They ignored all the privacy experts and security specialists. They're pushing it all through.

I am not optimistic. But it is not too late yet. Parliament still has to vote about this. Let your MEP know that you oppose the Digital Identity and that you want your MEP to vote against it!

Lainaus
Richard Willett @WTAFRich

If people on mass refuse to use it then its falls on its arse. That's always the way. I can't happen if people refuse on mass to use it.

Lainaus
Strategieduchoc 🇫🇷 @strategieduchoc
The social credit system is coming.

Lainaus
Shaun Kaven el Granjero @shaunkaven

It’s way worse than you think, Rob.

I’d strongly encourage everyone to read the plan written by the BIS (Bank of International Settlement - basically, the Central Banks’ bank)

https://bis.org/publ/arpdf/ar2023e3.htm

It’s long and tedious but I’ll give you the cliff notes. They want to create a CENTRAL LEDGER for CBDCs. That you already knew. But there’s something else much more insidious.

They have a plan to tokenize ALL assets. When they roll this out, every asset in the country over a certain value must be tokenized and put onto the central ledger, or it will be forfeited to the government.

Oh, you thought you could escape the dollar collapse by buying properties? Nope. It’ll be tokenized and put on the ledger, and according to this document there will be rules for what you can do with it, how you can sell or buy, etc.

But I have gold and silver reserves. Another nope. They have to be tokenized too. If you don’t tokenize them, and the feds find them, you have to hand them over.

Now, I know a lot of you will say that you’ll defend your property and precious metals with your weapons but good luck against 50 ATF agents. That’s not the way to stop this. It needs to be stopped before it passes!

Lainaus
RefugeOfSinners (ROS) @RefugeOfSinner5

Everyone says freedom of speech is number one, but I say freedom to transact is possibly more important.

- If you can't transact, you can't move.
- You don't need barbed wire fences.
- The Digital ID and the Central Bank digital currency, which is paying attention moment by moment to whether or not you are an obedient person,
will completley disrupt your ability to transact.
« Viimeksi muokattu: 10.11.2023, 10:38:19 kirjoittanut Lalli IsoTalo »
— Monikulttuuri = Kulttuurien sota
— Pakkomamutus = Kansanmurha
— Valtionvelka = Lapsen velkaorjuus
— Ei omaisuutta = Systeemin orja
— Digital ID = Systeemin orja
— Vihreä siirtymä = Kallis luontotuho
— Hiilineutraalius = VHM:n kuristus
— DEI, woke, SDP = Tasa-arvon tuho
— Valkoinen =  Rotusyyllinen
— Missä N, siellä R

Lalli IsoTalo

  • "Hallituksenkaataja"
  • Jäsen^^^
  • ***
  • Viestejä: 52 543
  • Liked: 98985
  • Emeritus mediaöyhöttäjä
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #61 : 10.11.2023, 10:21:37 »
^Social Credit System

Konekäännös wikistä:
Social Credit System on kansallinen luottoluokitus ja musta lista, jota Kiinan hallitus kehittää. Sosiaalinen luottoaloite vaatii rekisterijärjestelmän perustamista, jotta yrityksiä, yksityishenkilöitä ja valtion laitoksia voidaan seurata ja arvioida luotettavuuden suhteen.
...

Sosiaalinen luotto on edelleen hajanainen joukko politiikkoja ja järjestelmiä, jotka vaikuttavat enemmän yrityksiin kuin yksilöihin, mukaan lukien

- taloudellinen luottoraportointi,

- mustat listat velallisille, jotka perustuvat tiettyihin oikeuden määräyksiin,

- alakohtaiset mustat ja punaiset listat, jotka koskevat vaatimustenvastaisia ja vaatimustenmukaisia yrityksiä ja niiden omistajia,

- lento- ja ajokieltoluettelot, jotka perustuvat tiettyihin juna- tai lentomatkustajien väärinkäytöksiin, ja

- vapaaehtoiset paikalliset ohjelmat, jotka voivat tarjota palkintoja yksittäisten pisteiden perusteella, mutta ei rangaistuksia.

The Social Credit System is a national credit rating and blacklist being developed by the government of China. The social credit initiative calls for the establishment of a record system so that businesses, individuals and government institutions can be tracked and evaluated for trustworthiness.
...

Social credit remains a fragmented set of policies and systems which impact businesses more than individuals, including

- financial credit reporting,

- blacklists for judgment debtors based on specific court orders,

- sectoral blacklists and redlists addressing non-compliant and compliant companies and their owners,

- no-fly and no-ride lists based on specific instances of train or plane passenger misconduct, and

- voluntary local programs which can provide rewards based on individual scores but no penalties.
— Monikulttuuri = Kulttuurien sota
— Pakkomamutus = Kansanmurha
— Valtionvelka = Lapsen velkaorjuus
— Ei omaisuutta = Systeemin orja
— Digital ID = Systeemin orja
— Vihreä siirtymä = Kallis luontotuho
— Hiilineutraalius = VHM:n kuristus
— DEI, woke, SDP = Tasa-arvon tuho
— Valkoinen =  Rotusyyllinen
— Missä N, siellä R

ikuturso

  • Jäsen^^^
  • ***
  • Viestejä: 27 701
  • Liked: 69002
  • Kekkosen re-inkarnaatio
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #62 : 11.11.2023, 14:36:10 »
Meillähän on jo tämä niinsanottu "positiivinen luottorekisteri", jonne kerätään kaikkien kansalaisten kokonaisvelkasaldo.

Sieltä sitten pankki voi katsoa voiko ihmiselle lainata enempää rahaa ja varmaan moni muukin taho voi sieltä saada keskitetysti luottotietoja.

-i-
Kun joku lausuu sanat, "tässä ei ole mitään laitonta", on asia ilmeisesti moraalitonta. - J.Sakari Hankamäki -
Maailmassa on tällä hetkellä virhe, joka toivottavasti joskus korjaantuu. - Jussi Halla-aho -
Mihin maailma menisi, jos kaikki ne asiat olisivat kiellettyjä, joista joku pahoittaa mielensä? -Elina Bonelius-

Skeptikko

  • Administrator
  • Jäsen^^^
  • *****
  • Viestejä: 15 698
  • Liked: 28234
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #63 : 19.06.2024, 11:44:04 »
Kohta ei auta kuin hylätä kaikki digitaalinen.

Lainaus
In December 2021 the EU Commission intends to make a second legislative proposal, which is to compel all providers of email, messaging and chat services to search all private messages in the absence of any suspicion.

Ja vaikka tätä on myyty sillä verukkeella, että tämä koskisi vain lapsipornoa/lasten hyväksikäyttöä, niin todellisuudessa kyseessä on keppihevonen, joka halutaan laajentaa muuhunkin:

European Police Chiefs call for industry and governments to take action against end-to-end encryption roll-out
https://www.europol.europa.eu/media-press/newsroom/news/european-police-chiefs-call-for-industry-and-governments-to-take-action-against-end-to-end-encryption-roll-out
Lainaus
European Police Chiefs are calling for industry and governments to take urgent action to ensure public safety across social media platforms.

Privacy measures currently being rolled out, such as end-to-end encryption, will stop tech companies from seeing any offending that occurs on their platforms. It will also stop law enforcement’s ability to obtain and use this evidence in investigations to prevent and prosecute the most serious crimes such as child sexual abuse, human trafficking, drug smuggling, homicides, economic crime and terrorism offences.

The declaration, published today and supported by Europol and the European Police Chiefs, comes as end-to-end encryption has started to be rolled out across Meta’s messenger platform.

Joint Declaration of the European Police Chiefs (pdf)

EU Police Chiefs want an end to end-to-end encryption
https://news.ycombinator.com/item?id=40137783
Lainaus
Once the encryption is banned, the next step will be for online safety czars to censor speech they disagree with, even in private communications. No thanks.
...
   
JPLeRouzic 56 days ago | parent | next [–]

In France, there are many laws against free speech (lois mémorielles, anti haine en ligne, anti Le Pen, anti fake news (including criticizing the government), etc...).
https://www.laquadrature.net/en/censorship/

Refusing to disclose encryption keys could lead you to be prosecuted for “terrorist criminal association”.

https://www.laquadrature.net/en/2023/12/15/encryption-discussion-during-the-8-december-trial-from-myth-to-reality/
...
The aim is probably not social security, but political power through total censorship.
...
to start of the officer that proposed this is from belgium, same country where a dude that gets caugth with csam gets no punishment to make matters worse i know of at least 2 whistleblowers that try to make this known to the public one of them was the officer that a victim testified to... the officer that took that testimony is not alowed by order of court to not mention the victim if he does so he will get imediatly put behind bars... if you do the research you'll quickly see what is going on and if that is not a good reason for it to end i rather end myself than having to witness all this for much longer
...
Can't wait for this law to be struck down as not being compatible with GDPR.
If you can't correctly encrypt messages on disk and in transit you can't guarantee that you secured user's personal data.

Europol Sought Unlimited Data Access in Online Child Sexual Abuse Regulation
https://balkaninsight.com/2023/09/29/europol-sought-unlimited-data-access-in-online-child-sexual-abuse-regulation/
Lainaus
According to minutes released under FOI, the European police agency pushed for unfiltered access to data that would be obtained under a proposed new scanning system for detecting child sexual abuse images on messaging apps, with a view, experts say, to training AI algorithms.
...
In the meeting, the minutes of which were obtained under a Freedom of Information request, Europol requested unlimited access to the data produced from the detection and scanning of communications, and that no boundaries be set on how this data is used.

“All data is useful and should be passed on to law enforcement, there should be no filtering by the [EU] Centre because even an innocent image might contain information that could at some point be useful to law enforcement,” the minutes state. The name of the speaker is redacted, but it is clear from the exchange that it is a Europol official.
...
In the same meeting, Europol proposed that detection be expanded to other crime areas beyond CSAM, and suggested including them in the proposed regulation. It also requested the inclusion of other elements that would ensure another EU law in the making, the Artificial Intelligence Act, would not limit the “use of AI tools for investigations”.

The Europol input is apparent in Johansson’s proposal. According to the Commission text, all reports from the EU Centre that are not “manifestly unfounded” will have to be sent simultaneously to Europol and to national law enforcement agencies. Europol will also have access to the Centre’s databases.

Several data protection experts who examined the minutes said Europol had effectively asked for no limits or boundaries in accessing the data, including flawed data such as false positives, or in how it could be used in training algorithms.
...
According to an internal Europol document, the agency’s own Fundamental Rights Officer raised concerns in June 2023 about possible “fundamental rights issues” stemming from “biased results, false positives or false negatives”, but gave the project the green light anyway.
...
On September 25, BIRN in cooperation with other European outlets reported on the complex network of AI and advocacy groups that has helped drum up support for Johansson’s proposal, often in close coordination with the Commission. There are links to Europol too.

According to information available online, Cathal Delaney, a former Europol official who led the agency’s Child Sexual Abuse team at its Cybercrime Centre, and who worked on a CSAM AI pilot project, has begun work the US-based organisation Thorn, which develops AI software to target CSAM.

Delaney moved to Thorn immediately after leaving Europol in January 2022 and is listed in the lobby register of the German federal parliament as an “employee who represents interests directly”.
...
A senior former Europol official, Fernando Ruiz Perez, is also listed as a board member of Thorn. According to Europol, Ruiz Perez stopped working as Head of Operations of the agency’s Cybercrime Centre in April 2022 and, according to information on the Linkedin profile of Julie Cordua, Thorn’s CEO, joined the board of the organisation at the beginning of 2023.
...
Alongside Ruiz Peréz, on the board of Thorn is Ernie Allen, chair of the WeProtect Global Alliance, WPGA, and former head of the National Centre for Missing & Exploited Children, NCMEC, a US organisation whose set-up fed into the blueprint for the EU’s own Centre.

Europol has also co-operated with WeProtect, a putatively independent NGO that emerged from a fusion of past European Commission and national government initiatives and has been a key platform for strategies to support Johansson’s proposal.

“Europol can confirm that cooperation with the WPGA has taken place since January 2021, including in the context of the WPGA Summit 2022 and an expert meeting organised by Europol’s Analysis Project (AP) Twins (Europol’s unit focusing on CSMA)” the agency said.

Regulation to Prevent and Combat Child Sexual Abuse - Wikipedia
https://en.wikipedia.org/wiki/Regulation_to_Prevent_and_Combat_Child_Sexual_Abuse
Lainaus
On November 14 2023, the European Parliament's Committee on Civil Liberties, Justice, and Home Affairs (LIBE), voted to remove indiscriminate chat control and allow for the targeted surveillance of specific individual and groups which are reasonably suspicious. Moreover, Members of the European Parliament voted in favour of the protection of encrypted communications.[22]

In February 2024, the European Court of Human Rights ruled, in an unrelated case, that requiring degraded end-to-end encryption "cannot be regarded as necessary in a democratic society". This underlined the European Parliament's decision to protect encrypted communications.[23]

In 2024, Patrick Breyer reported that moves are again being made to restore indiscriminate message scanning to the legislation, under the name of "upload moderation".[24]

Tekopyhästi EU-poliitikot haluavat kuitenkin itse olla tämän massavalvonnan ulottumattomissa:

Leak: EU interior ministers want to exempt themselves from chat control bulk scanning of private messages - EU Reporter
https://www.eureporter.co/business/data/mass-surveillance-data/2024/04/15/leak-eu-interior-ministers-want-to-exempt-themselves-from-chat-control-bulk-scanning-of-private-messages/
Lainaus
According to the latest draft text of the controversial EU Child Sexual Abuse Regulation proposal leaked by the French news organisation Contexte, EU interior ministers want to exempt professional accounts of staff of intelligence agencies, police and military from the envisaged scanning of chats and messages (Article 1 (2a)). The regulation should also not apply to ‘confidential information’ such as professional secrets (Article 1 (2b)). The EU governments reject the idea that the new EU Child Protection Centre should support them in the prevention of child sexual abuse and develop best practices for prevention initiatives (Article 43(8)), writes Pirate Party MEP Patrick Breyer.

The fact that the EU interior ministers want to exempt police officers, soldiers, intelligence officers and even themselves from chat control scanning proves that they know exactly just how unreliable and dangerous the snooping algorithms are that they want to unleash on us citizens. They seem to fear that even military secrets without any link to child sexual abuse could end up in the US at any time.
...
The EU governments want to adopt the chat control bill by the beginning of June.
« Viimeksi muokattu: 19.06.2024, 11:47:37 kirjoittanut Skeptikko »
En homona toivota tervetulleiksi Suomeen henkilöitä, jotka haluavat tappaa minut:
http://www.bbc.com/news/magazine-33565055

Tanskan pakolaisapu: hallitsematon tulijatulva johtamassa armageddoniin ja yhteiskuntamme tuhoon:
http://jyllands-posten.dk/international/europa/ECE7963933/Sammenbrud-truer-flygtningesystem/

Skeptikko

  • Administrator
  • Jäsen^^^
  • *****
  • Viestejä: 15 698
  • Liked: 28234
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #64 : 19.06.2024, 12:25:11 »
Lisäksi EU tuntuu haluavan viestien lisäksi murtaa salausta ja laitteitakin yleisemminkin:

Going Dark: The war on encryption is on the rise
https://news.ycombinator.com/item?id=40426701
Lainaus
Here is the latest.

The bill could not be passed on Spain’s presidency. The presidency is now on Belgium and Stasi-fans are trying to get this bill passed again, hoping not to cause too much noise this time.

The text of the bill was modified a bit, and this time they added an exception, though

- Politicians and police are not subject to monitoring, only ordinal citizens messages’ should be wiretapped

https://european-pirateparty.eu/chatcontrol-eu-ministers-wan...
...
> Politicians and police are not subject to monitoring, only ordinal citizens messages’ should be wiretapped
Of course, in 1984, their instruction manual, the top members of the party can turn their telescreens off.
...
> Stefan Hector, a representative of the Swedish Police Authority, said that “a society cannot accept that criminals today have a space to communicate safely in order to commit serious crimes.”[0] A week later, it was revealed that the Swedish police had been infiltrated and were leaking information to criminals.[1]

Nyt samoja tavoitteita yritetään saavuttaa uudella "Going Dark"-nimellä ja taas lapsilla ratsastamalla:

Going Dark: The war on encryption is on the rise. Through a shady collaboration between the US and the EU.
https://mullvad.net/en/why-privacy-matters/going-dark
Lainaus
Under the slogan ‘Think of the children’, the European Commission tried to introduce total surveillance of all EU citizens. When the scandal was revealed, it turned out that American tech companies and security services had been involved in the bill, generally known as ‘Chat Control’ – and that the whole thing had been directed by completely different interests. Now comes the next attempt. New battering rams have been brought out with the ‘Going Dark’ initiative. But the ambition is the same: to install state spyware on every European cell phone and computer.
...
The rhetoric was clear from day one: it was all about the children, and when it comes to children, there’s nothing we can’t imagine doing to keep them safe. So Ylva Johansson put forward a proposal that meant total surveillance of all EU citizens and as soon as someone opposed it, she pulled out the think-of-the-children card. But those who could see through the bluff quickly gave the proposal (those parts of the bill that dealt with internet surveillance) a shorter and more appropriate name: Chat Control.

In brief, Chat Control essentially meant that the communications of every EU citizen would be monitored. Every call, every message and every chat, all the emails, photos, and videos saved in cloud services – all of it would be filtered in real time via artificial intelligence and then checked in a newly established EU center, in close cooperation with Europol.

Nämä salauskiellot rikkoisivat monia kansainvälisiä sopimuksia, mutta se ei tunnu EU-johtoa häiritsevän:

Lainaus
Since the bill was in violation of the European Convention on Human Rights, the EU Charter and the UN Declaration of Human Rights, Chat Control was rejected by one legislative body after another. Both the Council of Ministers and the European Commission’s own legal service warned against the proposal, as did the European Parliament’s Data Protection
Board
.

The UN Human Rights Council described Chat Control as incompatible with fundamental human rights and stated that the proposal would lead to mass surveillance and self-censorship. Former judges at the European Court of Justice said that the proposal was in breach of the EU Charter of
Rights
and 465 researchers joined forces to warn of the consequences.

Faced with massive criticism, Ylva Johansson defended herself. According to her, everyone else had misunderstood the bill. Chat Control was certainly not about mass surveillance and everyone making that claim was simply out to discredit her.

Salauskielto vaarantaisi mm. oppositiopoliitikot, väärinkäytöksistä kertovat tietovuotajat, journalist ja heidän lähteensään, haavoittuvassa asemassa olevat henkilöt jotka elävät salaisella identiteetillä, kauppasalaisuudet ja jopa kansainvälisen turvallisuuden kannalta tärkeät tiedot:

Lainaus
All messaging services (including encrypted services such as Signal) would be covered by the law and would be forced to scan their users’ images, videos and conversations. That would be a big concern for all those who don’t use Meta or Google to converse because they are in need of secure communication methods. In other words, political opponents, whistleblowers, journalists and their sources, vulnerable people living under secret identities and others, not to mention people with trade secrets, and those in possession of
sensitive information important for national security. For example, the European Commission itself uses Signal. Demanding government transparency (either through so-called backdoors or scanning on the computer or phone) would open a Pandora’s box to countries with authoritarian inclinations (and five EU countries have already been caught using spyware to monitor political opponents) and would leave the door wide open for criminals to exploit. But it was not only this that separated the existing legislation from the draft bill that the European Commission wanted to introduce.

The previous legislation had only allowed scanning for material that had previously been stamped and registered as child pornography material. Now, AI would be used to find ‘new material’ and would also look for grooming attempts. Quite obviously, Chat Control would therefore send every other citizen of the EU straight into the filtering system.

Jos skannataan tekoälyllä tms muutakin jo ennalta tunnettua lapsipornoa, niin väärät positiiviset havainnot ovat erittäin yleisiä ja johtavat salauksen murtamiseen, vaikka sisältö ei siis olisikaan mitään lapsipornoa tms:

Lainaus
The European Commission, led by Ylva Johansson, received criticism from all directions. Police chiefs pointed out that most of the material they receive today involves teenagers sending pictures to each other and that such reports risk leading the police in the wrong direction.

Scanning tests carried out by European police on existing material showed that 80-90 percent of all hits were false positives.

Now, moreover, ‘new material’ would be scanned – which would obviously mean an impossible administrative burden merely to distinguish between illegal images and holiday pictures from family days on the beach. The error rate would clearly be approaching 100 percent. For a European justice system that even today is unable to follow up all the tips it receives, this would be devastating. And criminals would, of course, turn to illegal messaging services. No children would be helped. At the same time, every EU citizen would have spyware installed on their phones.

Sen lisäksi EU on käyttänyt rahaa mikrotargetoituun asian mainostamiseen, käyttänyt tutkimuksen mukaan propagandaluonteen saanutta Eurobarometria apuna ja hankkeen tueksi on tekaistu EU:n yms rahalla pika-aikataululla erilaisia muka lasten etuja ajavia järjestöjä lobbaamaan hanketta:

Lainaus
How did Ylva Johansson deal with this information? Not at all. Instead, like a scratched record, she continued urging everyone to “think of the children.” She also ordered a survey that said 80 percent of the EU population supports Chat Control. The problem? The European Commission used its Eurobarometer series of public opinion surveys in a way that
opened it to accusations of blurring the line between research and propaganda. When asked to comment on the Chat Control survey, the Max Planck Institute for the Study of Societies concluded that it had a political agenda and consisted of questions that were biased to support the Commission’s plans.

Ylva Johansson was employing blatant deception. She used incorrect figures and biased surveys. In interviews, she was populist and evasive. But she was forced to resort to these methods. Because it was never about the children.

Skannaustekniikkaa, joka kauppaa tekniikkaa joka ei tosiasiassa toimi, on myymässä seksiskandaalista kärähtynyttä yhtäväänsä puolustamalla ryvettynyt Aston Kutcher Thornin johdossa. Thorn on kaiken lisäksi ilmoittanut itsensä hyväntekeväisyysjärjestöksi, vaikka on myymässä palveluaan, mitä tuntuu esiintyvän enemmänkin:

Lainaus
For several years Kutcher lobbied the European Commission (until he was forced to resign as chairman of Thorn’s board after defending his acting colleague Danny Masterson when he was convicted of rape). He held meetings with others at the European Commission and had an extra close relationship with the Commission’s Eva Kaili (until she was convicted of bribery).

So here was an American company in direct contact with the European Commission. An American company that just happened to sell the technology that could be used if Chat Control was introduced. In addition, it was all based on a false premise. The technology Kutcher and Johansson talked about did not exist. Expert after expert  condemned their talk of sniffer dogs.

And here’s yet another seedy aspect to this scandal: in the EU transparency register, Thorn was registered as a charitable organization – despite selling the technology they were lecturing about in the EU. The trick of disguising organizations and corporations as charities would turn out to be a recurring motif.

Tässä joitain hankkeen tueksi tekaistuja järjestöjä:

Lainaus
Since the draft Chat Control bill was presented, Ylva Johansson has constantly referred to children’s rights organizations that support her proposal. She has worked with them in a PR context, as a way to show how Chat Control has the support of independent, nonprofit organizations that care about children. A central organization in this work has been the WeProtect Global Alliance. When Zandonini, Fotiadis, and Stavinoha published their article, it turned out that the European Commission had been involved in founding this organization, and that it included representatives from both tech companies and security services in different countries. Ylva Johansson’s colleague in the European Commission, Labrador Jimenez, was on the Board of Directors of WeProtect, together with Thorn’s CEO Julie Cordua, representatives of Interpol, and government officials from the US and the UK (the latter simultaneously pursuing its own monitoring legislation, also using children as the battering ram). Thorn had put a great deal of money into WeProtect. The European Commission had contributed one million euros. In other words, it wasn’t children’s rights organizations that were supporting Ylva Johansson. It was lobbying organizations set up by the European Commission to get the bill through.

The Board of Directors of WeProtect also included representatives from the Oak Foundation, who, in addition to their involvement in WeProtect, had also been involved in setting up ECLAG (another charity that supported the Chat Control proposal). ECLAG was launched just a few weeks after Ylva Johansson’s draft bill was presented, and Thorn was also represented on this organization’s board. And there was still another organization: the Brave Movement, an organization formed a month before the proposed Chat Control bill was introduced. Brave was launched with $10 million from the Oak Foundation and a strategy paper discovered by the journalists stated that “once the EU Survivors taskforce is established and we are clear on the mobilized survivors, we will establish a list pairing responsible survivors with Members of the European Parliament – we will ‘divide and conquer’ the MEPs by deploying in priority survivors from MEPs’ countries of origin.”

The Oak Foundation also appeared in an article carried out by the
Intercept
.

In 2023, an American organization called the Heat Initiative was formed. On paper, they were a “new child safety group” and the first thing they did was campaign for Apple to “detect, report, and remove” child pornography material from iCloud. Apple responded that this would be something that criminals would be able to exploit and that it could also
lead to a “potential for a slippery slope of unintended consequences. Scanning for one type of content, for instance, opens the door for bulk surveillance.”

The Heat Initiative did not like this answer and fought back with anti-Apple propaganda on large advertising billboards in American cities under the theme of ‘think of the children.’ But who was behind the Heat Initiative, besides the Oak Foundation? Heat was led by a former vice president at Thorn. The Intercept article also referred to  the fact that Thorn was working with Palantir, the big-data company that helped the NSA mass-monitor the whole world and was involved in the Cambridge Analytica scandal where Facebook users’ private messages and data were used to influence the presidential election on behalf of Donald Trump in 2016.

In other words, the European Commission was involved in funding and starting up charities with the aim of exploiting existing victims to emotionally influence EU parliamentarians. In close cooperation with the tech company providing the technology that would be used in the implementation of the monitoring. Together with representatives of non-European security services. As part of a larger apparatus, where the same tactics were used to influence developments in the United States.

At the same time, the real organizations working to counter sexual crimes against children were wondering why the European Commission was refusing to talk to them. In the same investigative report, Offlimits, Europe’s oldest hotline for vulnerable children, tells how Ylva Johansson would rather go to Silicon Valley to meet companies interested in making huge profits than talk to them.

Hankkeen taakse ei ole kysytty juuri lainkaan ulkopuolisia tieteellisiä näkemyksiä:

Lainaus
The same is true of the technical experts. Matthew Green, Professor of Cryptography at John Hopkins University, said: “In the first impact assessment of the EU Commission there was almost no outside scientific input and that’s really amazing since Europe has a terrific scientific infrastructure, with the top researchers in cryptography and computer
security all over the world.”

However, Europol was involved in drafting the law, together with security services from other countries. In July 2022, Europol wrote that it wanted to be able to use scanning and surveillance for purposes other than sexual offenses against children. The European Commission responded that it understood the wish but that it had “to be realistic in terms of what could be expected, given the many sensitivities around the proposal.” Thorn was also clear in understanding that the scanning could later be used for other
purposes
:

“When considering regulation or legislation on encryption it should not be done solely focusing on CSAM. Solutions for detection in encrypted environments are much broader than one single crime,” the company wrote in one document.

Kuten mainittua, EU sitten mikrotargetoidulla mainostamisella lobbnasi hankettaan päättäjille eri maissa, mutta piilotti sen henkilöiltä, jotka olisivat sitä vastustaneet:

Lainaus
When articles were published about the EU Commission’s horrifyingly  undemocratic approach, Ylva Johansson’s office at the European Commission responded by advertising on the platform X (formerly Twitter). They targeted advertisements (pro Chat Control) so that decision-makers in different countries would see them, but also so that they would not be seen by people suspected to be strongly against the proposal. The advertising was also targeted on the basis of religious and political affiliation and  thus violated the EU’s own laws regarding micro-targeting.

Kun edellinen hanke alkoi ajautua ongelmiin, uutta ja vielä laajemmalle ulottuvaa hanketta alettiin ajaa "Going Dark"-nimellä. Samalla poistettiin export-nimitys hankkeelta, jotta sitä koskisi entistä vähemmän julkisuussäännöt ja sitä saataisiin ajettua salassa eteenpäin:

Lainaus
New attempt at mass surveillance via the Going Dark initiative

While the EU member states in the Council were trying to come up with various compromise proposals to implement chat control, they were also working on a plan B and new attempts for mass surveillance legislation. During Sweden’s EU Presidency in spring 2023, a project called Going Dark was initiated. The idea from the Swedish Presidency was initially that a so-called High Level Expert Group would be launched. The task of putting together the group went to the European Commission, which immediately removed the
‘Expert’ label. Instead of a High Level Expert Group, a High Level Group was formed. As the Netzpolitik newspaper put it: “Removing the word ‘expert’ is no small detail: special rules apply to Expert groups, for example when it comes to transparency. Rules
that do not apply to High Level Groups.”

En syytä huomata, että nyt hanke on laajentunut jo viestien lähettämisestä myös pääsystä materiaaliin joka on ihmisten tietokoneilla tai kännyköissä. Eli halutaan takaovi salaukseen myös ihmisten laitteilla, eikä vain viestinvälitykseen:

Lainaus
Some challenges were identified as particularly pressing: access to encrypted material (both stored data and communication), data storage, location data, and anonymization (including VPNs and Darknets).

The group was divided into three working groups: the first would work with access to data on users’ devices (computer and mobile), the second group would focus on access to data in the services’ systems (messaging apps, for example), and the third group would discuss access to data in transit.
...
Future legislative proposals from the European Commission could thus be assumed to be about providing access to data on users’ devices and in the messaging services’ systems, and to data in transit. Patrick Breyer, who had worked hard to counter Chat Control, said the group was just an extension of past offensives and that Going Dark was working to
introduce illegal mass surveillance.

Mielenkiintoisesti niin paljon tietosuojaa vastustava hanke itse visusti salaa jopa tiedot henkilöistä, jotka osallistuvat hankkeen kokouksiin:

Lainaus
When he requested documents from the group’s meetings and a list of the attendees, he received a document with the information blacked out as if classified. The European Commission had thus put together a working group aiming to achieve mass surveillance of the broader population while not being  transparent about who was part of the group. It was like a scratched record. Gone was the old excuse “think of the children”, but the goal was the same.
...
From the Swedish side, the Ministry of Justice was represented at the Going Dark meetings, but so was the Swedish Security Service (Säpo) and the Swedish Police Authority. Together with representatives from the other Member States, they used the High Level Group meetings to discuss how, through legislation, encrypted services could be required to provide data in readable format. Several Member States argued that “the working groups needed to look at solutions that involved ‘legal access through design’.” This was something that pleased American representatives.

YK on määritellyt salauksen ihmisoikeudeksi, mutta sekään ei hanketta tunnu estävän:

Lainaus
Although the UN classifies encryption as a human
right
, the Going Dark initiative and the European police force were fighting to smash end-to-end encryption. Their first move actually came as a reaction to Meta rolling out exactly such encryption.

Europol’s move was only an initial indication. At the end of May 2024, the Going Dark initiative resulted in 42 recommendations to the European Commission. The document notes that encryption adds a level of complexity when it comes to accessing real time content data, specially from messaging services implementing an end-to-end Encryption. It states that law enforcement need access to data en clair (i.e. in plain text) through “lawful access without weakening privacy.” The Going Dark initiative emphasizes the principle of “security through encryption and security despite encryption” as a central tenet.

The Going Dark initiative shows the same tendencies as the chat control proposal. Once again, experts have been excluded from the discussions, and ministers and police representatives have once again missed the main point: either end-to-end encrypted communication is private and secure, or it is not.

Aiemminkin länsimaiden vaatimia takaportteja on esimerkiksi Kiinakin sitten hyödyntänyt omaan vakoilutoimintaansa:

Lainaus
The US authorities have already tested the backdoors that the European Going Dark initiative is now seeking. They have seen the evidence: it is impossible to implement backdoors in a secure way, without hostile states or hackers being able to exploit them. Edward Snowden revealed that the NSA spent $250 million a year getting tech companies to install backdoors in their services, which also exposed the risks of backdoors. In 2010, Chinese hackers managed to use a Google backdoor to get into Gmail. The same thing happened in 2005, when state surveillance of Vodafone was exploited by outside actors to bug the Greek Prime Minister, his Foreign Minister, Justice Minister, and a hundred other government officials.
« Viimeksi muokattu: 19.06.2024, 12:52:59 kirjoittanut Skeptikko »
En homona toivota tervetulleiksi Suomeen henkilöitä, jotka haluavat tappaa minut:
http://www.bbc.com/news/magazine-33565055

Tanskan pakolaisapu: hallitsematon tulijatulva johtamassa armageddoniin ja yhteiskuntamme tuhoon:
http://jyllands-posten.dk/international/europa/ECE7963933/Sammenbrud-truer-flygtningesystem/

Skeptikko

  • Administrator
  • Jäsen^^^
  • *****
  • Viestejä: 15 698
  • Liked: 28234
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #65 : 19.06.2024, 12:55:46 »
Myös kryptorahojen kimppuun halutaan hyökätä entistä enemmän:

EU's 'Going Dark' Takes Aim At Self-Custody, Mixers And The Lightning Network – But Lacks Data To Prove Its Claims
https://www.therage.co/eus-going-dark-takes-aim-at-self-custody-mixers-and-the-lightning-network/
Lainaus
The report states that "cryptocurrencies are widely used for laundering criminal proceeds and there are concerns that tracing funds will become more complicated if zero-knowledge proofs and layer 2 applications are more widely deployed in the blockchain. On the other hand, the use of custodial wallets, where the user does not hold their own private key, create opportunities for cooperation between law enforcement authorities, exchanges and service providers to seize crypto assets that are suspected to be of criminal nature."
...
Regulations proposed in accordance with the EU's Going Dark strategies are widely known as Chat Control. Chat Control has long been argued to violate fundamental rights due to its de facto implementation of mass surveillance of EU citizens without due cause, yet the regulation is set to be greenlit by the European Council as early as next week. Proposed measures by the Commission include the scanning of email, messenger, chat (including as part of games and dating apps), and video conferencing services.

A big hurdle for the implementation of Chat Control has been the significant lack of data to prove that increased surveillance would result in increased prosecution. As the European Commission and the General Secretary for Migration and Internal Affairs have found, "there is no evidence that the industry-driven mass surveillance of our private communications [...] makes a significant contribution to saving abused children or convicting abusers. To the contrary, it criminalises thousands of minors, overburdens law enforcement and opens the door to arbitrary private justice by big tech."

The EU's apparent regulatory strategy of "we'll just say things and hope no one notices" now seems to continue to manifest in its evaluation of financial privacy services.

Tämä hanke viestien salauksen murtamisesta on muuten ilmeisesti tulossa Euroopan neuvostossa hyväksyttäväksi (?) näinä päivinä.
« Viimeksi muokattu: 19.06.2024, 12:59:32 kirjoittanut Skeptikko »
En homona toivota tervetulleiksi Suomeen henkilöitä, jotka haluavat tappaa minut:
http://www.bbc.com/news/magazine-33565055

Tanskan pakolaisapu: hallitsematon tulijatulva johtamassa armageddoniin ja yhteiskuntamme tuhoon:
http://jyllands-posten.dk/international/europa/ECE7963933/Sammenbrud-truer-flygtningesystem/

Skeptikko

  • Administrator
  • Jäsen^^^
  • *****
  • Viestejä: 15 698
  • Liked: 28234
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #66 : 19.06.2024, 15:45:44 »
Chat Control Must Be Stopped – Now
https://news.ycombinator.com/item?id=40715449
Lainaus
There are organizations which are selling AI tools to filter content. For instance, Thorn, a US organization founded by Ashton Kutcher and Demi Moore, is building such tools and heavily lobbying for Chat Control in EU. "Ashton Kutcher is a tireless advocate."

https://balkaninsight.com/2023/09/25/who-benefits-inside-the...
...
Also concerning that he seems to have more input on policy than all EU citizens together. This democracy the EU is implementing is becoming a joke.
...
Seems like only the Greens, the left and within ID the AFD voted against.
...
> And EU professionals like lawyers, journalists, and physicians could no longer uphold their duty to confidentiality online.
This is the point that needs to be hammered home. Allowing governments access to everyone's confidential information is a massive security disaster waiting to happen because bad actor's will target this backdoor.
...
It's a Five Eyes effort impo.

https://netzpolitik.org/2022/dude-wheres-my-privacy-how-a-ho... https://news.ycombinator.com/item?id=17914935

Chat Control: Incompatible with Fundamental Rights (2022)
https://news.ycombinator.com/item?id=40715695
Lainaus
Edit: well like someone pointed out instead of party programmes and declarations, we should look at past voting behaviour on the 2021 vote: https://mepwatch.eu/9/vote.html?v=134463&eugroup=ID

Seems like only the Greens, The Left and Afd within ID were against that first version of Chat Control.
___

This isn't the case though: the right-wing Identity and Democracy faction is explicitly pro-privacy, digital rights and against Chat Control.

- https://id-party.eu/program/ (ID Party Official Site)
- https://idgroup.eu/news/online-censorship-is-a-threat-to-eur... (ID Group News)
- https://en.wikipedia.org/wiki/Identity_and_Democracy (Wikipedia Overview)
- https://id-party.eu/declaration-of-antwerp/ (ID Party Official Site)

The ID group is opposed to EU-wide surveillance measures, and promises to protecting individual privacy and national sovereignty.

Now ECR is also sceptical and have expressed concerns, though their voting record on privacy related legislation is more inconsistent, I believe.
...
Sweden's parliament just voted to support chat control in the Council of Ministers at EU level.
https://alpaca.gold/@Jeremiah/112637416326793501
...
As per the comments there, this still has to go through Parlament and the ECJ is the 'last stop' on this
...
It's fascinating that this is what they are claiming the legal basis is:
> The legal basis to support action in this area is Article 114 of the Treaty on the Functioning of the European Union (TFEU). The article provides for the establishment of measures to ensure the functioning of the Internal Market.

In other words: in order to trade efficiently in goods and services with each other countries need harmonised regulations. Countries have started to introduce individual laws to combat CSAM. Therefore these inconsistent laws interfere with operation the "internal market". Hence the EU can shut down private speech.

So somehow they twisted streamlining of commerce into termination of individual rights. It's wild to think how far that can be extended, if it can be the basis for this.

It also seems particularly ugly if you actually do frame it within the context that they are claiming: this is not "think of the children". It's actually "think of the commercial profit" - they literally say it themselves.

Council to greenlight Chat Control – Take action now! – Patrick Breyer
https://www.patrick-breyer.de/en/council-to-greenlight-chat-control-take-action-now/
Lainaus
The good news is that many EU governments have not yet decided whether to go along with this final Belgian push for Chat Control mass surveillance, among them
  • Italy,
  • Finland,
  • the Czech Republic,
  • Sweden,
  • Slovenia,
  • Estonia,
  • Greece and
  • Portugal.
Only Germany, Luxembourg, the Netherlands, Austria and Poland are relatively clear that they will not support the proposal, but this is not sufficient for a “blocking minority”.

So you need to take action now. More than ever, the resistance of civil society against Chat Control is crucial. There are many things you can do. The three most important steps are:
  • Contact your government and tell it to vote against Chat Control on Wednesday, 19 June (find contact details below).
  • Ring the alarm bells online. You can use campaign sharepics and explanatory videos in all languages. Don’t let the Council presidency get away with pushing this through silently now.
...
It is crucial we demonstrate that civil society is alert now. You can either contact your ministeries of the interior and of justice, or you can contact your government’s ‘permanent representatation’ to the EU. You can find the contact details for all permanent representations on the website „EU Whoiswho“.

Tell your government that the current draft on Chat Control (officially called “Regulation … to prevent and combat child sexual abuse”) is unacceptable. You can find a summary of the draft in this blogpost, and there is critical analysis by European Digital Rights and CDT. Be polite but also resolute and ask them to clearly voice their disagreement with the proposal and to vote against the proposal.
...
According to documents leaked by netzpolitik.org, the COREPER 2 meeting in which they will put it to a vote will already take place on Wednesday, 19 June.

So we all need to take action as soon as possible and demand a firm “No” by our governments against the Chat Control proposal to ward off this attempt to greenlight Chat Control in the Permanent Representatives Committee on 19 20 June. Time is pressing. This may be our last chance to stop Chat Control!

Tänään Huomenna äänestys vuodettujen tietojen mukaan?
En homona toivota tervetulleiksi Suomeen henkilöitä, jotka haluavat tappaa minut:
http://www.bbc.com/news/magazine-33565055

Tanskan pakolaisapu: hallitsematon tulijatulva johtamassa armageddoniin ja yhteiskuntamme tuhoon:
http://jyllands-posten.dk/international/europa/ECE7963933/Sammenbrud-truer-flygtningesystem/

ohkurin_narsi

  • Jäsen^^^
  • ***
  • Viestejä: 689
  • Liked: 1012
  • Vanhoillinen sivistysliberaali
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #67 : 20.06.2024, 00:27:44 »
^Tämä on hyvää settiä, mitä ei saa unohtaa. Nythän Oulun tapahtumien johdosta nousee taas poliisivaltion keinot esiin,
esim Verkkouutiset 19.6.24: "Kansanedustaja Timo Heinonen (kok.) on tehnyt kirjallisen kysymyksen hallitukselle siitä, voisiko Suomessa sallia genealogisten dna-tutkimusten ja dna-fenotyypin hyödyntäminen rikostutkinnassa."

Kirjoituksessa tuodaan esiin että toi rekisteritutkimus on muka se pieni juttu, ja fenotyypin tutkimus iso, vaikka on juuri toisinpäin. Kaikki rekistereihin perustuvat tutkimukset tuovat "1984" lähemmäksi käytäntöä. Fenotyyppi sen sijaan kertoo minkänäköinen tyyppi suurinpiirtein on kyseessä - ja siinä ei ole mitään "rasistista".


Skeptikko

  • Administrator
  • Jäsen^^^
  • *****
  • Viestejä: 15 698
  • Liked: 28234
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #68 : 14.08.2024, 16:46:40 »
Chat control -hirviötä yritetään taas herättää henkiin:

Take action to stop chat control now!
https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/
Lainaus
Chat control is back on the agenda of EU governments. They will discuss “progress” on 10/11 October and are to endorse it on 12/13 December.In June we managed to stop the unprecedented plan by an extremely narrow “blocking minority” of EU governments: Chat control proponents achieved 63.7% of the 65% of votes threshold required in the Council of the EU for a qualified majority.

Several formerly opposed governments such as France have already given up their opposition. Several still critical governments are only asking for small modifications (e.g. searching for “known content” only or excluding end-to-end encryption) which would still result in mass searches and leaks of our private communications. Therefore there is a real threat that the required majority for mass scanning of private communications may be achieved at any time under the current Hungarian presidency (Hungary being a supporter of the proposal).

That is why we now need to get involved and raise our voices to our governments and raise awareness in the wider population.→ Previously supportive governments must be convinced to change their minds→ Critical governments need to be pushed to demand comprehensive changes, as proposed by the European Parliament, and not just minor changes to the proposal.

In the absence of such fundamental revision, the proposal should be rejected altogether.
...
Is your government opposing?→ Great, but take a closer look at the reasoning: Some governments like Germany e.g. only object to the scanning of encrypted communications, but are fine with the indiscriminate scanning of other private and public communication, with the end of anonymous communication by requiring age verification, or with introducing a minimum age for “risky” communication apps. Also critical governments need to do more, exert their influence in the Council of the EU and agree on a joint list of necessary fundamental changes to the proposal. Absent such revision they should ask the European Commission to withdraw the chat control proposal as it stands.
...
When reaching out to your government, the ministries of the interior (in the lead) of justice and of digitisation/telecommunications/economy are your best bet. You can additionally contact the permanent representation of your country with the EU.

It can also be useful to reach out to Members of your national Parliament who can determine your country’s vote. Talk to your political representatives. Whether it is the newly elected MEPs of the European Parliament or local groups of the political parties: make sure everyone is aware of what chat control is about and that you expect politicians to defend your fundamental rights against the proposal!

When contacting politicians, writing a real letter, calling in or attending a local party event or visiting a local office to have a conversation will have a stronger impact than writing an e-mail. You can find contact details on their websites. Just remember that while you should be determined in your position, remain polite, as they will otherwise disregard what you have to say. Here is useful argumentation on chat control. And here is argumentation for why the minor modifications so far envisioned by EU governments fail to address the dangers of chat control: by us, by EDRi, by CDT.

Ja mitä ihmettä, onko Suomi tosiaan tukemassa tällaista yksityisyyden ja salauyksen tuhoavaa hanketta?
En homona toivota tervetulleiksi Suomeen henkilöitä, jotka haluavat tappaa minut:
http://www.bbc.com/news/magazine-33565055

Tanskan pakolaisapu: hallitsematon tulijatulva johtamassa armageddoniin ja yhteiskuntamme tuhoon:
http://jyllands-posten.dk/international/europa/ECE7963933/Sammenbrud-truer-flygtningesystem/

Miniluv

  • Global Moderator
  • Jäsen^^^
  • *****
  • Viestejä: 33 314
  • Liked: 16430
  • Have No Fear
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #69 : 14.08.2024, 16:50:11 »
Taitaa olla jenkkien vaatimukset.

Lainaus
The Foreign Account Tax Compliance Act (FATCA) is a 2010 U.S. federal law requiring all non-U.S. foreign financial institutions (FFIs) to search their records for customers with indicia of a connection to the U.S., including indications in records of birth or prior residency in the U.S., or the like, and to report such assets and identities of such persons to the United States Department of the Treasury.[1] FATCA also requires such persons to report their non-U.S. financial assets annually to the Internal Revenue Service (IRS) on form 8938, which is in addition to the older and further redundant requirement to report them annually to the Financial Crimes Enforcement Network (FinCEN) on form 114 (also known as 'FBAR').[2] Like U.S. income tax law, FATCA applies to U.S. residents and also to U.S. citizens and green card holders residing in other countries.

https://en.m.wikipedia.org/wiki/Foreign_Account_Tax_Compliance_Act
Dystopian Nightmare 2020s The Great Taking

"Tyyli haukkua vastapuolta on myös ominaista venäläiselle propagandalle, jossa yritetään korostaa omaa ontuvaa argumenttia leimaamalla vastapuoli aliarvoiseksi."

"konservatiivit polttavat kirjoja roviolla"

Skeptikko

  • Administrator
  • Jäsen^^^
  • *****
  • Viestejä: 15 698
  • Liked: 28234
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #70 : 14.08.2024, 16:57:47 »
Toinen järkytttävä EU-hanke takaporteista kaikkiin laitteisiin ja ohjelmiin:

EU vaatii että jokaisessa laitteessa pitää olla takaportti viranomaisille. Europol haluaa kaikki kansalaisten laitteet rekisteriin, ja haluaa pystyä tutkimaa...
https://ylilauta.org/satunnainen/27jwn3
Lainaus
EU vaatii että jokaisessa laitteessa pitää olla takaportti viranomaisille.

Europol haluaa kaikki kansalaisten laitteet rekisteriin, ja haluaa pystyä tutkimaan kaikkea laitteen sisältöä milloin tahansa. Lakia perustellaan terrorismin, huumekaupan ja pedofilian ehkäisemisellä.

>In particular, the plan calls for requirements to be placed on hardware and software developers for new devices and applications to allow “access by design” for law enforcement authorities, whether through legislation, memoranda of understanding, or through the participation of policing agencies in technical standardisation committees.
https://edri.org/our-work/policing-by-design-the-latest-eu-surveillance-plan/
https://home-affairs.ec.europa.eu/networks/high-level-group-hlg-access-data-effective-law-enforcement_en

Policing by design: the latest EU surveillance plan - European Digital Rights (EDRi)
https://edri.org/our-work/policing-by-design-the-latest-eu-surveillance-plan/
Lainaus
Secret surveillance plan

The plan (pdf), first published by Netzpolitik and now also made public by the European Commission, was drafted by the “High-Level Group (HLG) on access to data for effective law enforcement,” which was convened following a proposal by the Swedish Presidency of the Council last spring.

The HLG was composed (pdf) of senior officials from member states and the Commission, representatives of EU justice and home affairs agencies, and the EU Counter-Terrorism Coordinator, and was chaired by the Council Presidency and the Commission.

Building upon previous proposals drafted by police and security officials from Europe and North America, the plan contains 42 separate recommendations, amongst which are calls for the re-introduction of mass telecommunications surveillance (“data retention”) and the undermining of encrypted communication systems.
...
Data retention

The paper calls for “a harmonised EU regime on data retention” that is “technology neutral and future-proof,” covers all types of telecommunications service providers, includes measures ensuring both retention of and access to data, and is “in full compliance with privacy and data protection rules.”

The EU’s previous data retention legislation was struck down by the Court of Justice in 2014, which found that the law allowed for “a wide-ranging and particularly serious interference” with the fundamental rights to privacy and data protection. The court has confirmed this interpretation in several cases about national data retention measures.
...
Encryption

Encrypted communications are also in the crosshairs of the HLG, which “agreed upon the need for law enforcement to have access to data en clair” and bemoans “the pace of technological developments related to encryption of information” that apparently make existing decryption technologies “ineffective”.

The document insists that “future technical solutions or tools that are developed must not result in the weakening or undermining of encryption technologies for the communication of other users that is not subject to the lawful access measure,” though makes no mention of the fact technical experts have repeatedly pointed out the impossibility of doing so.

Instead, the group is pinning its hopes on new technology being developed:
...
In particular, the plan calls for requirements to be placed on hardware and software developers for new devices and applications to allow “access by design” for law enforcement authorities, whether through legislation, memoranda of understanding, or through the participation of policing agencies in technical standardisation committees.

The plan also calls for legal obligations to be placed on telecoms service providers to cooperate with requests for access to data, and for penalties to be imposed where they fail to do so without good reason.
...
Outgoing MEP Patrick Breyer from the German Pirate Party has suggested that “this secret wish list of EU governments stands an excellent chance of being hastily implemented by the next EU Commission under the auspices of ‘Big Sister’ von der Leyen, right after the European elections.”

If that is the case, then privacy advocates will have much to do to halt what Breyer’s colleague and Pirate Party lead candidate for the elections, Anja Hirschel, has called an “excessive leap directly into a fully monitored society.”

En homona toivota tervetulleiksi Suomeen henkilöitä, jotka haluavat tappaa minut:
http://www.bbc.com/news/magazine-33565055

Tanskan pakolaisapu: hallitsematon tulijatulva johtamassa armageddoniin ja yhteiskuntamme tuhoon:
http://jyllands-posten.dk/international/europa/ECE7963933/Sammenbrud-truer-flygtningesystem/

Penan kaveri Eki

  • Jäsen^^^
  • ***
  • Viestejä: 1 801
  • Liked: 3858
  • EU asetuksen mukaan pätevä henkilö
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #71 : 16.08.2024, 10:45:39 »
Toinen järkytttävä EU-hanke takaporteista kaikkiin laitteisiin ja ohjelmiin:
...
>In particular, the plan calls for requirements to be placed on hardware and software developers for new devices and applications to allow “access by design” for law enforcement authorities, whether through legislation, memoranda of understanding, or through the participation of policing agencies in technical standardisation committees.
https://edri.org/our-work/policing-by-design-the-latest-eu-surveillance-plan/
https://home-affairs.ec.europa.eu/networks/high-level-group-hlg-access-data-effective-law-enforcement_en

Tuhontuomittu idea tämä paremmiston itselleen vaatima oikeus, lukea toisten viestittelyä.

- Tulee jatkossakin olemaan sallittua kirjoittaa salakieltä A4:lle ja postittaa se Kustin kautta toimitettavaksi kavereilleen.

- A4:n ja Kustin korvikkeeksi tulee kehittymään kansalaisten ylläpitämiä, Internetistä riippumattomia, hajautettuja verkkoja. Esim:

Lainaus
Reticulum is the cryptography-based networking stack for building local and wide-area networks with readily available hardware. Reticulum can continue to operate even in adverse conditions with very high latency and extremely low bandwidth.

The vision of Reticulum is to allow anyone to operate their own sovereign communication networks, and to make it cheap and easy to cover vast areas with a myriad of independent, inter-connectable and autonomous networks. Reticulum is Unstoppable Networks for The People.
    https://reticulum.network/

Esim. ym. verkkomahaverkko voidaan totetuttaa LoRa/LoRaWAN-verkkojen päälle. -> NomadNet: Encrypted messaging over packet-radio, LoRa, WiFi or anything else Reticulum supports
    https://github.com/markqvist/NomadNet
« Viimeksi muokattu: 16.08.2024, 11:33:50 kirjoittanut Penan kaveri Eki »
Sepittelee, koska sepitekin voi toimia oikein hyvin

Skeptikko

  • Administrator
  • Jäsen^^^
  • *****
  • Viestejä: 15 698
  • Liked: 28234
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #72 : 16.08.2024, 12:07:57 »
Tuhontuomittu idea tämä paremmiston itselleen vaatima oikeus, lukea toisten viestittelyä.

Kannattaa huomata, että tämä jälkimmäinen hanke on laajempi kuin vain ihmisten välisiä viestejä verkossa koskeva. Halutaan myös pääsy esimerkiksi tietokonoiden ja kännyköiden salattuun dataan, eikä vain viestiliikenteeseen. Ilmeisesit siis jatkossa esimerkiksi koko kovalevyn kryptausten pitäisi sisältää takaportti ja kenties verkkoon kytkettyjen tietokoneiden salainen pääsy viranomaisille tonkimaan konetta jne.
« Viimeksi muokattu: 16.08.2024, 12:10:33 kirjoittanut Skeptikko »
En homona toivota tervetulleiksi Suomeen henkilöitä, jotka haluavat tappaa minut:
http://www.bbc.com/news/magazine-33565055

Tanskan pakolaisapu: hallitsematon tulijatulva johtamassa armageddoniin ja yhteiskuntamme tuhoon:
http://jyllands-posten.dk/international/europa/ECE7963933/Sammenbrud-truer-flygtningesystem/

Penan kaveri Eki

  • Jäsen^^^
  • ***
  • Viestejä: 1 801
  • Liked: 3858
  • EU asetuksen mukaan pätevä henkilö
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #73 : 16.08.2024, 12:20:25 »
... Halutaan myös pääsy esimerkiksi tietokonoiden ja kännyköiden salattuun dataan, eikä vain viestiliikenteeseen. Ilmeisesit siis jatkossa esimerkiksi koko kovalevyn kryptausten pitäisi sisältää takaportti ja kenties verkkoon kytkettyjen tietokoneiden salainen pääsy viranomaisille tonkimaan konetta jne.

Tuhontuomittu idea sekin.

Meidän kioskin kaikki koneet, kuten omat kotikoneetikin, on kryptattu VeraCryptillä.

    https://veracrypt.fr/en/Home.html

Eli käytössä on oma salaustaso kovalevyn oman firmiksen ja käyttiksen välillä.


Edit: ja lisäksi tulee aina olemaan saatavilla Linux-distrojen lähdekoodi, josta mahd. takaportit on poistettu/voidaan poistaa.
« Viimeksi muokattu: 16.08.2024, 12:28:19 kirjoittanut Penan kaveri Eki »
Sepittelee, koska sepitekin voi toimia oikein hyvin

Skeptikko

  • Administrator
  • Jäsen^^^
  • *****
  • Viestejä: 15 698
  • Liked: 28234
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #74 : 16.08.2024, 15:48:54 »
... Halutaan myös pääsy esimerkiksi tietokonoiden ja kännyköiden salattuun dataan, eikä vain viestiliikenteeseen. Ilmeisesit siis jatkossa esimerkiksi koko kovalevyn kryptausten pitäisi sisältää takaportti ja kenties verkkoon kytkettyjen tietokoneiden salainen pääsy viranomaisille tonkimaan konetta jne.

Tuhontuomittu idea sekin.

Meidän kioskin kaikki koneet, kuten omat kotikoneetikin, on kryptattu VeraCryptillä.

Kyllä minäkin käytän VeraCryptiä Windowsilla ja LUKSiä Linuxilla, mutta tällainen lainsäädäntö voisi tehdä elämästä paljon vaikeampaa. Esimerkiksi näiden softien lähdekoodit voisivat alkaa kadota tai niitä ei ehkä enää ylläpidettäisi, jolloin vähitellen niiden käyttö voisi alkaa muodostua yhä vaikeammaksi, kun kuitenkin ajan mittaan esimerkiksi kerneliin alkaa tulla sellaisia muutoksia, jotka edellyttäisivät muutoksia myös kryptaussoftaan. Kryptaussoftien tekijät ja/tai takaportin poistajat saatettaisiin asettaa syytteeseen jne.

Lisäksi voi tulla vaatimus laitetasolla valmistajille tehdä etäkäytettävä takaportti, mihin myös viitattiin (käytännössähän tilanne jonkun NSA:n suhteen voi jo enemmän tai vähemmän ollakin tällainen, joka verkkokortteihin liittyvän firmwaren tai muun laitteiston ominaisuuksien (*) bugien ja/tai mahdollisten tarkoituksellisten reikien takia). Nettiin kytkettyyn koneeseen voitaisiin tunkea tällaisen takaportin kautta datat ja/tai salausavain viemään, vaikka levy olisikin kryptattu.

*) Intel Management Engine - Wikipedia
https://en.wikipedia.org/wiki/Intel_Management_Engine
Lainaus
The Intel Management Engine (ME), also known as the Intel Manageability Engine,[1][2] is an autonomous subsystem that has been incorporated in virtually all of Intel's processor chipsets since 2008.[1][3][4] It is located in the Platform Controller Hub of modern Intel motherboards.

The Intel Management Engine always runs as long as the motherboard is receiving power, even when the computer is turned off. This issue can be mitigated with the deployment of a hardware device which is able to disconnect all connections to mains power as well as all internal forms of energy storage. The Electronic Frontier Foundation and some security researchers have voiced concern that the Management Engine is a backdoor.

Intel's main competitor, AMD, has incorporated the equivalent AMD Secure Technology (formally called Platform Security Processor) in virtually all of its post-2013 CPUs.
...
The subsystem primarily consists of proprietary firmware running on a separate microprocessor that performs tasks during boot-up, while the computer is running, and while it is asleep.[6] As long as the chipset or SoC is supplied with power (via battery or power supply), it continues to run even when the system is turned off.[7] Intel claims the ME is required to provide full performance.[8] Its exact workings[9] are largely undocumented[10] and its code is obfuscated using confidential Huffman tables stored directly in hardware, so the firmware does not contain the information necessary to decode its contents.[11]
...
The ME has its own MAC and IP address for the out-of-band management interface, with direct access to the Ethernet controller; one portion of the Ethernet traffic is diverted to the ME even before reaching the host's operating system, for what support exists in various Ethernet controllers, exported and made configurable via Management Component Transport Protocol (MCTP).[14][15] The ME also communicates with the host via PCI interface.[13]
...
Several weaknesses have been found in the ME. On May 1, 2017, Intel confirmed a Remote Elevation of Privilege bug (SA-00075) in its Management Technology.[36] Every Intel platform with provisioned Intel Standard Manageability, Active Management Technology, or Small Business Technology, from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME.[37][38] Several ways to disable the ME without authorization that could allow ME's functions to be sabotaged have been found.[39][40][12] Additional major security flaws in the ME  affecting a very large number of computers incorporating ME, Trusted Execution Engine (TXE), and Server Platform Services (SPS) firmware, from Skylake in 2015 to Coffee Lake in 2017, were confirmed by Intel on 20 November 2017 (SA-00086).[41][42] Unlike SA-00075, this bug is even present if AMT is absent, not provisioned or if the ME was "disabled" by any of the known unofficial methods.[43] In July 2018, another set of vulnerabilities was disclosed (SA-00112).[44] In September 2018, yet another vulnerability was published (SA-00125).[45]
...
In May 2017, Intel confirmed that many computers with AMT have had an unpatched critical privilege escalation vulnerability (CVE-2017-5689).[38][50][36][51][52] The vulnerability was nicknamed "Silent Bob is Silent" by the researchers who had reported it to Intel.[53] It affects numerous laptops, desktops and servers sold by Dell, Fujitsu, Hewlett-Packard (later Hewlett Packard Enterprise and HP Inc.), Intel, Lenovo, and possibly others.[53][54][55][56][57][58][59] Those researchers claimed that the bug affects systems made in 2010 or later.[60] Other reports claimed the bug also affects systems made as long ago as 2008.[61][38] The vulnerability was described as giving remote attackers:

"full control of affected machines, including the ability to read and modify everything. It can be used to install persistent malware (possibly in firmware), and read and modify any data."— Tatu Ylönen, ssh.com[53]
...
Critics like the Electronic Frontier Foundation (EFF), Libreboot developers, and security expert Damien Zammit accused the ME of being a backdoor and a privacy concern.[75][4] Zammit stresses that the ME has full access to memory (without the owner-controlled CPU cores having any knowledge), and has full access to the TCP/IP stack and can send and receive network packets independently of the operating system, thus bypassing its firewall.[5]

Intel responded by saying, "Intel does not put back doors in its products, nor do our products give Intel control or access to computing systems without the explicit permission of the end user."[5] and "Intel does not and will not design backdoors for access into its products. Recent reports claiming otherwise are misinformed and blatantly false. Intel does not participate in any efforts to decrease the security of its technology."[76]

In the context of criticism of the Intel ME and AMD Secure Technology it has been pointed out that the National Security Agency (NSA) budget request for 2013 contained a Sigint Enabling Project with the goal to "Insert vulnerabilities into commercial encryption systems, IT systems, ..." and it has been conjectured that Intel ME and AMD Secure Technology might be part of that program.[77][78]
...
Neither of the two methods to disable the ME discovered so far turned out to be an effective countermeasure against the SA-00086 vulnerability.[43] This is because the vulnerability is in an early-loaded ME module that is essential to boot the main CPU.
« Viimeksi muokattu: 16.08.2024, 15:58:52 kirjoittanut Skeptikko »
En homona toivota tervetulleiksi Suomeen henkilöitä, jotka haluavat tappaa minut:
http://www.bbc.com/news/magazine-33565055

Tanskan pakolaisapu: hallitsematon tulijatulva johtamassa armageddoniin ja yhteiskuntamme tuhoon:
http://jyllands-posten.dk/international/europa/ECE7963933/Sammenbrud-truer-flygtningesystem/

Penan kaveri Eki

  • Jäsen^^^
  • ***
  • Viestejä: 1 801
  • Liked: 3858
  • EU asetuksen mukaan pätevä henkilö
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #75 : 16.08.2024, 21:52:08 »
Tämä, että lähdekoodi häviää alta, on todellinen ongelma. Esim. parisen vuotta sitten hävisi netistä KrakenRF -lähdekoodi, jolla pystyi toteuttamaan passiivisen tutkan, koska väitetysti setä Samulin pojat kiristivät tekijänoikeuksien haltioita poistamaan ko. koodin netistä.

Epilogi: Nyt näyttää taas olevan saatavilla. Toim. huom.: Netistähän ei voi poistaa mitään. Alkuperäinen koodi mm. Ekillä hyvässä tallessa.

Jonnet ei muista, mutta 90-luvulla kryptaus ei ollut Ranskassa sallittua kuin pankkiyhteyksiä varten.. OpenSSL:n alkuperäisten kirjoittajien, Eric Yongin ja Tim Hudsonin ohje README:ssä oli että, muuttakaa pois maasta jossa kryptaus on kiellettyä.

Intelin ME on toinen peräpukama, mutta kotiinsoittaminen on estettävissä palomuurissa.
Sepittelee, koska sepitekin voi toimia oikein hyvin

ohkurin_narsi

  • Jäsen^^^
  • ***
  • Viestejä: 689
  • Liked: 1012
  • Vanhoillinen sivistysliberaali
Vs: Yksityisyys, tietoturva, vakoilu, salaaminen
« Vastaus #76 : 17.08.2024, 01:48:17 »
Siis toi EU takaporttijuttu ei tule menemään läpi. Tommoisia vaatimuksia tulee koko ajan jossain päin maailmaa tasaisin väliajoin.
Poliisit perustelee noita vuoroin terrorismilla, vuoroin lapolla. Ja tavallisilla kansalaisilla muka ei ole mitään salattavaa. Joopa joo.

Ainoa mikä voi saada läpimenoa olisi Ukrainan sodan kiihtyminen huomattavasti, että EU Parlamenttiin tulee pelko. Muuten tulee jälleen hylsyä.
Parlamentti on ollut historiallisen vahvasti yksityisyydensuojan puolella.

Jos koskaan toimmoinen menisi läpi, pitää viritellä wrapperi missä on sitten poliisien avattavaksi olevia vittuiluja sen kryptatun dadan seassa.