Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Alec Muffett Profile picture
@AlecMuffett
Sep 11, 2021 15 tweets 8 min read Read on X
Scrolly
1/ It's tempting to be darkly snarky about this article, along the lines of

"Met Commissioner Cressida Dick calls for more terrorists to be 'known to the police' before committing atrocities"

…the allusion being that (continued)

telegraph.co.uk/news/2021/09/1…
2/ The allusion being that Security Services are already swamped in more "data" than they are "intelligence".

Evidence? INHOPE, the global Child Safety Hotline umbrella organisation, are swamped with old & stale reports, so develop "triage" tools:

inhope.org/EN/articles/wh…
3/ However it seems egregious of Ms Dick to raise this on the anniversary of a event which was clearly not enabled by E2E-Encryption - because there was hardly any of it in 2001.

Hell, the Paris attacks 14 years later, were arranged via plaintext SMS:

arstechnica.com/tech-policy/20…
4/ The truth is that this is all part of a campaign to stop Facebook deploying E2E Encryption in (specifically) Facebook @messenger, the intention being to prove state power over encryption, and to dissuade innovation elsewhere:

theregister.com/2021/09/08/uk_…
5/ If that sounds a bit narrow or paranoid — "only Facebook?" — other journalists have noted that of the big messenger solutions:

- WhatsApp
- iMessage/FaceTime
- Telegram
- Signal

- only @messenger is NOT YET default-end-to-end-encrypted

9to5mac.com/2021/09/09/csa… HT @benlovejoy
6/ …and others are noting that @pritipatel is being awfully quiet about iMessage's existing end-to-end encryption whilst openly cheering Apple's privacy-disastrous on-device CSAM surveillance:

phonearena.com/news/uk-govern…
7/ So this is actually a "political game" - the world's governments want to hinder adoption of cryptography, and if they can visibly and embarrassingly stop Facebook — if they can MAKE AN EXAMPLE of Facebook — then (the thinking goes) they can stop anyone.

What happens then?
8/ If this happens, a massive chill will pass over the Internet:

Developers and startups will need to employ lawyers to tell them what code they may/may-not write.

Architectures which strongly protect data will be avoided, in favour of ones that speculatively support snooping.
9/ How do I know this? Because I lived through it in the 1990s. If you want to see lingering echoes of it, go look at this page:

oracle.com/uk/java/techno…
10/ You needed a software "key" from the Java website, to be able to use cryptography in Java.

Export controls and other legal tools were employed by Governments to inhibit your ability to keep data safe, secure and private.
11/ The consequences echoed in security bugs for the next 20 years, with downgrade attacks and other weaknesses brought on by this obligatory nightmare.

digicert.com/blog/freak-att…

en.wikipedia.org/wiki/FREAK

en.wikipedia.org/wiki/Logjam_(c…
12/ SUMMARY: We need real cryptography, to protect data, to protect users, to protect people.

We need the freedom to design solutions & write code without a lawyer checking it for compliance with "legally maximum permitted privacy".

We need End-to-End Encryption to be "normal".
13/13 In order to get this, Civil Society will need to support Facebook in building End-to-End Encryption in Facebook Messenger.

This will doubtless be hard for many, in light of many "hot" issues that Facebook have caused. But if we want encryption, we have to do this 1 thing.
If you want to read this unrolled:

The Telegraph & Cressida Dick's article on End-To-End Encryption, is part of a deeper political project

alecmuffett.com/article/14926

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Alec Muffett

Alec Muffett Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @AlecMuffett

Alec Muffett Profile picture
Nov 2, 2023
Hot on the heels of #ChatControl and in the name of “identity” and “consumer choice” the EU seeks the ability to undetectably spy on HTTPS communication; 300+ experts say “no” to #Article45 of #eIDAS #QWAC alecmuffett.com/article/108139
If you would like to see more discussion regarding:

Regulation: EU Digital Identity Framework — including #eIDAS and #QWAC

…here's a #ReadyMadeTwitterSearch with links & more information at: github.com/alecmuffett/re…
More: securityriskahead.eu
Read 8 tweets
Alec Muffett Profile picture
Jul 20, 2023
When Signal and WhatsApp have fled the surveillance of the #OnlineSafetyBill, what app will still be around for politicans, journalists, and actual normal people to use, securely.

The answer might be this:

alecmuffett.com/article/85187
@JohnNaulty @matrixdotorg Let's be clear: we are talking about the evacuation of the entire Signal and WhatsApp userbase / niche, from the United Kingdom.

That's a lot of people.
WOW:

- No Signal
- No WhatsApp
- No iMessage
- No Facetime

@jamesrbuk called it #internexit; the UK will be extraordinarily isolated from the rest of the internet.

bbc.co.uk/news/technolog…
Read 15 tweets
Alec Muffett Profile picture
Jul 21, 2022
All Watched Over By Filters Of Loving Grace: GCHQ's Holistic, Sociotechnical , "Thoughts on Child Safety on Commodity Platforms" #ghostProtocol #ghost #NCSC
alecmuffett.com/article/16236
This still stands:
THE NEW GHOST PROTOCOL PAPER'S UP!

tl;dr —

* @GCHQ like client-side filters

* …and ghost chat participants

* …and would like everyone else to buy into them defining what E2EE means

* …because they *don't* like simple definitions of E2EE

arxiv.org/abs/2207.09506
Read 17 tweets
Alec Muffett Profile picture
Jul 20, 2022
I've been saying stuff like this for ages, maybe if @alexstamos says it too then people will listen? #DMA
Inevitably the response is something glib like "Use Matrix"
A big part of the the reason for the existence of that API was because the European Union wanted to enable people to access their data; so they created the problem, complained when the inevitable leaks happened, and are now reinventing it
Read 4 tweets
Alec Muffett Profile picture
Jun 10, 2022
Oh God, please, no. Cc: @glynwintle

channel4.com/press/news/cha…
Could be the attached, but my suspicion is that this is going to be another CYBER! DARKWEB! CYB3R! SYBER! CAMBRIDGE ANALYTICA‼️BRAIN CONTORL! YOU SAW AN ADVERT AND SO A RUSSIAN ARTIFISHIAL INTELLIGENCE APP MADE YOU VOTE FOR UKIP! … thing.

READING BETWEEN THE LINES:

Plucky spooks in Cheltenham but dressed for speed-dating in 2015-era Shoreditch, battle "Russian influence operations" that Nadine Dorries will soon cite as rationale for the #OnlineSafetyBill.

Token American subplots help sell the series to the US.
Read 4 tweets
Alec Muffett Profile picture
Jun 2, 2022
Back in 1991 I published an open-source password cracking tool which defined the state of the art for the next 5+ years, so much so that echoes of it can be found in all major password crackers of today.

Some folk criticised me for doing this, choosing words like these to do so: Image
I know that in general it's bad form to take a single quote out of context and use it to critique an entire essay (concerned.tech) — but I do feel that this time it's deserved.
The concerned-dot-tech essay has had extensive technical debunking, e.g.:

1/ prestonbyrne.com/2022/06/01/deb…

2/

…but that's not what bothers me.
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(