- cross-posted to:
- censorshipnews@thelemmy.club
- europe@lemmy.ml
- cross-posted to:
- censorshipnews@thelemmy.club
- europe@lemmy.ml
- According to Whittaker, the bill requires the encrypted messaging app Signal to install so-called backdoors in the software.
You must log in or # to comment.
What about Threema? 🤔
Good point
Meanwhile, the Swedish Armed Forces recently decided to use Signal for secure communication: https://www.forsvarsmakten.se/sv/aktuellt/2025/02/forsvarsmakten-anvander-appen-signal-for-oppen-kommunikation-med-mobiltelefoner/
Half of the original article:
The Armed Forces, on the other hand, are negative and write in a letter to the government that the proposal cannot be realized “without introducing vulnerabilities and backdoors that can be exploited by third parties”, reports SVT.
So that’s covered.
There needs to be a messaging app which provides a backdoor for every government that requests it. Every time some dumbass legislator asks for a super-giga-secure-backdoor they promise not to misuse, they should be directed to that app.
goatse.cx used to work wonderfully for that.
Imagine the complexity of the encryption algo with 100 different custom made backdoors!
That’s the secret you give them all the same backdoor.
You just encrypt it with every key. It’s wasteful, but not all that complicated.
At that point, you just don’t encrypt things at all.
It’s worth noting that mullvad is based in Sweden
Mullvad has proven time and time again that they don’t log anything at all. Even if they give backdoor access, there’s nothing to record.
Literally the first sentence of the article: “The government wants Signal and Whatsapp to be forced to store messages sent using the apps.”
WireGuard protocol logs very little information by default. There is literally no way to make it log more than it does by default.
Even then, Mullvad has no customer information. You’re given a customer number, which is intentional.
I stand by my initial post in that there is very little, if anything, to record on a Mullvad server. If I’m not mistaken, Mullvad recently announced they are running all VPN services through a RAM only setup, therefore, there aren’t even any drives to record customer information even if they chose to.
No wonder they pussied out and removed port forwarding
I’m not familiar with EU law, but wouldn’t this set a precidence across the whole EU?
There is no such thing as a precedent in EU law. Any court can in general disagree with any other court. Appeals still exist, but they are only valid for that one case.
Judges don’t make laws here.
Not unless turned into EU law, or a lawsuit over it reaches EU court. Individual countries can’t change the rules of the union on their own.
There’s already EU court precedence against mandatory backdoors
Is there a supremacy clause like what the US has? Like, if the EU court has a ruling, does a member country get to override that?
The EU in general uses civil law, not common law. Courts in general don’t establish precedents, so it does not matter what a court rules beyond that specific case, laws are wrtitten to be super specific, and you generally can’t challenge laws in court like in the US.
The EU works through a double process of lawmaking.
It can create directives that are like how US laws work as they need specific interpretation, except it’s national legislatures, not courts doing the interpretation.
And there are regulations - like the GDPR - that have to be adapted and enforced verbatim.
This is a cornerstone of the ongoing Big Tech dispute, they thought they can forum shop by buying the Irish judiciary, but they can still get indicted, even for the same violation, in any other EU court if that court also has jurisdiction.
https://commission.europa.eu/law/law-making-process/types-eu-law_en
Each country may still have the equivalent of a constitution, and the majority of EU laws are directives which the country may translate to fit their local law, also there’s various negotiated exceptions to EU laws. But the general idea is that the treaties establishing EU are meant to require full cooperation
no.
And now it starts. Programs specifically designed to be encrypted getting attacked.
“Now”? Apps like Signals are constantly under fire. Whitaker already told the whole EU it would just leave if they introduced the “chat control” legislation.
Apps like Signals
This was about a different app named ‘Signal’, I think, without the s.
Just a typo.
Is this law broad enough to also catch up Proton and its services?
This attack by governments on encryption is getting more and more concerning.
Is this law broad enough to also catch up Proton and its services?
They don’t need a law, they already logged and complied on request
They want less accountability for themselves so they can get away with more corruption.
I hope people take notes.
Proton is swiss
And gobbles Trump’s knob publicly.
They won’t need a law to force compliance.
Yeah, to be honest if you need to hide from the government, don’t use Proton. Actually, don’t use email.
Proton is good for hiding from Google and Facebook, and not having a life full of ads.
Sci-fi writing in here I see
EDIT: For the downvoters:
- He clearly didn’t support Trump in general, but he did praise Trump’s pick for the antitrust position.
- Proton code for the clients is opensource, so it’s not possible to add backdoors without being discovered (encryption happens in the clients).
- Proton business model is inherently disincentivizing them to do so. They are a profitable company with a clear profile that would lose so many customers if they decide to do so.
- Proton is incorporated in Switzerland, it’s unclear what the benefit would be to “appease” Trump.
- Proton is controlled by a nonprofit. In the board of this nonprofit there are people like Carissa Veliz (author of “Privacy is power”) and Tim Berners Lee. So even if Andy Yen was a full on MAGA, he still wouldn’t have autonomy to decide that. Note that he ceded control himself.
- There is absolutely nothing in the history of Proton that suggests they would be open to backdooring their software.
- There is a long track record of choices to protect users’ privacy. This also includes yearly substantial donations to nonprofits who work in this space.
If this is not enough, I don’t know what is, but for sure the baseless accusations of a random user shouldn’t be enough as well.
He clearly didn’t support Trump in general
lie
so it’s not possible to add backdoors
lie
Proton business model is inherently disincentivizing them to do so. They are a profitable company with a clear profile that would lose so many customers if they decide to do so.
Didn’t work on you
Proton is incorporated in Switzerland, it’s unclear what the benefit would be to “appease” Trump.
Straw man
So even if Andy Yen was a full on MAGA, he still wouldn’t have autonomy to decide that.
being a non profit and him owning enough of it to do what he wants are unrelated.
There is absolutely nothing in the history of Proton that suggests they would be open to backdooring their software.
There is a long track record of choices to protect users’ privacy.
Tell that french activist they turned logging on for and gave up to the authorities.
Yes, what possible benefit could a Swiss company that sells privacy might receive from cozing up to a fascist state?
Lies about what the CEO said with the official account.
One of his direct statements btw:
"10 years ago, Republicans were the party of big business and Dems stood for the little guys, but today the tables have completely turned.”
Thinks non-profit is anything but a tax status. Hasn’t paid enough attention to all the “non-profit” companies switching to for-profit as soon as it’s financially convenient, much less the “non-profits” that only exist to funnel money to their overpaid executives.
Doesn’t realize that Proton’s biggest security vulnerability is Proton the organization.
Fucking lol. Actual clown shit trying to bait people into the honeypot.
A long comment that doesn’t say anything.
Yes, what possible benefit could a Swiss company that sells privacy might receive from cozing up to a fascist state?
Yes. What? Is Trump going to send them customers? Money directly? What is the benefit. If it is so obvious to you, state it clearly.
One of his direct statements btw
Quoted out of context. Yes, he thinks that Republicans are more likely to fight against big tech. Stupid? Naive? Probably. But it still doesn’t mean supporting Republicans in general (or Trump). BTW, don’t take my word for it, he explicitly elaborated that point in a reddit comment.
Thinks non-profit is anything but a tax status.
Imagine lol Proton is still a for profit company (tax status muh) but it is controlled by a nonprofit, which means that the steering wheel of the nonprofit company is in the hands of an organization with no profit motive, with a solid board. Now let me hear the mental gymnastic about tax status.
Doesn’t realize that Proton’s biggest security vulnerability is Proton the organization.
Again a sentence that doesn’t mean anything. You want to explicitly say what this threat model means? Go ahead. Throwing things like this is pointless.
Actual clown shit trying to bait people into the honeypot.
Keep your tinfoil hat, I don’t care. I am not promoting even, I am stating some facts about the fact that it seems very unlikely that Proton will backdoor their encryption for no reason but to please Trump.
Yeah, I don’t get if these are Proton PR bots, or they’re just heavily invested in the company and are in denial. They just take that PR, add some flourish then a bunch of unrelated BS.
“It is harder to convince someone they have been tricked than to trick them in the first place” and such.
I wanted to reply to your points but someone beat me to it.
Learn to think critically. Close the app for a day, cool off and re-read all of these replies.
Do you think we would all just dump on something for the fun of it or just to piss you off? This isnt reddit.
Cmon man, take a second, look around and understand that the taste of boot leather is not very pleasant. Proton is not here for your privacy … I mean it is, unless you’re a french journalist … or a person of interest for the right people.
Uuh… Ok? How is that relevant?
Directly.
I don’t get how its supposed to work…they want to require messengers to include backdoors in their software? So when a program is FOSS, then you can literally just use it knowing there is no backdoor…also, what blocks you from using a server in different country? Wtf that even means…
Then politicians would simply require for “any technical measures to ensure the backdoor to be available” or something like that, meaning it would be Signals’ job to ensure the backdoor works. They don’t give a shit how something is done (IT is just too complex for most of them), only that it gets done somehow. For that very reason federal digital services are such a shitshow so often, they just don’t understand what they even ask for so professionals always have to work around politicians’ demands constantly breaking even the most basic security principles.
The “if” to that “then” being that if they pass a law that would make Signal illegal in Sweden, then Signal will leave Sweden.
Illegal unless they install the backdoors. They could choose to do that instead of leaving Sweden, but they are choosing to leave Sweden.
If they did that, Signal would no longer exist at all. Nobody anywhere in the world would want to continue using it.
I agree that it would destroy the reason many people use it, but they aren’t outlawing Signal specifically. What they are doing is arguably worse, but this isn’t an “anti-Signal” action.
Well yeah, they are not attacking Signal the company, just their core busibess model.
I think you wildly misunderstand the average person’s motivations and how they weigh decisions.
We’re talking about Signal, not FB Messenger. People use Signal because of the encryption, and they would leave.
The “average person” you have in mind who obviously does not care about cryptographic security also does not use Signal.
There are a few people in my social bubble that are not technical at all, but heard a few bad things about WhatsApp and that’s why they are using Signal. Nothing more, they do not know how it works, they do not know who provides it.
And now they’ll hear something bad about Signal and move on as they did with WhatsApp, as per your example.
Seems to me one of the main things that got people to move away from Whatsapp en masse a few years ago was a rumour that they’d added a backdoor to it similar to the one Sweden is thinking of demanding. If an unfounded rumour did that much, the real thing might do substantial damage to Whatsapp as well if they were to go along with it. It probably wouldn’t completely demolish it, as it would for Signal — or at least its demise might take longer.
thats not the target audience, thankfully.
The target audience is everybody with a Smartphone.
The majority of people in my signal contacts are there because someone (sometimes me) pushed them to use it instead of WhatsApp.
While that’s generally true, one of the main reasons why people choose apps like Signal is the privacy. People that aren’t aware and don’t care generally wouldn’t have switched to Signal in the first place.
deleted by creator
I’m a bit surprised that the armed forces are openly opposing this, but good for them!
I mean beyond everything else, any group actually interested in the safety and security of citizens (so, not politicians or cops anywhere apparently), should be pushing everything to be encrypted everywhere. In the modern digital world anything not properly encrypted is at risk for ate tracks by bad actors.
Don’t know if it’s a trustworthy source, but:
https://cornucopia.se/2025/02/forsvarsmakten-infor-krav-pa-signal-for-samtal-och-meddelanden/
That is because they just decided to switch to use it for internal communications. This means that they would have to roll back that decision.
Technically only for non-classified internal communication. Classified stuff is restricted to be discussed only using military approved locked down hardware. But still, issuing a strong recommendation for Signal above all other options when communicating using regular devices is a good thing. Lots of “regular” conversations can still leak more than you expect through metadata, timing, etc, so they trust Signal to protect that
It would have been good of the article to mention that important tidbit…
It happened like 2 weeks ago so I will forgive them for missing it.
I have to ask. If Signal “leaves” Sweden because it is deemed illegal without backdoor, how would this even work regarding enforcement? Your phone gets searched and if they find Signal you get a fee? Messaging being blocked somehow by Swedish ISPs, is that even possible?
Signal will be delisted from Android/Apple store. That’ll curb the majority of Signal use in Sweden. I suspect Sweden isn’t going to after individuals. They could if they wanted to. ISP blocking, probably not, but yes ISPs can block Signal by blocking all known Signal servers. That’s why Signal supports special proxies that allow individuals to run to allow people from blocked locations to access the Signal servers.
That’ll curb the majority of Signal use in Sweden.
…unless a bunch of users plan to actually do something illegal, in which case a delisting from the app store doesn’t stop anything. Once again, it’s just to enable data collection about as many ordinary citizens as possible.
The proposed law would require messaging apps to store copies of user messages.
The law isn’t targeted at users directly. It’s targeted at the service providers. If the cops can access your phone you’re already screwed.
Blocking Signal traffic might be theoretically feasible but it would be a game of whack-a-mole. Legally, Signal might have to stop serving IPs in Sweden but that’s Sweden’s problem and VPNs exist.
They will likely IP geofence Sweden to block connections to Signal’s servers being made there.
Removed by mod
The question was what Signal would do though …
Removed by mod
Removed by mod
i am searching their link to Sweden
no link found yet, i will search again
.
https://signal.org/
© 2013–2025 Signal, a 501c3 nonprofit. “Signal”, Signal logos, and other trademarks are trademarks or registered trademarks of Signal Technology Foundation in the United States and other countries (more info here).
.
https://signal.org/donate/
Signal Technology Foundation is a nonprofit under section 501c3 of the US Internal Revenue Code..
“Leaving a country” for digital services usually means not providing services there anymore.
Yeah, but why do they feel forced to? I understand the EU is imposing fines on Meta and Google because they have branches in member states. But Sweden can do to Signal as much as the US could do to The Pirate Bay.
Thanks, this makes a lot more sense.
… i keep, time and again, searching for things, only to discover my “search goal” is not based in reality.
Nice PR move, but when do you announce leaving the US, which is the much bigger issue right now?
