Attacks on encrypted communicxatiopn rising in Europe

[Johan Wevers]

On 24-08-2016 16:27, Robert J. Hansen wrote:

> Ideally, because they present options that may work better than what we
> currently have.  Privacy absolutism -- the position that there is *no*
> justification for infringing on individual privacy, even in the case of
> serious crimes -- doesn't offer anything better than what we currently
> have.  In fact, many people would think it was a lot worse.

I probably misunderstood you. My position is that there is no compromise
possible in the ability of people to protect their privacy. If it can be
broken by passive technical means - bad implementation, weak password -
that's OK with me. If it requires active hacking - keyloggers or so -
that's not OK with me. If it requires pressuring people to give up their
privacy - fines or jail time when not revealing their password - then I
firmly oppose that.

> But if you're okay with technical attacks, you're not a privacy
> absolutist, either.  If your solution is targeted malware, remote
> exploits, Trojans, and the like, then you're permitting the government
> to do an awful lot to subvert privacy.

With technical attacks I meant more the like of cracking the crypto, not
active hacking of computers or other devices.

All said, I think our opinions are not that different. All I hope is
that the current situation in Europe does not get used as an excuse to
implement laws like the UK has, where not revealing passwords can get
you jail time. Fortunately with perfect forward secrecy in messengers
like Signal and Whatsapp even that becomes impossible, you can't even
decipher intercepted chats from the past because the keys don't exist
anymore.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html