It's not going well for #privacy in Germany. Apparently, they just passed a law that forces telecom companies to inject spyware into communications of **all** users, not just the ones suspected of illegal conduct. In other words, they legalized mass surveillance.

Link in German. I couldn't find an English version. If you find one, please link it below.

digitalegesellschaft.de/2021/0

Follow

@ilyess the telecom companies cannot do much about it, but the app store operators and application publishers can (and now must). You will get the so-called government trojans coming down the line in packages booby trapped just for you.

Time to get off the app store bandwagon.

@fedops Exactly. That's really unfortunate. It will prevent anyone from offering E2E encrypted communications. I wonder what would happen to @Tutanota after this. If I'm getting this right, it will make their offering illegal?

@ilyess no. Communications will still be end-to-end encrypted, but the trojan will get at the payload on your device, before encryption resp. after decryption.

Think of it as a government-mandated keylogger. What could possibly go wrong...? 🤬

@Tutanota

@fedops Exactly! That completely defeats the point of E2E in my opinion. It's like cloud storage services that boast about encrypted data at rest being their way of protecting user #privacy. Yes, if you get hacked that data are protected. Great but if you have the decryption keys, that doesn't help privacy all that much. It has to be zero knowledge.

@Tutanota

@ilyess agreed. I wouldn't trust any cloud provider's unverifiable statements there anyway. Only way to be sure is to encrypt the data before it leaves your device. Which unfortunately makes e.g. partial syncs harder than they should be. And also doesn't help you with things like o365 which sync your data right out of the applications without you being able to do anything to prevent it.
@Tutanota

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.