The U.K. Parliament is pushing ahead with a sprawling internet regulation bill that will, among other things, undermine the privacy of people around the world. The Online Safety Bill, now at the final stage before passage in the House of Lords, gives the British government the ability to force...
Outrageous. I would actually be protesting if this were to happen in my country, and you wouldn't hear the end of it. Protect-the-children my ass, this is an attack on the freedom of the common folk. Criminals will continue to use encryption even if its against the law; they were already commiting crimes, so what's one more in the list?
What if I wrote a script and shared it that allowed me to have a chat like experience but worked by sending each other SSH commands? Would that script be illegal? Will they make SSH illegal or force backdoors in it?
This is exactly why this shit is stupid. Basic private key infrastructure will never have the backdoors they believe they need. Nor should it. The principles and algorithms are simply too well known, and there are far too many code examples to truly put this cat back in the bag. All this does is make the average person less secure while doing nothing to actual spies, terrorists or organized criminals.
Please don't fall in that trap. Authoritarian attacks on citizens have always been neatly wrapped in either anti-terrorism or protect-the-children propaganda since the dawn of politics. This is a very obvious and delibirate attempt to further remove freedom from the common folk.
If things get serious and for example the WhatsApp, Telegram and Signals of the world have to disable e2ee to keep operating in the UK, I guess they could just leave that market before compromising data privacy of their users worldwide.
I don't see this "ending encryption worldwide" thingy happening, at all.
But they could dig themselves a deeper hole after Brexit, that's definitely possible and wouldn't surprise me a bit.
VPN will encrypt your communications between your local PC/phone/device and the VPN server you connect to. After that, the data packet transits just as if you’re anywhere else. So if they can crack that encryption, your data is still open. They might not know where the packet came from, but if you are talking PII, that’s not really important. (Does it really matter what IP you had when you tell them your health history and name? Or full banking info?)
Even if it will get dismissed/amended so it doesn't ruin open and private internet, the direction it's all going really worries me. Every couple of months/years you will hear that the governments are trying again and again...Eventually they will succeed - enter "1984"
What about decentralised solutions like Matrix? I think they would have hard time accessing anything if it's stored on a private server.
EDIT: Or is it on ISP level? So no matter how you access/communicate - it will all be scanned the point when data leaves your device and communicates with web.