here's my prognosis: noticed how phishing is getting more popular recently? yeah that will turn straight into spear phishing. anyone sending messages from a public WiFi will be receiving personalized phishing mails written to perfection by ai. i really don't understand how politicians cannot think anything to a logical conclusion
I have an idiotic request. Since I'm not familiar with the subject, could we be directed to a kind of wiki or megathread on how to actually encrypt our communications?
Depends on the application in use. The grail is end2end encryption with asymmetric encryption where no provider has access to the private keys. The difficulty is getting people on a common method where you can just look for your peer and get a public key handed to you without having to fuss around with where it was uploaded.
Maybe the most common/simple would be looking into things like PGP. You and I would both have a public/private key pair. When I send you messages it's encrypted with your public key and signed with my private key, and as a result only your private key can decrypt the message and you know it came from me because only my private key could have signed it.
The ugly mechanics behind it don't need to be anything you actually learn in detail, but just look for apps that offer end to end encryption where the encryption is set up locally rather than in the service provider's host, if the host generated the keypair then functionally it's useless because at that point they have the private key.
As the other commenter mentioned, your best bet is being selective about which services you use to communicate.
Unencrypted (plain text) is the worst, since data is easy for a third party to sniff (think of it as a wiretap). For example, HTTP and SMS are unencrypted.
Encrypted is a good start, since third parties can't sniff your traffic, but the server handling your communications can usually see everything that passes through it. For example, HTTPS is an SSL-encrypted variant of HTTP, and services like Facebook messenger are encrypted, but Facebook can still see all of your messages, since it's stored on their servers.
End to End Encrypted (E2EE) is the golden standard. Only the endpoints (i.e. you and your friend) can see the content of your messages, and all traffic is encrypted in a way that even the server cannot view it. Signal is end to end encrypted, as are many other modern messaging platforms (WhatsApp is E2EE in theory, as is Google Meet, but we can't verify this ourselves).
We should all use PGP, SSL or equivalent tools; VPNs, Tor and/or SSH tunnelling; IPFS, or other distributed file systems — and ditch proprietary OS's in favour of Linux or truly free Android distros. We should switch to Protonmail or similar webmail; to Matrix, Signal or similar messaging. Ad-blocking, URL cleansing and third-party cookie rejection should be the default for everyone. Those tools and techniques should cease to be arcane nice-to-haves for nerds: we must get more non-technical people onboard.
All this is a moral imperative to those of us who have the ability and the means to follow this strategy and to educate others about it.
He just relies entirely on the "moral obligation" people have to use this stuff, but then doesn't give any advice on how to convince people to actually use this stuff besides "using our abilities and the means to follow the strategy and educate others about it". Because I've certainly been trying that for ages and it hasn't worked. Of course a good amount of that stuff I don't even think I would use. I find Protonmail encryption to be annoying in compatibility since you actually have to pay to get the desktop program to decrypt your email, Signal, and a lot of Matrix clients lack a lot of the nice messaging features that extend beyond the app itself (Like Google Assistant/Siri support). Also not sure if OP has seen the current state of using an adBlocker on the web. I'm not sure if everyday people would want to actually deal with that. I certainly can't get my mother to use an adblocker, and whenever I try to instate pi hole onto our network, within moments, someone complains about the internet "not working correctly".
The argument is almost always "we need to start mandating these really private things onto everyone, don't give them any choice on it" and never "how can we make good enough things people will want to use with privacy by design?". I look at apps like Nextcloud and home assistant that have created better experiences than what the market currently offers. And I wish that I could see more of the same with that with apps that are private by design, and can integrate well with just about anything.
I suppose it’s a call to arms - the intended audience is those who are familiar with all those acronyms. It’s meant to ignite a fire in the belly to spur individual action against the proposed Chat Control legislation.
I know what you mean though. The reality of “resisting” is actually kinda messy. Using all the mentioned tooling is exhausting. Much like I don’t think that consumer recycling is going to save humanity, I don’t think that if everyone “made the little effort required to secure their data and their communications” it would end crazy proposals like Chat Control. TLS is so common now (in HTTPS) and WhatsApp (implementing e2ee) is incredibly popular. Yet here we are.
The article briefly mentions open-source software. To me this is where I see more private & secure by design stuff like you mention. I'm happy that things like Lemmy exist making countermeasures like 3rd party cookie blocking sand URL cleansing irrelevant.
I feel like this comment may have been misunderstood. You're not saying that you don't care about this invasion of privacy in the EU, you're saying that you're unable to act on this locally since you're situated in the US.