• Nia [she/her]@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    1 year ago

    I guess that’s fair since most of these tend to be clickbait, but in this case these proposals are genuinely extremely bad, because adding client side scanning to E2E messaging and photos is only one overreaching policy away from being a full backdoor for other purposes in the name of “public safety” since the technology would already be implemented, which would absolutely be the end of private messaging and secure encryption.

    • Draghetta@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      4
      ·
      1 year ago

      What is the problem if it’s client side though? Traffic is still not intercepted, communication is still private. Going from here to a full blown backdoor seems a bit far fetched…

      • makeasnek@lemmy.mlOP
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        1 year ago

        “What’s the problem if the government had one random inspection of your house per year. Nobody entering or leaving your house is getting searched, just the house itself and whatever you store in it. Your house is still private. Nobody else is getting let in, just the government.” They’ll only use this new search power to look for pedophiles. Promise.

        The problem is you have a right to privacy. The government should have to prove a reasonable basis to suspect you of a crime to violate it, and at least in theory that authority is overseen by an independent judiciary. Owning a phone isn’t a reasonable basis to suspect you of a crime and read all your text messages. Privacy and free speech are basic human rights, they are necessary for democracies to function properly and for us to advance as a civilization and share information and ideas and grow.

        • Draghetta@lemmy.world
          link
          fedilink
          arrow-up
          1
          arrow-down
          3
          ·
          1 year ago

          No ok that’s fine but if the check is client side, it happens offline and no data is sent to the servers unless a match is found, your privacy is still yours unless you’re sending CP no?

            • Draghetta@lemmy.world
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              The way I intend client-side is that ideally the client would have the CP hashes built in and would only trigger on a hash match, that is, when it’s 100% sure that your picture is ID’d.

              The problem I have is that if it’s server side it’s indeed a horrible privacy violation, if it’s client side it’s trivial to bypass through some decompiled version of the app - so there is no good way to sell this.

              We’re splitting hairs here, I agree with you generally speaking.

              • makeasnek@lemmy.mlOP
                link
                fedilink
                arrow-up
                2
                ·
                edit-2
                1 year ago

                Yes. But the government can provide an “updated” hash database. Such updates would be frequent. There is no way for whatsapp to know what files were used to make those updated hashes. Unless the government distributes copies of the underlying CSAM to the messenger app providers which kinda goes against supposedly trying to stop the proliferation of CSAM in the first place.