this post was submitted on 04 Dec 2024
535 points (99.4% liked)

Technology

59776 readers
4692 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s
[email protected]
[email protected]
L4s
enu
535
U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack (www.nbcnews.com)
submitted 1 day ago by WhatsHerBucket to c/technology
174 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] theherk 22 points 16 hours ago (1 children)

Different parts of the government. Both existed then and now. There has for a long time been a substantial portion of the government, especially defense and intelligence, that rely on encrypted comms and storage.

[–] [email protected] 15 points 15 hours ago (1 children)

FBI has definitely always been anti-encryption

[–] [email protected] 17 points 14 hours ago (3 children)

I have never understood why electronic communications are not protected as physical mail

[–] [email protected] 6 points 9 hours ago

Because physical mail can be easily opened with a warrant. Encryption can be nigh impossible to break. The idea of a vault that cannot be opened no matter how hard you try is something that scares law makers.

[–] [email protected] 1 points 8 hours ago

Because the USA has been a broken fascist husk ever since the red scare and has been in slow decline ever since.

[–] Astronauticaldb 2 points 10 hours ago (1 children)

Lobbying as well as developmental issues I would assume. I'm no real developer just yet but I'd imagine creating robust security protocols is time-consuming and thinking of every possible vulnerability is not entirely worth it.

[–] [email protected] 2 points 8 hours ago* (last edited 8 hours ago)

No, security is pretty easy and has been for decades. PGP has been a thing since 1991, and other encryption schemes were a thing long before. ProtonMail uses PGP and SMTP, the latter of which predates PGP by about a decade (though modern SMPT with extensions wasn't a thing until 1995).

So at least for email, there's little technical reason why we couldn't all use top of the line security. It's slightly more annoying because you need to trade keys, but email services could totally make it pretty easy (e.g. send the PGP key with the first email, and the email service sends it with an encrypted reply and stores them for later use).

The reason we don't is because servers wouldn't be able to read our email. The legitimate use case here is searching (Tuta solves this by searching on the client, ProtonMail stores unencrypted subject lines), and 20 years ago, that would've been a hardship with people moving to web services. Today, phones can store emails, so it's not an issue anymore, so it probably comes down to being able to sell your data.

Many to many encryption is more complicated (e.g. Lemmy or Discord), so I understand why chat took a while to be end to end encrypted (Matrix can do this, for example), but there are plenty of FOSS examples today, and pretty much every device has encryption acceleration in the CPU, so there's no technical reason why it's impractical today.

The reason it's not uniquitous today is because data is really valuable, both to police and advertisers.