UK passes "online safety" bill making end-to-end encryption impossible
UK passes "online safety" bill making end-to-end encryption impossible
Britain's long-awaited Online Safety Bill setting tougher standards for social media platforms such as Facebook, YouTube and TikTok has been agreed by parliament and will soon become law, the government said on Tuesday.
You're viewing a single thread.
Cant you just make a keyboard app that encrypts it for the recipient while you type it? Will they even ban that?
There are logistical problems with that. Such as how you plan to get the key out to recipients.
When someone wants to start a conversation they send their public key unencrypted (no need for it to be encrypted) and then you send your public key It will be one more message but the keyboard could have some sort of "profiles" for every persons public key, that you could select (This is just an idea, I have no coding experience)
Okay, but how do you then make sure that key isn't intercepted? Anyone who has the key can read your messages
They are talking about asymmetric encryption which has a keypair, private key (kept secret only by the owner) and a public key that is used by everyone that would send them a message. You can’t decrypt the message with the public key when it is encrypted using the public key, you must use the private key to decrypt it.
Ah, I missed the public key part.
That is true, you could do that
Yeah, they're a bit cart ahead of horse on that one.
Like this one https://github.com/amnesica/KryptEY?
Yes, like that, thanks for it. was thinking about something that captures the screen and uses OCR to take the encrypted text and then decrypts it. But that would be complicated and would need to be adapted for every app
No they won't. The bill is against social media companies, not your own encryption measures. Where the line exactly falls between hand-coding your own cypher; using good old PGP; using an app to encrypt but sending via a separate service; using an e2ee messaging app+service; being on a community/group-focused e2ee service; normal unencrypted-on-server social media... Going by the Reuters article (I haven't read the actual bill) it seems mostly aimed at main social media platforms, with a to-be-explored relationship with private messages.