France rejects backdoor mandate
eff.org1043 points by hn_acker a month ago
1043 points by hn_acker a month ago
Just like for other big challenges like biodiversity and climate change, it feels like it often boils down to the politicians just not understanding enough to take rational decisions. Of course they can't all have a PhD in cryptography, but they should also not have no clue at all.
Over an over again, politicians are asking for backdoors. To me it just proves that they don't understand the very basic of how encryption works.
Especially these days in Europe, it seems completely insane: it is already a problem that most companies use US services, given that the US have become hostile to Europe. The sane way to go is to try to get better privacy for European companies/people, not worse. Adding backdoors just makes it easier for adversaries to access private data.
> To me it just proves that they don't understand the very basic of how encryption works.
Hanlon’s razor isn’t always true, sometimes it really is malice. Considering EU ministers want to exempt themselves from Chat Control, that suggests to me they do understand enough of the basics.
https://european-pirateparty.eu/chatcontrol-eu-ministers-wan...
I love the combination of them naming this evil bill "Child Sexual Abuse Regulation Proposal" to make it sound like an obviously good idea, and them asking to be exempt from it. So are you implying you are abusing children?
Especially considering that governments such as the UK (I know they left the EU but I'm more familiar with them than the current EU members) have a pretty grim history of exactly that.
Using their own bullshit excuses against them, that might actually cause their heads to explode. Of course the rebuttal will be something something national security yadda yadda.
yes, they are obviously to be considered child abusers. thats what I will publicly call ANYONE that supports their own exemption. they are pedos and child abusers, and should them campaigning for their exemption should count as admission of guilt
[flagged]
You'll leave a link to a blatantly disreputable tabloid news blog?
Similar accusations have been constant recurring themes since the emergence of the Dutroux case, and from other cases that have emerged since then.
That link was the first random link that popped up, that, from memory, was illustrating the theme at hand.
No, I wasn't willing to do a deep dive into the putrid sewer of child abuse to satisfy the need for a "better" link.
It's upsetting enough to know that these things exist, and I have absolutely no need to make it my area of expertise and focus, for my own well-being.
If you want to, knock yourself off.
So what? The source isn't nearly so relevant as the nature of the information presented. It's tedious to see sometimes useful tidbits for possible investigation get dismissed because they're "disreputable".
It’s far more often malice than stupidity, when talking about overreach of power. I absolutely hate Hanlon’s Razor, it’s how we got here.
> it feels like it often boils down to the politicians just not understanding enough to take rational decisions.
That's a very gullible take and kind of apologetic for the politicians. If you are implementing a backdoor to crypto-systems, you probably know exactly what you are doing.
That, and this has been re-surfacing time and again under different pretenses make this a deliberate attack on freedom of expression. The politicians know exactly what they are doing.
Listening to the debates in the lower chamber (Assemblée Nationale) and the arguments of those arguing in favor of backdoors clearly show they do not have a clue how any of this works. They are not clever players doing double-bluffs. They are ignorant stooges.
The article clearly states that it was pushed by the Interior Ministry. Those in there know exactly what they are doing.
On the other hand, the interior minister himself has no clue, as well as all the politicians in the assemblée. This is where the double-bluff is from. (granted, I think Darmanain was an exception)
We have to remember that, while the minister changes with the government and thus is by definition a politician (seriously, look at some of our ministries, they go from education to health taking a trip by ecology with a pit stop in finance), the ministries themselves are made of people that mostly stay in place and are not affected by government changes. Those are the ones making the calls. And those precisely know what they're doing (thing DGSI and DGSE).
> Those are the ones making the calls.
No, the career specialists in the ministries are the ones writing the reports and developing options. Ministers, in France and other democracies, bring their own staffs of experts. Those will work out a recommendation. The minister -- or more broadly speaking the politician -- makes the call.
And frankly, I don't know of another way. Nobody can be an expert on all the things that come up in a single ministry, let alone the parliament.
On paper. But it is easier to get influenced by intelligent "Subject Matter Experts" and they usually know how to nudge the public representatives their way.
This is a known and accepted flaw of rotating leadership in democracies.
Why do they need to understand how encryption works ? They’re mostly interested in the goal ( a lock that can be broken by law enforcement, and allow wiretapping), and will tell you that these things are already possible in the physical world today.
In other words they’re fine with intruding upon citizens privacy - this doesn’t require any understanding of encryption I think ( and if encryption prevents that, their answer would be ‘ban encryption’)
This is incorrect. They will quite often claim that it is possible to do without breaking encryption, as required for banking and such. They do believe it is possible to have a backdoor that will _only_ be accessible to the government. Completely ignorant of how quickly that backdoor will be found by hostile state actors.
Well, hostile state actors can ( and do!) already wiretap lots of things in the physical world, in theory wiretapping / surveillance is only possible for governments etc. And the NSA semi-successfully inserted a backdoor through carefully chosen elliptic curves a few years ago ( DUAL_EC_DRBG ) by convincing folks to use a weak PRNG.
I’d say that the problem isn’t so much related to encryption, but to the fact that anything digital can be industrialized very quickly, and that the ‘if it goes wrong’ scenario can go really wrong if ( and when) your backdoor falls into the wrong hands.
From a lawmaker’s perspective, it’s just a different kind of risk, which they may or may not be assessing properly. In some ways I see it as closer to people misunderstanding how easy and how bad it is to lose large amounts of data : it’s not related to the inner workings of computers , but rather to the leverage that computers provide. The same is true with weak crypto : everything is great until suddenly everything is in the clear all at the same time, and read by people you don’t want.
First, the constituents on the chamber are supposed to vote along the party lines. Yes, they do not understand what is going on but that does not obviate their responsibility. Negligence can be criminal. I am specifically talking about the people pushing this (as in planning, writing, orchestrating its ascent to become law and then enforcing).
No, it is theatre. They are masters of their craft. They are pushing an agenda to convince the public. They pose as ignorant and relatable, so that the ignorant and relatable keep voting for them.
I'm sure some of them do but encryption is pretty unusual as a lock that police can't break. If a judge orders a search of your house and the incriminating evidence is in a safe they will break it open if you refuse to open it for them. Governments aren't exactly happy that for digital assets there's ready made mass-market systems where the response to any search warrant will be to pound sand.
When law enforcement tells you that they're being hindered by the fact that even unsophisticated criminals have E2EE messaging and that's their biggest source of evidence (pulling text records) then asking for back doors starts to sound reasonable. It isn't of course because it defeats the whole point but it doesn't have to be a crusade against speech or whatever.
The issue is that something like this will not affect the criminals, they can just use something with encryption.
> Governments aren't exactly happy that for digital assets there's ready made mass-market systems where the response to any search warrant will be to pound sand.
Which is to say they understand the situation perfectly and are acting with a firm intellectual grasp of what is going on.
The issue isn't that they don't understand encryption, it is that they reject citizens having any sort of power to resist the state. Which is cool and all, authoritarianism is always with us to some extent. But at its core they see this from the viewpoint that the state is fundamentally in control and sometimes it grants people the privilege of privacy because it doesn't think what they are saying is important and therefore they can be humoured. They'll pretend technical ignorance if it gets the liberals off their backs, but the only people they are fooling are the credulous.
> it is that they reject citizens having any sort of power to resist the state
But by doing that, they make it easier for adversaries to spy on their own citizen, which is a national security issue.
That's why it sounds like ignorance to me: I understand that they really want a backdoor just for themselves "because they are the good guys" and "for national security", but they don't understand that if they have a backdoor, then their adversaries will eventually have it, too.
It isn't even that complex an idea, you laid it out in 1 sentence. "If they have a backdoor, then their adversaries will eventually have it, too". They understand that just fine. If anything, you're the one who doesn't understand although I'd not push the point because the rules around political debate are weird and you might be humouring them.
The people in government have a hierarchy of threats. Social challenges from within their own nation always higher than those from foreign countries. Most politicians are perfectly happy to sacrifice national security to be able to see what their citizens are saying, they just won't articulate it in plain language because it sounds bad.
We can tell this because they're signing off on narratives around being "the good guys". Anyone pushing that sort of narrative spin isn't a good guy. That isn't how law enforcement works in practice and anyone in high political power knows it if they have even a shred of intellectual honesty; they've seen how the sausage is made and are well aware that the real world is all various shades of what happens when a family breaks down and siblings start fighting with each other.
What I don't understand is this:
Whether they are gullible, corrupt, or simply pieces of shit and sociopaths... Why are they allowed to keep their job? And how can we fix democracy to make sure that they are held accountable?
Let's be clear about one thing: Hanlon's razor is bullshit. Globally, only about ~30% of humans think that "people are generally trustworthy". Even fewer think that "strangers can be trusted". So it fucking IS malice, and people are not trusting because they know that it is malice. In fairness you can look at nord-european countries for some counter-examples, but 30% is a good approximation.
I don't even care if politicians are stupid or malicious. They're probably both anyway because they're human. But what I care about is that they don't fuck with my hard earned civil liberties. So much blood was shed to get where we are... have we learned nothing at all?
This is the line of Russian propaganda. But don't try to explain by malice if it can be perfectly explained by incompetence.
Unbelievable. What does Russian propaganda of all damn things has to do with this? Especially considering that the power takeover in Russia happened much in the same way - people assumed the politicians are dumb and naive, which I'm telling you as someone who tried to resist that takeover. Yes, your politicians - all politicians, regardless of the country - would have been happy to have more power over you and need to be kept in check. They are never naive, only you can be naive by assuming that. If you forget this for a second, you're done. This is not some kind of controversial issue all of a sudden, that's basic democracy.
> What does Russian propaganda of all damn things has to do with this?
They welcome Europeans thinking their government is out to get them
> Especially considering that the power takeover in Russia happened much in the same way - people assumed the politicians are dumb and naive
People in Russia did the opposite of that. People in Russia were conditioned by decades of violent dictatorship and were either afraid to make a noise or actively wanted the strongman fascist rule. And the guy in power is actual ex KGB. There's a difference
> your politicians
Putin?
> need to be kept in check.
Keeping in check != assuming the worst. Assuming the worst from everybody is how no one would get anything done. e2ee, like any tech not bad or good inherently helps both goodies and baddies. Not turning blind eye on this is important first step. Even if your gov doesn't get a backdoor now they will keep at it until they find a way because voters who are not extremist libertarian techbros want them to. Your way out is to help them find a good enough way witg a compromise.
> People in Russia did the opposite of that. People in Russia were conditioned by decades of violent dictatorship and were either afraid to make a noise or actively wanted the strongman fascist rule. And the guy in power is actual ex KGB. There's a difference
I'm sorry if I'm blunt or rude but you have zero idea what you're talking about, and judging by this answer you're unlikely to even attempt to find out. It saddens me that people who have actual chance to avoid neo-feudalism learn nothing from the experience of my own country (Russia), because hey that's Eastasia and we've always been at war with Eastasia so it can be discarded, "we" are not like that, surely "we" are not "them" and can do better, it can never happen here. Well, good luck! You'll need it.
What you quoted is reality. People who care are in those two categories with rare exceptions. If you are actually russian like me you'd know that 95% of people are in two of the above groups I described. Literally everybody you ask either voted for Putin or did not vote (if we pretend elections were real)
And you I guess have no objection to my main point. e2ee helps crime as much as good guys, maybe more because it helps scale crime. And non stupid government would see that. If what a democratic government is doing to fix this looks like censorship, then it does not mean the government is bad. There is other context. A good democratic government can be instructed by competent experts make better tradeoffs. You cannot expect politicians to be competent experts.
It saddens me that every now and then even well intentioned(?) fellow russians act like every government is like that. You're not the only one. The legacy and history of how people came to power is completely different. Yes it's hard to believe but there are governments who are different.
If you want to see how actual surveillance would look, check out russia. Chinese firewall tech, TSPU boxes at every ISP, making VPN illegal etc. Unlike EU there is historical context and evidence in which it is clear that the government is not doing this to fight crime.
TSPU is just the consequence of a failed attempt to bring it under control, which happened much much earlier (no point in getting into detail here). And yes you're right, I actually have no objections to proportional response and keeping trust where it's possible, you can't get things done without it. Just keep in mind that "it cannot happen here" attitude is dangerous and you're always one step from what you've thought is impossible. Opposing to E2EE strikes me as similar to unified IDs in some European countries that are proud of safety and convenience it brings, dismissing the reality that they are now one regime change from the total control. (not even the unlikely change, considering that certain EU countries historically lean "right", for simplicity).
Sure. But also remember there is also a balance between hostile distrust for all things government does and getting things done. They cannot happen at the same time.
And remember authoritative governments don't care about trust and they get things done while west is squabbling.
To say gov does it to spy is not constructive. What can you do? If they are against you you lose, they hold all the power. This reminds me of attitude of most people in Russia. But to say government does it because it doesn't know is constructive. Because it (and the public) can be educated. There are democratic processes for this.
These aren't dumb people. They know exactly what they're asking for. Privacy and security of the public's data is not a priority to them, surveillance and power is. Politicians would much prefer all communication in plaintext, to hell with individual freedoms and privacy, especially European politicians that don't come from the same traditions of freedom as the anglophone countries.
What politician do you expect to openly confess the above in public. These are world-leading politicians, i.e., professional athletes of lying and obfuscation.
>especially European politicians that don't come from the same traditions of freedom as the anglophone countries.
Have you been reading English-language news? Attempts at limiting privacy and advancing surveillance have been nonstop in the anglophone world over the past decades. What may even have been the first attempt at having a backdoor mandate was American: https://en.wikipedia.org/wiki/Clipper_chip
The UK and Australia are ahead of countries like France in restricting freedom, so this sounds like a poor attempt to avoid complimenting the US specifically.
> These aren't dumb people.
Yes, they absolutely are. I agree with the rest of your comment, they aren't interested in privacy or security, want generalized surveillance, and are world-class liars.
But they are also pretty dumb and extremely ignorant of anything technical.
I sort of agree with them. I want all privacy abolished for politicians. Think about it, if we live stream them in the shower we might get some much needed young people to take the job. Let them keep the ad revenue. Only fans suggests it should be the best paid job out there and the workers are all about public approval.
no more naughty business!
That is not how it works. Politicians will vote for special measures for themselves, but citizens need to have their data easily presentable for inspection by government agencies. Think of the children/terrorists.
"These aren't dumb people."
they are, most tech worker didn't know how cryptography works under the hood and yet you expect politician to know it??? nah its just intelligence agency make a request to parlement of some shit
Are you actually trying to say that understanding cryptography is a prerequisite for intelligence?
In the context of a discussion where the two propositions are "they take bad decisions because they don't understand" or "they take those decisions by malice", I think the parent is trying to say "they most probably don't understand cryptography, given that most tech workers don't either and those politicians are less into tech than tech workers".
You mean UKUSA? Echelon? Patriot Act? SSL and encryption 'bans' making the vendors get OpenSSL from the Canadian OpenBSD?
OpenSSL = OpenSSL Software Foundation Inc / OpenSSL Software Services Inc (In the US)
OpenSSH = OpenBSD (In Canada).
OpenBSD does maintain a fork of OpenSSL, called LibreSSL.
OpenBSD had a SSL stack too, not bound to US licenses and restrictions on exporting.
Before the LibreSSL fork? I did not know that. They've shipped OpenSSL for as long as I can remember, and then forked it, in 2014.
How long ago was that?
OpenSSL built on Canada was fine. Get NetBSD from US mirrors and you got a TLS-challenged OS until the 00's when the restriction exports on tech 'as weapons' were nonsense.
No dumb perhaps, but very very short sighted and it pretty clear how other decisions can be so very wrong, once you hear them get quizzed on encryption.
"We should have a backdoor for law enforcement", okay but what if that abused by some regime that doesn't like Jews, Muslims, Christians, homosexuals, communists, authors, journalists... you? Obviously THOSE people shouldn't have access to a backdoor. Okay, but if you do it EU wide then Hungary will have access to it. Okay, only Western European nations should have access. What if AFD wins in Germany or Groupe Rassemblement National in France? Okay, in THAT case the backdoor access should be revoked. Who decides that?
It's very clear that politicians want backdoors in encryption, but only under a very specific set of circumstances. Those circumstances are almost completely tied to their own parliamentary seats. If questioned long enough, most of them will see it issue, they probably won't admit it though.
So no, not dumb, just incredibly short sighted on almost irreversible decisions that can and will hurt the wrong people.
I would like to know what the public opinion on these issues is before blaming politician's ignorance, considering that to them the relevant knowledge is knowledge of what voters will support or tolerate. The impossible promise of backdoors that France can enter but no other country, organized criminal syndicate or petty government-employed stalker can find is only one impossible promise among the many we can hear from the world's parliaments. In fact, the impossible promise is something of a stereotypical tactic.
French want less criminals and immigrants in the street. Whatever it takes.
I'm french, i have not heard any people, work, street, even television or internet speak about that.
The sad truth is that it wouldn't even solve the issue, criminals will always be able to use encrypted communications. there are open source software that can't be tampered with, software that doesn't use a single server where backdoor can be put, or they could even simply encrypt their text message. i could do that from my mac terminal and Bruno Retailleau isn't going to put a backdoor in my mac terminal...
> French want less criminals and immigrants in the street. Whatever it takes.
If that were true, France would have a vastly different immigration policy. It would even have an explicit, drastic, and targeted emigration policy.
Since when the general population are the decision makers? /s
Well, half /s anyways. Working class don't want them because "they're taking our jobs". Middle class don't want them because "blah blah security". Upper class want them because that's cheap labour. And as it happens, the upper class is the class in power.
Most french don't care. But this still creates tensions, even between immigrants, say for like housing. As we say in french, it's a "bourbier".
In the end, it's the same situation as in any other country where immigration has taken over the frontline of the political debate.
Open source software can definitely be tampered with if the maintainers aren't vigilant enough. Look at what happened with XZ/LZMA debacle a few months ago. Yeah it didn't make it into most distros but still...
And the sad reality, the maintainers for most useful OSS projects are essentially paid employees of a company. Which can be easily enticed/forced by governments.
And then there's the hardware manufacturers. Even the most hardened software running atop compromised hardware becomes worthless.
Moi aussi je suis francais.
> French want less criminals and immigrants in the street. Whatever it takes.
Maybe it's because I spent most of my time in big cities hanging out with relatively well-educated, often left-leaning, relatively young people, but I'm not getting that vibe at all.
Yes, you do have pathological cases of badly integrated immigrant communities - for example the quartiers Nord de Marseille, and yes, I've known more working class people who have to endure abuse from anti-social immigrant drug dealers to express some pretty far right views, but I'm not sure that reflects the majority of the French population. I don't watch the news much, but when I do I don't see anything about issues with integration, mostly stuff about Ukraine and Trump.
You could , and should, make the point about criminals and drug dealing affecting "normal citizens" without using imprecise and often wrong terms like immigrants.
Yes. Many people feel unsafe, are affected by crime, or feel they are. Yes, people are afraid. Whether they are, statistically actually more unsafe, or not (most often aren't) matters little. If people have a problem with criminal behaviour or abuse, they have a problem with criminal behaviour or abuse. Regardless of where that comes from. Being beaten up by three Moroccans hurts just as much as being beaten up by three Frenchies whose great grandparents were also born in Marseille.
It honestly doesn't help. First and foremost because many people will now dismiss the problems you may adress, simply because they are drowned in what appears racism, or at least ignorance.
The thing is, the criminals do tend, and when I say "tend to" I mean "as far as I can tell, always are, although obviously just because I've not seen a counter example doesn't mean one doesn't exist" always be from similar ethnic groups.
You've heard of the Italian Mafia? A criminal organization where ethnicity was literally a criteria for admission? Or, while not criminal, Jewish diamond merchants? Having a specific ethnic group specialize in a certain type of commercial activity isn't new.
When that activity is trafficking drugs from Morocco, against the wishes of the local state, it's not surprising that the organization is largely composed of people who happen to share a common language, culture and ethnicity with Morroco.
And if you're wondering why Morocco, well that's where all the hashish is grown.
You've possibly been to "Chinatown" in a large city (say NYC). Now remplace east Asian immigration with North Africa immigration, replace the stereotypical restaurants and dry cleaners with drug dealing, and you have north Marseille.
This unfortunate fact actually drives a lot of the racism. If you ignore it because it sounds racist well... The problem will remain, refusing to accept that there currently is an ethnic group that dominates illegal drug trafficking in a certain place, due to ties with the source of the drug doesn't make it any less true.
Similarly, of you're smuggling cocaine into the US, speaking Spanish is a really good trait to have. Because the country that produces most of the cocaine speaks that language.
How does naming the ethnicity of a group of criminals help in solving or preventing the crimes the commit?
If there's a clear, proven answer to that, one that works obviously better than other methods to solve or prevent it, then by all means: name this parameter.
In all other cases, it helps nothing. If anything, its counterproductive.
Let me give an example: a significant portion of Dutch heavy criminals, in the niche of harddrug trafficking were raised in poverty (relatively, its still the netherlands), in tough neighborhoods, by parents/families that often fall partly outside of the established social constructs.
If you look carefully, non of these parameters are "of certain ethnicity", but the enthnic group underlies many of these parameters. A populist politician, or racist, would say "they are all Marroccan". Which, except for the absolutists "all" is true, even. But it doesn't help one bit in preventing this crime, catching the criminals or preventing new kids to become the next generation.
What helps is finding the traits that do lead to them turning criminal; many of these traits may stem from their ethnic background. Mind you: these traits are by no means excuses, merely traits that allow a clearer and more effective treatment of the societal illness that these criminals are.
(Source: my ex treated a.o. criminals at a TBS. Where phyches "dissect" these people in order to treat them so that some might some day return to society)
[flagged]
> Your lack of empathy for others is always baffling for me. “I haven’t had problems with occupants, therefore they are not a problem.”
They just said that they hadn't observed the same thing in their entourage.
> Some had to crawl, bleeding on the floor, reciting to Coran.
Are you referring to a recent event in France? Can't find any with the query "réciter coran otage". That quote makes France look like a war zone.
> Some pupils grow under oppression, having to donate their lunch meal every day.
> Some had to give their mobile phone.
Are you making a link with "occupants" from the first sentence? Because bullying and assault didn't wait for immigration to exist, and criminality in general is caused by so much factors that makes the analysis harder than just looking at correlations.
> some people are thrown in the Seine.
Search for "jeté dans la Seine" (thrown in the Seine):
- [20 years ago] Brahim Bouraam: murder of a Moroccan in Paris by a far-right militant [0]
- [5 days ago] A jogger thrown into the Seine by a drunken German, another bystander injured [1]
I don't think you referred to those actions.
> But as long as you give occupants priority and respect in your life, and you respect them
Nobody said something remotely related to that in the thread.
> don’t say anything about the occupied zone
...
I hope that you can still find some enjoyment in the dystopian alternate reality you're experiencing.
PS: I lived in a hot district. I haven't been assaulted but I know someone who has been. It hasn't been perpetrated by an immigrant, and nothing happened after. He hasn't been caught, police closed the case, and life went on. It makes me think the problem here is not related to immigrants. But that's anecdata anyway. A study apparently found no correlation between immigration and criminality [2].
[0]: https://fr.wikipedia.org/wiki/Affaire_Brahim_Bouraam
[1]: https://www.20minutes.fr/faits_divers/faits-divers-paris/414...
[2]: https://www.lemonde.fr/en/france/article/2023/04/23/no-study...
I find your linked study intriguing, as an American who's aware of studies on my side of the Atlantic that show an inverse relationship between immigration and criminality - i.e. immigrants commit less crime than native born citizens: https://www.cato.org/policy-analysis/illegal-immigrant-murde...
Is that truly not the case in France? I'd be curious as to the results of a study comparing this effect across both countries.
Crime rates from immigrant populations are highly dependent on where the immigrants come from, and the US tends to do a better job at integration than European countries in recent years. Not that the US did not experience problems with immigrant crime from South America, but it is much worse in Europe, notably with immigrants from the Middle East. I think the baseline crime rate in the US was also higher than it was in European countries, before mass immigration policies kicked in.
The US is an ocean way from Middle East. What did you expect? If the US imported inmigrants from war zones, (like Mexico with narcos but far worse), California, New Mexico, Arizona, Texas... would be shitting bricks today.
I'm pretty sure that the biggest numbers of immigrants in those states come exactly from that "war zone" that you think Mexico is.
> French want less criminals and immigrants in the street. Whatever it takes.
What about using the probability that a specific race or religion will commit crimes then target those people with aggressive tactics.
As for the public they could make those people feel unwelcomed through constant harassment in the hopes they leave the country.
Thus reducing the crime rate by any means.
----
I checked the murder rate and it's been on a downward trajectory for the last 30 years
https://www.macrotrends.net/global-metrics/countries/fra/fra...
I haven't check other stats but what if your views on crime are being manipulated by people who have agenda that normally wouldn't be possible if the true reason was revealed?
> I haven't check other stats but what if your views on crime are being manipulated by people who have agenda that normally wouldn't be possible if the true reason was revealed?
Actually, you're right about murders, but you're wrong overall i'd say. Organized crime is on the rise since 2004? Maybe a bit before.
Politicians "reformed" the police, removed our "proximity police" which were basically social workers with physical and weapon training, who also were a great point of contact for future informants as it built a lot of trust in some cities (mostly western and northern France: it didn't work as well in the south and in Paris, but it worked truly great were i lived and their removal killed a lot of initiatives. My bet is that the failure in Marseille and Paris killed the initiative which worked great in small to medium cities).
And then circa 2008 they added another police reform that basically pushed police towards targeting petty criminals. Petty criminals turned to organized crime "en masse", and nowaday you have basically 3 crime families who run most of the crime in France. They reached Paris around 2011-2014, divided it cleanly around 2017 (i've heard multiple people talking about a missile launcher sighted in the 93 around 2015-2016 when i lived there, in at least 2 different location) and now politicians act surprised.
> I haven't check other stats but what if your views on crime are being manipulated by people who have agenda that normally wouldn't be possible if the true reason was revealed?
That is a known fact. Criminality rate drops but french people are feeling more and more insecure.
There is a media oligarchy in France (by billionaires) that pushes anything but left ideas (the left want an exit tax and a wealth tax, the last one is the Zucman tax). The idea that immigrants are criminals is easy to spread as the prison population is clearly different than the mean population of France (for various reasons). They are pushing it so hard that the population is feeling insecure even if the criminality rate drops.
Source about media oligarchy by billionaires: https://upload.wikimedia.org/wikipedia/commons/thumb/a/a6/M%...
[flagged]
What is an occupant ?
There used to be a increase of crime but it was because of what the law counts as a crime. And no, non-lethal crime didn't increase so it is not about medicine that is getting better.
Its their clever little dog whistle.
[flagged]
You broke the site guidelines badly in this thread, and we've already had to warn you about this before. Moreover, you've been breaking the site guidelines in other threads lately as well.
If this keeps up, we're going to ban you. It's not what this site is for, and destroys what it is for.
If you'd please review https://news.ycombinator.com/newsguidelines.html and stick to the rules when posting here, we'd appreciate it.
In France, like a lot of other countries, they are blaming everything on the immigrants.
Crime? Immigrants are doing it. Retirement age? Immigrants are spending the money.
These things are not backed up by data, but just like the US, or Nazi Germany, nobody cares, simply easier to choose an easy "solution" and blame immigrants.
> In 2019, 82% of the people implicated by the police and the gendarmerie declared themselves French and 18% foreigners, while they represent 93% and 7% of the population in France respectively.
https://www.insee.fr/fr/statistiques/5763585?sommaire=576363...
Immigrants commit a bit less crimes than the locals in France.
Yes, but inmate population is mostly immigrant descendants (for various reasons, poverty and been unable to work are the main ones).
The morally lazy racist explanation is helped by the famous logical fallacy that if most criminals are of foreign origin, it must be because most foreigners are criminals.
> to them the relevant knowledge is knowledge of what voters will support or tolerate
That's relevant knowledge. It's not the relevant knowledge. Another piece of relevant knowledge is facts about complex things like political science, cryptography, etc. Since politicians actually need to decide and implement things, as a side gig to being popular, lack of the proper knowledge to do so is a shortcoming.
> I would like to know what the public opinion on these issues is
Not big sample sizes, but I regularly ask and interview people from all sides of life, and to a simple question like "Do you think the police should spy on you if that catches criminals?" the answer is always a resounding "no". Especially young people. They just way "No way. We're not criminals". They "arguments" may be choppy, muddy waters, but I don't think peoples feelings about being spied on is much of a mystery.
Here in Sweden the answer from the general public often is "yes, I am honest and have nothing to hide".
Unlike French media, Swedish media does not have a well-developed tradition of confronting those in power and/or demanding accountability.
I often get frustrated by how easily interviewees dodge direct questions by answering something completely different, and get a "thank you" from the journalist in return, instead of a follow-up question.
That sounds like the US in the postwar era, under Eisenhower. It broke down quickly, as the journalists were not slow to catch on when the leaders abused that trust.
It's not just our media, it's our culture.
We have a looong and storied tradition of not liking the government, starting with our first revolution in 1789, continuing in 1830 and 1848, and further reinforced by the Nazi occupation during WW2. When I went to England, I heard the joke "where are all the French people? Oh right, probably on strike again".
I feel like some people would probably go out and protest if the government went so far as to suggest that maybe regular tooth brushing might be a good idea, just out of principle.
Yeah we don't do that here. Our culture was Pirate Bay and nation-wide torrenting until the government said it was stealing and people stopped because we are Honest Citizens.
No revolutions, unless explicitly permitted by the government.
Actually makes me a bit worried given the recent geopolitical development in the world.
One problem is that public opinion is also often at odds with facts. It's not hard to find a sequence of "Do you want X or Y" type questions that will send many people into a circle of intransitive preferences.
I think it is a valid point: politicians try to please their voters, and the voters don't know anything about how encryption works.
If you tell your voters: "I will force those tech people to develop encryption that can be accessed by the good guys but not by the bad guys", the average voter will say "yeah, that sounds reasonable".
I am frustrated that the politicians don't understand that they are making it worse for everybody, but that's probably a consequence of their voters not understanding it either. That's always the problem with complicated issues (e.g. climate change or covid). Voters typically vote without having a basic understanding of the topic.
> Just like for other big challenges like biodiversity and climate change, it feels like it often boils down to the politicians just not understanding enough to take rational decisions. Of course they can't all have a PhD in cryptography, but they should also not have no clue at all.
They would argue about the damages drugs do.
I think they know what they are doing. Digital privacy has no lobby outside of EEF. We donate more than $10k to them annually.
The "war" on drugs is what brings all of the violence and crime associated with drugs, not the drugs themselves. But it finances the police industrial complex and so many people would lose out (or be forced to focus on actual crimes rather than people consensually trading plants or chemicals) that it will never happen.
> The "war" on drugs is what brings all of the violence and crime associated with drugs, not the drugs themselves.
Some of it, certainly, but I doubt it's all. Violence committed by druggies trying to scrape up enough for their next hit would still happen.
Do you not see that you're contradicting yourself?
If drugs were not prohibited, they would not cost so much as to cause "scraping up enough".
How come I can buy 50 liters of isopropanol (99.(9) whatever, dehydrated, better than medical eth) for like 20 euro, but no luck for ethanol. Even while ethanol is that much cheaper to produce?
I wonder how much crime is done by people trying to get another hit of alcohol or cigarettes. They are pretty addictive, but I haven’t heard of this becoming a problem with legal drugs for whatever reason.
> Violence committed by druggies trying to scrape up enough for their next hit would still happen.
How much violence do you see from people trying to scrape up enough to get the next drink or cigarette?
It's almost none, because those things don't cost enough to ruin a person's life. Even for most of the serious addicts.
Also, violence caused by a sociopath's giving a desperate addict $50 in exchange for the addict's shooting one of the sociopath's enemies would still happen.
Also, addicts stealing from their moms would still happen, which is regrettable even if it is not violence.
The syringes thrown away on lawns and playgrounds probably also won't disappear just because the drugs get cheaper.
Hmm...
The "war on drugs" probably brings violence associated with drugs, but drugs in general bring harm (when someone becomes an addict or dies because of an overdose, it does harm to the relatives). Nobody would care about drugs if it didn't.
The pharmaceutical industry has a pretty big lobby, so does big tobacco, and don't even get me started on the alcohol industry.
If one of them finds a way to patent drugs that are currently illegal or otherwise profit from it, legalization will happen.
Honestly, in many places, legalization has already happened, look at the coffee shops in the Netherlands and the dispensaries in North America.
The police industrial complex might be attached to their cash cow, but everyone else in the capitalist system wants to get rich too, and I suspect in the long run that'll win out.
Also, much as how after a few thousand years of civilization people eventually wised up to human sacrifice wasn't actually a good idea and was not in any way required to make the sun come up, maybe at some point in the future we'll realize that harsh criminal penalties don't actually solve the drug problem.
France has some of the strictest laws against cannabis use in Europe, and also some of the highest rates of consumption, or at least it did last time I checked.
>> given that the US have become hostile to Europe
I'd like to comfort you that this is not true for the majority of Americans. We are having a hard time wrapping our heads around what our new government is doing.
It kinda doesn’t matter; Individuals aren’t making foreign policy decisions day-by-day, Republicans leaders are. Until we effect change in our government, we are hostile to most of our allies.
> we are hostile to most of our allies
One bad news (for everybody) is that I believe a lot of citizen of those "allied" countries don't see the US as allies anymore. The US are now seen as this unstable "partner" that threatens becoming an enemy (e.g. by invading those ex-allies militarily) and may well become an enemy.
And the feeling is getting worse everyday.
It matters to me, as a person who travels frequently, that people in the countries I visit don't believe that Americans writ large voted for the foreign policy we see being enacted. Even among the ones who voted for Trump, there seems to be a lot of shock at the aggressive posture toward our allies. I think it's important to convey that a majority of Americans are not on board with this 180 degree turn in our position toward Europe.
But yes... individuals don't make foreign policy, and we are subject to the whims of our polity. That's exactly what I'm asking the parent poster to take into account.
It matters to me too. However, it still doesn’t negate the fact that we are hostile.
There is always good news and bad news in the world. Our judicial branch is (so far) working to reverse illegal moves by the executive branch. People are protesting across the US and across the world. Our allies are currently putting pressure on us that is reversible.
The bad news is that our country is losing trust every day. We voted this person into office twice. We are deporting people for voiced opposition to the regime. There are now travel warnings to the US from multiple countries. Ironically, it’s now harder to leave the US. MAGA is trying to spread into other countries given the foothold it has gained here.
There isn’t a lot of comfort to give when the guy who holds the nations nuclear codes is questionably coherent and actively hostile.
>Even among the ones who voted for Trump, there seems to be a lot of shock at the aggressive posture toward our allies.
Source?
Yeah, it's good to mention. Still I believe that from the outside, in practice it doesn't matter much: if Trump gives the order to invade an ex-ally, who is to know if the US would do it or not? To the outside it is a risk, and a country making that kind of threats probably does not count as an "ally".
I am not here de defend politicians, but...
The title says "France rejects backdoor mandate" but TFA makes it clear that France is not a hive-mind:
- The rejection was by the French National Assembly (think parliament/congres) - Ths happened despite pressure from the internal ministry (the government)
I find it interesting that it is often a similar story at the EU level where the European Parliament puts a stop to the worst impulses of the European Commission.
> it is already a problem that most companies use US services, given that the US have become hostile to Europe.
Risking a potential flame war here but I think it’s important to cool down hysterical rhetoric whenever it’s pushed.
The US has not become hostile to Europe, and it’s quite silly to say this in contrast to, say, a certain country next door that is currently invading a European country.
The US is in the midst of a many decades “pivot to Asia.” This is not hostility, but growing indifference.
> This is not hostility, but growing indifference.
Among others, the US is threatening to invade and annex ex-allies using militarily force. This is the definition of "hostility", and again this is only one example.
> given that the US have become hostile to Europe
That’s more than a bit of an overstatement. One faction in the US government has started being less loyal to Europe. Most Americans consider Europe to still be our closest allies and friends.
Furthermore the US businesses are not stupid and have shown they will stand up to government pressure around data sovereignty. Anything less will drive both US and global customers back to on-prem infrastructure.
https://www.reuters.com/article/legal/microsoft-sues-us-gove...
> Most Americans consider Europe to still be our closest allies and friends.
The feeling isn't mutual.
> Furthermore the US businesses are not stupid and have shown they will stand up to government pressure around data sovereignty.
Only until it threatens their livelihood and family. Don't be naive. The majority of both Democrat and Republican members of the Senate and Congress, and many judges and other people in high positions in the government are afraid of the repercussions of crossing Trump. The US is screwed.
> Most Americans consider Europe to still be our closest allies and friends.
Maybe, yes. Do you know how many Europeans now consider that the US are not allies anymore? And how many take the threats of invading them seriously? Allies don't threaten to invade.
> Furthermore the US businesses are not stupid
The oligarchs of BigTech have clearly bent the knee. It would be irrational to trust them.
> To me it just proves that they don't understand the very basic of how encryption works.
No?
You can have encryption with “secure” backdoors. (In the sense that only an entity with the backdoor key could use it.)
For example, let’s say you were going to symmetrically encrypt some data with a certain private key.
You can add the key to the data, asymmetrically encrypted with the public backdoor key.
(You can improve on this with a salt to retain public anonymity.)
As a theoretical matter, cryptography can do this. As a practical matter…that’s a separate question of human structures and behaviors. But you don’t need cryptography to understand that.
The problem is, that many of the politicians in high positions are corrupt, bought by companies, and/or only went into politics, because they couldn't get a productive job. There are politicians, who never in their life had a proper job, were born wealthy and never had to work like someone in a productive proper job has to.
There may be exceptions, of course, but over and over again, when one checks the background of politicians in high positions, one finds out, that they simply inherited a lot, and never worked in the field they are making decisions about, nor actually in any other field. They "just became politicians". And even then they misuse funds, cars for private trips, first class tickets on means of transportation, let themselves be bought by lobbies, have prospect of some corporate board later, have even more side income than they are being already paid for their badly done job as a politician, and so on and on. Many one could outright call despicable.
The problem is, that we let them do it. Going into politics is such a clusterf' that no normal person even wants to do it any longer. It only attracts those kinds of person we see there. Others are sidelined or never join politics in the first place. Then we also don't vote/kick/protest them out of office the moment we hear about their crimes.
With things like this I think of the bill that tried to change the value of pi:
It seems to me the bill tried to charge royalties on maths and that a result would have been state sanctioned calculations would contradict the value of pi.
The Wikipedia article notes that the redefining of pi was specifically not an aim of the bill, pi not being mentioned in it.
Every good idea needs powerful PR. How about we start rallying around the term "software equivalent of cancer" which Tim Cook coined to describe encryption backdoor.
Speech matters. "Software cancer bill" sure sounds less appealing than "catch terrorists bill".
Nobody has to understand the details about why encryption backdoor is impossible to implement without breaking the encryption. It is too hard of a topic. I only understand it vaguely. Does it matter? You don't need phd in silicon design to know that chips are important.
>To me it just proves that they don't understand the very basic of how encryption works.
Chats being encrypted between multiple participants is a normal use case of cryptography. Giving limited government access can be part of a cryptoscheme and doesn't mean that encryption has to be disabled.
"the US have become hostile to Europe."
1. I don't believe that anything changed in recent months/years other than the US repeating the statement that maybe EU should take care of its own defense. Not exactly a new sign of "becoming hostile" IMO.
2. If this would even be true then they have always been hostile to Europe and only just recently started becoming honest and open about it (but again, I dont see any sign of actual change). Five eyes, NSA, etc is not exactly new and have super obviously been used and are still being used by the US to do economic and political espionage on Europe for at least decades. The leaked news of NSA spying on German chancellor Angela Merkel's phone is like 10+ years ago by now?
My opinion is that every EU company that uses Onedrive, Teams, Outlook, Google etc (99 percent of them is my guess) are basically paying to give away their trade secrets to their US competitors. "but the terms of the contract say..." yeah right...
Its just become harder to stick European heads in the sand.
Is government agencies to. In the UK the NHS uses AWS, courts use Teams.... IT security is just ignored - its only recently that it occurred to the govt to remove Chinese cameras from sensitive sites.
European militaries are heavily dependent on the US too and have a lot of equipment that is reliant on US supplies or can only be used in line with agreements with the US.
Plus apparently there are things that only USA can currently do, awacs radar support and other recon I think
I believe there are several non-US awacs systems out there, although the American ones are probably the most common.
They have alienated their allies for sure and this time it seems different and it seems that it will have a lasting impact. Including for tech companies.
> Not exactly a new sign of "becoming hostile" IMO.
It feels like you missed the hostile actions. There are many, but let's just mention the fact that the US repeatedly threatened to invade militarily.
> To me it just proves that they don't understand the very basic of how encryption works.
Even if you don't have the encryption keys you can read messages by breaking into a phone and taking screenshots, for example.
> Of course they can't all have a PhD in cryptography
We could be seeing the effect of France's top notch level of mathematical attainment in how their politicians are behaving.
Education lifts all boats.
On the other hand, people can believe experts without being experts. Perhaps the French parliamentarians just listen better.
Not trying to debate club you here, but it could also be that higher educational attainment creates parliamentarians that can listen.
Another thought, in a highly educated populace, the path length between any person and someone highly skilled would be much shorter. Everyone would know someone who knows someone who is an expert in a subject. So it would be much easier for someone to seek and get assistance.
> but they should also not have no clue at all.
they usually talk to experts in those areas. Who those experts are can vary quite a lot though.
They know, they just don’t care. And they have learned if they just ignore problems, then most times they’ll get away with it. Like for example all their responsibilities to stop an ongoing genocide, or to combat apartheid
But think of the children
The children are not benefited by Putin and Kim Jong-Un being able to read their messages.
[flagged]
>Right wing international police apparatus will stop at nothing.
What's this have to do with right wing? Can't we have a civil discussion about tech impact in society without making it all about how only one political affiliation is always evil wile the other is always righteous?
Abuse on freedom of speech, spying and censorship is bad no matter which political side does it, and they all do it, so leave your political grumbles at home, this aint the place, hence flagged.
To be fair, the right has effectively captured the left. Any fool can see it now, even if somehow they couldn't prior to the past couple years.
You are implying that mainstream centre-left parties were somehow inherently different in the past when it came to issues like this?
And then of course actual (or especially far) left adopted authoritarian policies whenever they had any power regardless of any of their past rhetoric (conservatives are at least occasionally honest about what they want to do)
Because tech and society, like everything else, is inherently political. Backdoors, surveillance, control. These are things fascist and proto-fascist societies try to achieve. And they are thriving as of late.
Fascist behavior and actions aren't limited to the political right wing. Anyone can do it, you just choose to cherry pick the one you dislike under "fascism" and be OK with the fascist behavior that allies to your political views as being correct and justified.
Do you see any conservatives firebombing people's private property right now, or is it only the "tolerant left" doing it?
How much online free speech was censored under the leadership of the left in the years prior, all under the guise of "protecting free speech" and "creating safe spaces"?
One can abuse the "think of the children" emotional arguments to justify a lot of fascist totalitarian behavior and policies, all in the name of "good". Remember: "The road to hell is paved with good intentions".
> firebombing people's private property
So any destruction of private property due to political or ideological reasons is inherently "fascist"?
Anyway not that this justifies anything but wouldn't insurance pay for the destroyed Teslas? If so the terrorists are doing those people a service in an indirect since they would be able to buy a car they wouldn't have to be ashamed of driving anymore, so win-win (as long as nobody is harmed, there is no valuable stuff in the car etc.)
[flagged]
Please learn to recognize sarcasm.
And just to be clear, even if you are responding in a tongue in cheek way. One person is joking about damaging physical property, and you're joking about about sending that person to prison for 20 years for their sarcastic remark. Do you really think a Tesla is more valuable than a human life? Do you really think a low effort joke is more valuable than a human life?
In what way was I promoting or justifying anything?
I mean it's horrible if you car is destroyed by dumb and violent people (just burning lithium batteries makes it much worse, which IMHO is the greater crime but that's somewhat tangential) but if it doesn't affect you financial it's not a big deal and you are much less of a victim than the fire fighters who have to put out that fire.
Damage to property seems secondary and barely significant compared to uncontrolled burning of dangerous materials. Thinking otherwise is quite something...
Vandalism by itself isn’t really a fascist action, so I’m not really sure what your point is.
However, it is my experience that people using the phrase “tolerant left” aren’t frequently interested in discussions grounded in reality.
People labeling everyone who disagrees with them as "fascists" or "right wing", aren't capable of any kind of discussion or rational thought.
It's my fault I got involved in the silly discussion in the first place since nobody starting a discussion with blaming "the right wing", is fully allright in the head. We closed down the asylums, and so they moved online.
Why do you think they label everything they disagree with fascist, not just some things? You only have one example of a thing which they disagree with, and labeled fascist. You are arguing against something someone didn't actually say (a.k.a. a straw man).
> We closed down the asylums, and so they moved online.
https://en.wikipedia.org/wiki/The_pot_calling_the_kettle_bla...
> Fascist behavior and actions aren't limited to the political right wing.
Fascism is a right-wing political ideology, not a set of personal/non-governmental behaviors and actions.
So while this is a series of words that grammatically forms of a structurally valid sentence, it doesn't actually have any meaning.
It has a meaning. Fascist behaviour and actions are the behaviour and actions of fascists.
now we have president and his apostoles publicly calling on journalists to be jailed. “free speech” for right means “only shit we want to hear” and for left means “you can’t really say shit that entices violence and is blatantly false” neither of course is “right” but as you initially stated this shouldn’t be political and then you proceeded to politicize it fully :)
The US have not become hostile. So far it has made two demands of Europe, and both of them are reasonable:
1. Europe should not rely entirely on the US for its defense (stated by Trump numerous times).
2. Europe should stop its mad self-destruction and descent into totalitarianism (stated by Vance on several occasions).
Were they incorrect? Were they unreasonable? Sometimes you need a friend to tell you a harsh truth. Hearing that truth does not make that friend into an enemy; quite the contrary.
1. And made it clear by threatening to take land from a European country by force.
2. That's funny coming from a person who is building a totalitarian system. He was supporting parties that would make a similar development in Europe possible.
Your comment only makes sense if you agree with either premise behind (1) or (2).
I bet the vast majority of Europeans across all swaths of the political and socioeconomic strata would tell you that (1) Europe DOES NOT rely entirely on the US for its defense and (2) that Europe is NOT on a mad self destructive descent into totalitarianism.
In fact, as an American, id say (2) sounds vastly more applicable to the the USA under the current Republican administration.
Further, they'd also tell you to stop taking your talking points from those two bozos. It destroys your credibility by using them as any kind of reliable source of factual information.
> I bet the vast majority of Europeans across all swaths of the political and socioeconomic strata would tell you that (1) Europe DOES NOT rely entirely on the US for its defense and (2) that Europe is NOT on a mad self destructive descent into totalitarianism.
And you'd loose that bet. Your opinions might be shared in your leftist bubble but definitely not across the whole population.
It is anecdotal but during Covid and the crypto boom I was chatting with someone living in France. He told me he was happy to have a few crypto since he has been using one of those exchange to buy illegal drugs.
Basically he told me that over there people just go on websites to order drugs, pay with crypto from a centralized crypto exchange and then have it delivered in they physical mailbox. And this is not the Silk road thing this is local business, shipped by the national postal service from an address in France from France.
I also read an article once saying drug stores on the internet and social media are very common over there.
My conclusion was that, selling most drugs had become de facto decriminalized in France.
Strangely France is also by far the country where I have been systematically harassed by the police and customs (at the frontier and within the country). They are very aggressive and it is to the point that I now avoid that country as much as possible.
And tariffs are the the act of a friend too? Let's not be silly. Trump's is America first: the upshot of which is everyone else can be a subordinate or a rival. Europe is wisely choosing not to subordinate itself to the US quite so much. It'll be interesting to see if it becomes a real rival.
> Europe should stop its mad self-destruction and descent into totalitarianism (stated by Vance on several occasions).
If your source is Vance, I would suggest you question it.
Most of the world is currently looking and worrying at the US becoming an oligarchy. Who is talking about "Europe descending into totalitarianism"? The sentence does not even make much sense, as Europe is not a country. I'm not even sure if Vance is aware of it.
When you genuinely think that everybody else is wrong and you are right, maybe it's time to take a step back.
What politicians want (and what they think average people want) is very different from what HN users want.
Politicians: a backdoor that can be used by the police for investigating crimes, but not by criminals themselves.
HN users: no backdoor at all, especially not a backdoor that can be used by the police.
I strongly disagree.
Politicians: technology that strengthens the power of the state, against crime, but also militarily, for spying on enemies both foreign and domestic.
Citizens: defensive architecture that prevents the state from preventing free speech.
This is especially relevant in the era of AI, where the cost of mass surveillance is virtually zero, and is incredibly powerful at sentiment analysis and summarization. Free speech is threatened when any statement can and will be used against you.
also politicians want a backdoor especially for tracking treason / spying possibilities, which in a way comes under police investigating crimes but is more national security apparatus protecting the state.
Which makes no sense, because if you have a backdoor, it opens the way for adversaries to access your data. You don't improve your national security by weakening its encryption.
> they should also not have no clue at all. Over an over again, politicians are asking for backdoors. To me it just proves that they don't understand the very basic of how encryption works.
Unless you're claiming that it's literally impossible to construct a cipher with multiple decryption keys, I don't see how you're implying that asking for a backdoor "proves they don't understand the very basics of how encryption works".
Their stance differs from yours due to their values being different from yours, not due to inferior literacy.
It is impossible to construct a cypher with just one key, such that the good guys (spanning several allied nations, dozens of government agencies, perhaps even local police) can use the key, but bad guys (spanning several opposing nations, dozens of intelligence agencies, thousands of hacker groups, tens of thousands of individual cyber-criminals around the world) cannot. We are talking about every single person who can buy a copy of a piece of paper carried out of HQ being able to read all of your personal and professional correspondence: no doubt a possibility.
You're missing my point completely.
These folks very well understand that bad people can steal keys. Stolen keys have been a thing since antiquity. It's not rocket science they don't understand. Every single key in history has had a risk of theft and this is no exception.
The truth is a lot of them understand this just like you. But unlike you, they are willing to accept this risk. You aren't. That's fine. You have a value disagreement -- you don't think the risk is worth it, and they think it is. Which is why you make arguments about the merits of the issue, instead of attacking the other side on their basic literacy. Just because you disagree on values that doesn't mean the other side is stupid or illiterate about the basics.
This isn't about politeness either, it's actively counterproductive to your own cause: insulting people and showing that you lack a basic understanding of their position is a sure-fire way to make sure they dig their heels in and continue to oppose you regardless of the merits of the situation. i.e. it's a grest strategy for losing in the end.
This is spot on.
They're not concerned about their own security. They believe that they will have access to tools that will make them safe, but that "those people" will be deterred, and it is acceptable to give up some basic safety for many to catch "the bad people."
And, historically, they weren't necessarily wrong. The problem is more that all of the tradeoffs and probabilities from history have been thrown at the window, because it is now trivially easy to phish the majority of a population and getting a master key gives you access to hundreds of millions of individuals that you can reach from around the globe rather than a couple dozen that you can get to in person from a particular apartment complex.
Understanding encryption is not the problem. Understanding scale is the problem.
I don't believe that France is actually willing to accept that every opposing intelligence agency will obtain the key...
Maybe they don't think it's as likely as you think. Or maybe they think the time horizon is long enough that it is worth it. Whatever it is, I assure you they are not too stupid to realize this is a possibility. They just differ on either the degree of the risk, or on the value they get in return. In which case, logic dictates that if you believe the actual risk is higher than they would tolerate, to find a way to convince them of that.
That's a matter of facts rather than values. The "impossible promise" is that a private company can keep a kilobyte of data out of the hands of every spy agency on Earth for any length of time.
Why does this concern apply to the French intelligence agency but not, say, the code signing certificate for Whatsapp?
On one level it does apply to certificates.
On another level, pushing a compromised update to every phone in Europe (to gain access equivalent to having a copy of the backdoor) would be noticed by the publisher, and the binary difference would quickly be found by security researchers.
I think they think when that happens they'll change it. Or they'll change it on a schedule... "Just use HTTPS" is good enough for every website and web app on the planet (including ones that handle more messages than the entire country of France) but not a state intelligence agency can't keep their TLS keys secret?
"Just use HTTPS" sends French messages directly to NSA, insofar as those platforms are concerned. In that case there's not even a copy of any encryption key...
France is giving everything they receive to the NSA anyway, so there's not much difference.
And yet the immense majority of the population accept & use messaging platforms operated by "not France" where the operator would be able to obtain everyone's key with a couple clicks. (Yes, this includes Apple's).
That makes sense because it has been brought about as a consequence of consumer preference. It wouldn't make sense for it to have been required by the government.
Unfortunately, last time I heard, consumers actually dictate what the government cares about.
> It is impossible to construct a cypher with just one key […]
Technical nit:
I (mis?)remember reading in a cryptography book (by Schneier?) that the NSA has at least one algorithm where the decryption key is different than the encryption key, but my search-fu finds no references to it online. The application would be for devices in 'hostile territory' where there was a risk of capture of the unit and so you didn't want the other side to be able to alter data/firmware since the cipher that is available is decrypt only.
However, see perhaps:
* https://crypto.stanford.edu/~dabo/abstracts/traitors.html
* https://crypto.stackexchange.com/questions/39397/one-encrypt...
Also, see n-of-m algorithms:
the problem with backdoored encryption isn't making a cypher with multiple decryption keys. It's keeping secret that's worth billions of dollars and shared among 10s of thousands of people. The difference between backdoored encryption and no encryption is whether the backdoor is known to the public.
There is a coherent set of values that lead to saying "no encryption", but not one for "only backdoored encryption".
Could it be possible to make a cryptosystem where messages can be decrypted either with the recipient key, or by sequentially applying say, 100 different backdoor keys, such that the different backdoor keys could be stored on different machines without ever being present on the same machine?
If you increase the number of backdoor keys needed to decrypt by enough, and have these keys be stored only on hardware that is meant to make it infeasible to extract the key from it, and if these machines are distributed among a sufficiently large and varied group, maybe that could work as reasonable oversight to prevent the backdoor from being used outside of select cases?
Edit: to be clear, I don’t want this. Just trying to map out what positions could reasonably be held / what options there are.
> There is a coherent set of values that lead to saying "no encryption", but not one for "only backdoored encryption".
While I oppose building backdoors, I don't really agree with this claim. There's nothing incoherent about developing a threat model.
I think some threat models, like one that doesn't include hackers, are not coherent relative to reality.
A threat model can include hackers while not taking every action that could prevent every conceivable attack from a hacker.
Your government isn't the only one out there. If your government can have a backdoor, so can every other government. If the US, EU, Russia, and China all have backdoors to everything, who are you keeping it secret from?
The powers that can't pay? If the US, EU, Russia, China all have nukes to everything...
I upvoted because I don't think you should be censored, but I kindly disagree :-).
To me (and I think that's the position of cryptography-aware people), requesting a backdoor is a risk so high that it makes absolutely no sense.
Of course, they understand that if an adversary gets access to the backdoor, then it's game over. And of course, they believe that it's possible to prevent the adversary from accessing the backdoor. But that's my whole point: their believing this means that they don't understand the problem.
I've found the original debates video on the National Assembly website. My French is good enough for that (not enough for cooking et al. though), so I believe I understood. I'm positively surprised by some deputies remarks. But Bruno (interior minister) Retailleau is either totally incompetent technically, with his advisors as well, or is a liar. "We will apply the math selectively, only for those that are a threat and when the big brother approves"... In every country it's the same narrative. This time it was not about children, but "Freeing France from the drug trafficking trap" ("Sortir la France du piège du narcotrafic"). And it looks like it was not the main point and they tried to pass it as a minor subnote or something. ... They will find dozens of other issues to cancel the math.
https://videos.assemblee-nationale.fr/video.16453163_67dc786...
> I'm positively surprised by some deputies remarks.
Not personally surprised, but I agree, they talk sense and understand the matter quite well. Thanks for finding and sharing the debate video, btw!
> Retailleau is either totally incompetent technically, with his advisors as well, or is a liar.
Sadly, gotta agree here too. M. Retailleau seems off the mark. He looks (to me) like he speaking in good faith tho, and that he “just” doesn’t get it.
Nevertheless, he has a point when he mentions Apple and CSAM (Child Sexual Abuse Material). Apple has shown that using homomorphic encryption could be 1) actually practical, and 2) helpful on such matters. Cf. https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni... & https://machinelearning.apple.com/research/homomorphic-encry... & https://repositorio.fgv.br/items/047aca31-ccdc-45bd-a7d3-6c0....
Totally unrelated, but since you brought it up a bit, I find recipes written in French to usually be much higher quality than similar recipes I find in English -- enough so that I'll alter my country and language for search engines when searching for recipes, and for ChatGPT I'll ask the question French.
Modern translation products aren't too terrible to cook from. Especially if you know some French already, I think you'd get good results dropping your recipes into an online translator and trying to make the most of it.
What I had in mind is that I go to a local market every Sunday to buy some nice fresh food. But e.g. for the fish/meat I still only understand 1/3 or 1/2 of the names/terms. Nevertheless, I have read some lengthy tax code sections more than once in details... I do not cook like a French, and - oh - they cook really nice! :)
As a French, English is my default language for most queries on the web, but it wouldn't cross my mind to look up for a recipe in English. I also find that we have a lot of good science/maths youtube channels.
If searching for recipes in English, you need to add "UK" or maybe "Australia" to avoid the American recipes. (Avoiding US measurements and processed ingredients.)
But even then, there's still a lot of spammy or dumbed-down content. I look for sites I recognise.
Try German, too. I'm always amazed at the level of German writing, even by regular joes on forums and Discord, compared to for instance Dutch writing.
I might. I hardly know anything about the German language though right now. Do you have a rough sense of how much I'd need to study to be able to supplement with automatic tools and do something useful with German sources (50hrs, 500, ...)?
Probably closer to 50 than 500, assuming you've done something similar before and you have "native" proficiency with another germanic language. Honestly, just read the Dover First German Reader, watch a few TV shows end to end with captions a couple times, turning them off and on and rewinding whenever. Read some german-language forums, and watch some German language talks. That won't get you anywhere near conversational proficiency nor develop any speaking skills, but more than enough to get great value out of written text and a lot of talks, especially with some tools to help.
> Freeing France from the drug trafficking trap
This reason just like all the other reasons that have been used to try and strip away every shred of privacy that we have (think of the children, fight terrorism and so on) is complete bogus.
My mom was working as an admin person in a police station in France back in the 90s and from the many conversations she had with the cops, knowledge was never the problem. They already knew back then where all the drug hot spots were but truth be told there has been a lack of enforcement of the law.
Why you ask?
Simple, in most of the suburbs were drug trafficking happens, you have high unemployment, people low education and very few prospects for their future, so it has been said that the government has avoided coming down too hard on drug traffickers because they don't want these areas to erupt in chaos and start rioting.
In a way, the French government has used the drug money to indirectly buy social peace.
If the French government wanted to fight crime and get rid of these drug traffickers, it could simply legalize pot like in Germany and Canada and kill the black market.
Instead, it chooses once again to go after the sellers and the buyers. It makes zero sense because unless you are going to enforce the law by punishing the traffickers with the death penalty like in some countries, we know from all the data of the last 30 years that you cannot stop the flow of drugs.
We can't even keep drugs and cell phones out of jails/prisons, how is it that we think we can keep them out of entire countries?
The solution is simple, you legalize it and tax it and make it hard for kids to get it just like we do today with alcohol and tobacco.
That is the only sensible approach. What do you think the drug cartels fear most? The cops or legalization?
You think legalizing pot will solve the problem? Its the harder drugs that's where the money is. No country has legalized hard drugs.
It's still true today. A cop friend of mine told me "if you arrest all the drug dealers, the whole city will burn in less than 24 hours."
As a Frenchman, this really grinds my gears.
Our state is already one of the biggest arms dealers on the planet, and, like all modern nation states, fundamentally a coercive protection racket (note that I don't actually have a problem with coercive protection rackets. You remember that scene in The Godfather where everyone is thanking Vito Corleone as he saunters through the street? That's me thanking the French welfare state for taking my taxes and giving me universal healthcare and environmental regulation).
Why don't we just get in on the drug trade ourselves, undercut the dealers and start a government monopoly like Sweden has with alcohol?
> Why don't we just get in on the drug trade ourselves, undercut the dealers
That was tobacco, but they blew it by never going for alternatives nor providing healthier/better products. With the pharma knowledge we have now, we surely could have developed a legally acceptable drug with few enough downsides.
Otherwise, they are of course getting in on the drug trade, just not under the framework we'd want to:
https://www.brut.media/fr/articles/cocaine-11-policiers-juge...
Denying math has a tradition among politicians: https://en.wikiquote.org/wiki/Malcolm_Turnbull
The level of math and/or tech understanding in the French political "elite" is abysmal. These people graduated high school, and went on to college without doing any math AT ALL after 10th grade ("seconde"), and probably sucked at math even then.
And they have nothing but contempt for the people who do understand those issues ("les techniciens").
I think most of the people in the "making decisions" business don't really care about how or even if something is possible, they leave it as an exercise in compliance for the "boffins" and "les techniciens".
France has great engineering tradition. One of the left leaders is PhD in math. As I mentioned, multiple comments by members of National Assembly were quite educated. The problem is with key politicians having perverse incentives and misrepresenting bad things to the less educated public.
Vladimir Arnol’d (the famous Russian mathematician) touches on that subject in his essay « Sur l’éducation mathématique » <https://smf.emath.fr/system/files/filepdf/Gaz-78-Arnold.pdf> (in French; Arnol’d also taught in France).
According to him, mathematical teaching has become overly abstract, leading to students being disgusted by maths, seeing it as disconnected from reality. Some of these students then end up being ministers… Original quote:
« Comme de telles mathématiques scolastiques, séparées de la physique, ne sont adaptées ni à l’enseignement, ni à aucune application éventuelle à d’autres sciences, les mathématiciens se sont fait haïr des lycéens (dont certains ensuite sont devenus ministres) et des utilisateurs. »
France is in decay with incompetent and unpatriotic governments for decades.
It is facing many issues but has lacked strong leadership courageous enough to put country first. So, in fact, it is a fairly typical European country...
The spread of "narcotrafic" is an example of that, there are others. If you follow French news you'll see many.
I live in France for the last 5 years. Been to many places in the world. France is OK overall.
Well I am French. "OK overall" is obviously good but at global scale this means better than the "third world", so context is important.
The context of my previous reply is France's "direction of travel", which negative like most other European countries. This is a key metric on any meaningful timescale, which is what ultimately matters.
I beliebe you are talking about the first derivative. I want to believe the second is all right lately.
The scariest thing in France I've seen is ~20yo voting for Mel-the-leftist-egocentric-schmuck so that they could keep doing nothing but taxing productive people. Other that that the "direction of travel" is dual: either drown in the mire of ever increasing taxes or kick ass. My feeling is that France has everything for the later, but for some weird reason prefers the former. Yet, in the meantime, it's OK. And the very latest geopolitics headlines are nice, if they ever come true.
My original point was about individual rights. I'm glad the country stands firm on that.
I agree with you. On individual rights I would qualify that by saying that France has never been leading on them. The state is what matters and individual rights have always in practice been restricted to that effect.
I admit ambiguity, but I meant 180 opposite. I believe France is and has been the top at individual freedom. That perception is an important reason I'm there, so I acted on it.
> I believe France is and has been the top at individual freedom.
You could not be more wrong.
However, I am not surprised you would believe that: I have quite a few French friends who believe the exact same thing because they've all drunk the kool-aid that was served to them during their school years, namely that France is the country who invented human rights, freedom of speech, etc...
Nothing could be further from the truth (England is a way better approximation to "invented free speech" than France ever was, where do you think Voltaire discovered what Freedom really meant if not during his exile years in England?).
Even today, your average Frenchmen is dead convinced that freedom of speech in France is one of the best in the world and a fundamental value of French society.
If you compare it to Iran or North Korea, fair enough. But then go look up what happened to a guy named Dieudonne if you want a perfect example of there being no freedom of speech whatsoever in France.
Compared to global standards, France is really not high on the individual freedom / freedom of speech scales, but then you have to be able to properly compare things to make vaguely correct calls on such things.
And if you have never left your country nor master English well enough to understand what goes on outside your tiny cultural bubble, and you have been indoctrinated by the French school system since day one, it's a perfectly normal thing to believe.
Could you give concrete examples of situations where your freedom is restricted in France?
> Could you give concrete examples
I thought I already did, but here it is again
https://en.wikipedia.org/wiki/Dieudonn%C3%A9_M%27bala_M%27ba...
The dude kept on saying completely outrageous things on public channels, none of which should have been an issue in a country with normal free speech laws.
Here's another interesting case, where a TV channel was outright shutdown because they said things that the powers that be didn't like. I guess Moscow isn't that far east of France:
https://www.reuters.com/business/media-telecom/french-tv-cha...
Here's another interesting aspect of life in the land of stinky cheese: cash is by law legal tender, as in:
https://www.banque-france.fr/en/monetary-strategy/means-of-p...
However, it is illegal to buy anything with cash if the transaction is more than 1k euros:
https://www.service-public.fr/particuliers/vosdroits/F10999?...
These are just off the top of my head, the list is very long and quite sad.
Excuse me? C8 would be right in its place in Moscow, on the contrary. It's a propaganda channel owned by a billionaire FN backer. Cyril Hanouna is basically a Russian TV host that speaks French. The embodiment of bad faith.
At any rate, one of the main reasons was the repeated offenses of the channel, having beaten a record of fines, and never having done anything to correct their course. Fines are not a cost of operation, they are penalties for breaking the law. You can't break the law systematically and then cry about not getting your license renewed. Though I'm sure Hanouna has painted himself quite the victim in this affair.
These fines were often for things I think most people would view as legitimate, such as verbal assault, threats or hate speech.
About cash payments, I think you're making a caricature. From your source:
> There is no limit to the amount paid in cash between individuals (e.g. car purchase). Written text is required beyond €1,500 for to prove payments.
This written text is just a proof of sale, not a justification as to the use of cash or its provenience.
The 1000€ figure is when dealing with professionals, among other reasons to avoid VAT fraud. Many countries implement similar measures, often more stringent. Regardless, I'm almost sure your chauffagiste or mechanic will accept a cash payment of any amount. There is the theory, and then the practice.
I really struggle to see how this affects your life in any way.
> Excuse me? C8 would be right in its place in Moscow, on the contrary. It's a propaganda channel owned by a billionaire FN backer. Cyril Hanouna is basically a Russian TV host that speaks French. The embodiment of bad faith.
What you say may or may not be true, I wouldn't know, I don't watch French TV.
It is, at any rate entirely irrelevant: if that TV channel was advocating that people should tattoo a swastika on their forehead, they still should be allowed to do so, however retarded that is.
That's what free speech means, however horrible and shocking that may be to you. People are free to make up their mind about the channel and not watch it.
The government has strictly no business, in a truly free country, to decide who can and cannot broadcast.
> You can't break the law systematically and then cry about not getting your license renewed.
Why in heaven's name would you even need a license to run a TV channel? Do you need a license to create YouTube videos?
> I really struggle to see how this affects your life in any way.
This tells me you and I likely don't live the same kind of life.
But if you're happy living in a society where every private transaction you make is monitored by your government, hey, what can I say: more power to you, after all, complete and utter surveillance of the plebs is also what happens in Russia. They also likely think it's normal to have your every move monitored over there.
When you've lived your whole life in a prison, you end up not seeing the walls anymore.
I'm personally very happy I don't have to suffer living in a place like France.
> The 1000€ figure is when dealing with professionals, among other reasons to avoid VAT fraud.
Every coercive power there ever was has always had that kind of "won't you think of the children" or "this is for your own protection" bullshit message to wrap their coercion of basic freedoms in a nice package. This is no different.
I think this is naive regarding propagandists. These TV channels don't "express views", they manipulate and fabricate opinion to serve the interests of their owners (in this case a multi-billionaire industrial family with a far right ideology).
Rather than offer viewpoints, they suppress any constructive discussion and recenter the debate on bogus issues to rile people up and garner votes for populist parties that are friendly to their stakeholders. They are a poison to democracy. The riling up itself also has direct and violent consequences.
In such situations, the freedom of the perpetrators is at odds with the freedom of the victims. There is no solution that prevents a lion eating a gazelle that doesn't involve restraining the lion. As children are taught, "my freedom ends when the freedom of others begins".
I doubt any country in the world allows you to manipulate someone into murder and then walk away with it once the deed is done. Punishing hate speech is that but on a larger scale. I struggle to see the issue, really. The only matter of discussion is the definition of hate speech, but the principle itself is sound and necessary in my opinion (and of the majority of people who welcome that such laws exist).
By the way, you mentioned England in your initial comment, but the UK has similar laws in this regard. Were you thinking of the US as a freer nation? For having lived in both, I'll have to beg to disagree, I've never felt as surveilled as in the US. Private companies store your whole card number and any details you were unfortunate enough to share with a given retailer (such as email address) are shared across nation-wide networks. But it sure is convenient when WholeFoods knows you have an Amazon Prime subscription. Or does it not count when it's private companies, only the government?
You’re free to have your own beliefs about speech. Please don’t say that you believe in free speech, though.
This is pretty much the same way Americans view America, right? Dead convinced that American freedom of speech is the best in the world, even while people get their permanent residency revoked for making Israel look bad, and other people get denied entry for texting their friend that they aren't the best fan of Trump. It also happens to be the way North Koreans view North Korea (understandable for them, since they're shot if they don't).
How can you say that when individuals are not allowed to show religious symbols or wear religious clothing in any government-affiliated setting?
I don’t see how state-enforced irreligiousness (secularism/laicite) doesn’t completely contradict with individual freedoms.
Cela s'appelle la laïcité.
If you have problems with that there are so many 3rd world countries that care about medieval stuff more than development. I think laïcité is one of the coolest words/concept, France should only really enforce it further.
Whatever floats your boat. But claiming that France is the pinnacle of maintaining individual freedoms contradicts with a nanny state that polices religious expression. You can’t have it both ways.
Keeping religion out of the state is a good thing, the previous statu quo in France before that used to be that the Christians were policing everybody.
We can see now in the US how not having this concept is creating a lot of social issues with Cristian fundamentalists running the state.
There's a significant difference between separating the state's concerns from religious dogma, and restricting an individual's ability to dress in accordance with their belief system. I have wondered if jeans would be banned in France if one made a religion with only wearing jeans in public as its dogma.
And before I get any questions about it, I say this as a lifelong atheist.
It's water that floats anyone's boats. It's the physics+linguistics. The problems start when people try to substitute the meaning of things.
> France is in decay with incompetent and unpatriotic governments for decades.
What are you on about? What does the "unpatriotic" bit have to do with anything?
> It is facing many issues but has lacked strong leadership courageous enough to put country first.
Right. What would "putting country first" mean? France is doing what it wanted to do for decades, which is consolidating European power to its advantage. Is that what you consider unpatriotic? If so, I have bad news for you: France is a great country, but absolutely does not have the resources for its ambitions on its own.
> If you follow French news you'll see many.
If you follow sources related to reality in any way you’ll see that some things are getting better and some things are getting worse. What does not change is the agitation about safety and security to make people afraid of their own shadow, even as the situation is quite clear: the country is safer than it has ever been.
You have a valid point hidden somewhere, it’s that the people were shortchanged and that inequality is rising. You are badly misguided if you think that this has anything to do with patriotism. In fact, the people pushing this narrative have their own interests to look after in the class struggle. They might make you think that they have the same enemies as the people but they are just looking after their own. Just look at any country in which the local nationalists came to power.
> the situation is quite clear: the country is safer than it has ever been
False.
https://www.interieur.gouv.fr/content/download/135975/107672...
Crime is under-reported in France because most people know that wasting your time to go to a police station to report a small crime is basically useless as nothing will come out of it.
I have talked about it on this forum. I have had my car broken into multiple times in France, and each time I had to file a police report. Guess how many times the culprits were caught? A big fat zero.
So the statistics look good. But what about the reality? Do you think a women coming home at night is felling safer now than she would have been 30 years ago? I don't think so.
Not too mention the rampant Islamism that has taken over entire suburbs were women are not free to wear what they want and the cops don't go there unless they have the CRS (riot police) with them to protect them in case something goes wrong.
Though it is a good piece of news (and those are not that common nowadays), some caution about the political context is warranted here.
The National Assembly is very divided a the moment, and the Minister defending the backdoor amendment is from a minority party at the AN, that just happens to have majority in the other chamber.
Also, he is preparing for a presidential bid, and has a fair share of ennemies, both in and out of his party.
So, all in all, it was a relatively "cheap" move from the MP who voted against it :
- it's screwing up with a powerful opponent
- it's easy publicity given that "spyping in whatsapp" would made bad headlines
- there has not been a massive terrorist attack recently, so the measure will not look urgent.
I'm pretty sure that some of those MPs, asked to vote the same thing by a president of their party, after a terror attack, would vote for the backdoor.
France has rejected this backdoor but keep in mind that France is still in favor of chat control (mandatory on device scanning of your communication). There's now a majority among EU countries and the proposal is expected to pass. The next meeting is April 8th.
This seems like one of those situations that's going to turn regular people into outlaws. How could anyone vote in favor of something so foolish?
Also how would that even work, would your device get compromised by connecting to a wireless network inside French borders?
And as usual, the french politicians will change their tune in a few months and go on TV and say that the EU made them do it even though they did not want to.
France government is a minority government. The proposal their finance/interior minister do to the council of Europe is a minority opinion in France.
Ugh, no wonder they don't mind missing this one. Chat control is far more pervasive than what amounts to a digital wiretap.
The backdoor mandate was part of an anti organized criminality law, Bruno Retailleau (interior minister) pretend criminals use encrypted chat to communicate and so backdoor is required to intercept their communications.
makes sense to the average non tech people.
The sad truth however is that it wouldn't even solve the issue, criminals will always be able to use encrypted communications: there are open source software that can't be tampered with, software that doesn't use a single server where backdoor can be put, or they could even simply encrypt their text message.
i could do that from my mac terminal, encryption is basically mathematics. Bruno Retailleau isn't somehow going to put a backdoor in every device that could be used to encrypt. People even used to encrypt communications before computer.
The only looser of that law is the normie, you and me, who use whatsapp or signal to chat and couldn't ever push their relative to use things like pgp encrypted email.
>The backdoor mandate was part of an anti organized criminality law, Bruno Retailleau (interior minister) pretend criminals use encrypted chat to communicate and so backdoor is required to intercept their communications.
Terrorist attacks in Paris were coordinated using SMS and play station network.
Wouldn't law enforcement just use Pegasus style zero-days to spy on the their targets? So why all the hubbub about making backdoors that become vulnerabilities for nefarious users too?
Like why bother convicting Signal to create a backdoor for you, when you can put your nations geniuses to find some RCE bugs in Qualcomm or Apple modems or SoCs, and spy on them that way? This way nobody's the wiser.
Governments around the world do not want to stop at the identifiable target. They'd like to imitate the US and China, obtaining special deals with service providers that allow them to collect summary statistics and identify individuals computationally from the total of all communication.
Here are a few uses for total surveillance:
1. Public opinion can be monitored on a much more objective level than polling provides.
2. Discontent can be identified long before potential protestors are aware of others who share their views.
3. People whose views are significantly outside the usual range can be picked out and targeted in advance of any crime, even when no crime would occur.
4. Serious attempts at labor or protest organization can be resolved into definite schedules with more basis for comparison to other events than the participants themselves have access to.
5. There would be no more electoral surprises.
From this list, you may notice that states that are presently democratic have even more of a use for this capability than the others.
I suspect Five Eyes already has backdoors into Apple and Google and can remotely push compromised updates to specific targeted devices. How do you know the version of Signal you get from the App Store is the same as everyone else? Australia can compel engineers to implement backdoors, they can't refuse or even talk about it due to gag orders. They can then share that info with Five Eyes to bypass their own laws like they did with ANOM. Australia ran the operation specifically to bypass stronger privacy laws in the other countries. The Snowden leaks with PRISM, showing governments getting data straight from Apple and Google servers. Australia's latest encryption bill lets them force companies to give access to encrypted comms. Seems pretty plausible to me.
I think the interior minister pushes for the easier solution. What you talk about is most likely illegal currently (and law enforcement usually cannot do illegal stuff unless explicitly permitted by law and a supervised by a judge) and requires highly qualified staff. Hooking an AI to a backdoor is just easier and cheaper.
There are still methods that are unbroken.
Onetime pad: messages are encrypted using an key that has the same length as the message
An enigmalike machine: the enigma has some problems, but that can easily be fixed. If someone uses more complicated keys than AAA they should be safe from reading the messages.
I feel like they would reserve this type of hack to international criminal organizations (plus terrorists and bad countries) but not for smaller fish.
The smaller fish, as you say, could just talk in person like they used to.
the conversations seem to stay focus on e2ee good or bad; it’s important to question - is this the correct focus? Drugs should not be illegal in the first place; decriminalising them is known to have good results, (look at Portugal) it weakens organised crime and black markets, less costs for the justice system, less health issues and less need for public health money to be spent on dealing with resulting issues, the list goes on. E2ee is essential for a society to protect itself against internal threats like tyrants.
> Drugs should not be illegal in the first place; decriminalising them is known to have good results, (look at Portugal)
I have no knowledge on the impact of that policy. On the other hand bruno Retailleau said at National Assembly that this kind of policy doesn’t work. What happens is that there are expensive legal drug and cheaper illegal drug that organized criminals provide.
Hence there are more drug user but barely less income for drug cartel.
He gave for instance the tobacco example. It’s legal in France yet it’s so expensive that black market has never flourished so much.
Without knowing much about that subject, I must admit it makes sense.
Tobacco is expensive because the French government is using the taxes on it to make up the overall shortfall of tax revenue. See the budget deficit from last year.
Obviously the French government is saying that this is for health reasons but that reason has gone out of the window when a pack of smokes is 13 euros.
So the black market flourishes.
You can't keep increasing the price of a good without making sure that it can't be imported from elsewhere and since France is part of Europe and it no longer has any border checks, it very easy to smuggle cigarettes from Portugal or Spain.
This tactic of increasing the price of cigarettes or alcohol works in a place like Australia where it's orders of magnitude harder to smuggle things since stuff has to come either through airports or boats which are both watched carefully by the state.
Good point. Lots of reasons to love France. Also some good amount of things they get very wrong. Inheritance tax hitting the low class a lot these days, especially as house pricing is up through the roof.
While I generally agree with your position, this is the same unconvincing argument I've read for a long time.
Even if there is a specific criminal gang that is sophisticated enough to use a properly encoded open source application, the majority aren't, and there is enough of a overhead and annoyance factor that will allow the majority not to use them.
If any open source application gets enough people using it, there will be plenty of opportunity for the maintainers to be bullied into submission to the state. Then the fragmentation will begin ("You need to use this branch, that branch is compromised").
If 10-20% of your full time job as a criminal is keeping your communication encrypted, that's probably a win for the government.
You don't know how organized crime families are nowadays in France. French gangs are led by 3 "families". Or rather, 3 groups of families who now are friendly with each other and divided their territory nicely and stopped fighting each other ~7 years ago. You might catch some minor gang member trice removed from the Hornec (And i've heard the Hornec are not the leading family, too exposed, so i would guess getting to the true boss is even harder), but you won't catch any leader like this.
Your assertion that criminals are idiots or lazy might hold true in the case of the high school weed dealer but i'd argue strongly against that case for the international drug trade or traffickers. The more sophisticated the crime, usually the more money, the more incentive to keep it hidden. These laws aren't written about weed dealers, they're written about traffickers. The justifications are always the high level traffickers and related peoples, the people most likely to be locked down anyways.
And besides all that, let's invoke the slope, would you install a camera in your home? Even if you would, are you willing to force that upon every other person, regardless of their feelings or wishes?
Sure, let's think of the children. Can we also think of the potential future regime jailing/torturing all their political opponents? Why must we always be asked to think of only one side of the harms?
Even it would occupy them 20% of their time, the issue with such a backdoor is what it can do to non-criminals (ex: loose the backdoor to an enemy nation state that would allow spying on all citizens, or allowing some party to eliminate opposition).
I always find this "war on drugs" strange, considering they are so many buyers to make it worth. Annoy/treat/educate/understand the buyers, if enough people want something you will not make it go away by reducing supply. Or make it legal and make money from it as a state...
I would argue that organized crime benefits from economies of scale - and that's what they're saying this might somehow alleviate. It's really not that hard to find one OSS e2ee app that is only updated for severe security issues when you have millions flowing through.
Then the criminals will just talk in person about all the information they downloaded about us. ;-)
If the general public is given a choice between super secret internet messaging, or the current status quo, they will go for the latter. This is because the former hampers law enforcement's ability to track down criminals and terrorists.
And the better informed non-techies are about the tech, the more they will support backdoors.
No large service will survive providing E2EE. In the near future, there is bound to be some widely publicized incident where E2EE plays a pivotal role in a big atrocity or financial calamity. Then the public will demand that government, for whom it is already a worry, do something about it.
It just seems like a pipedream to me that unfettered E2EE will last in big tech.
"If the general public is given a choice between super secret internet messaging, or the current status quo, they will go for the latter. This is because the former hampers law enforcement's ability to track down criminals and terrorists."
I don't know where you live but that's not my experience thankfully. Why? Because the opinion is (including mine) that the vast majority of crimes should not be crimes at all (in this case all drugs should be freely available for adults to buy) and terrorist acts will happen whether you spy on citizens or not anyway.
That seems a plausible outcome. Pretty dystopian for sure, but plausible.
Sadly the cat is out of the bag, so banning it for the general public means that only the bad guys have it and they're already presumably doing illegal things so why do they care about using illegal software too?
E2EE is very much in the interest of providers, because if their systems are breached in a cyberattack, E2EE is the only thing that stops that stolen data being useful. People can be educated about that.
Terrorists used planes as the key part of the attack in 9/11, and nobody called for a ban on all air travel. It’s not a forgone conclusion people will be fine keeping E2EE!
Judging by post 9/11 airport security SOP, if an alternate means of mass transport had been as fast as air travel, America would have banned commercial flights forevermore on 9/12.
The only benefit E2EE messaging offers the public over partially encrypted messaging is a lower chance of being spied upon. That's nice, but intangible.
> provision that would have forced messaging platforms like Signal and WhatsApp to allow hidden access to private conversations.
The fact that this could have been possible is the reason why the pgp/gpg way (you manage your certificate and you choose whose certificates to trust) is still the only way to have true encrypted communications.
Using centralised services to encrypt important data is a joke.
PGP/GPG by default have no perfect forward secrecy though.
In Signal you can check the certificates checksums in conversation settings, to compare them e.g. when physically present to the other device.
There are other solutions that use Signal protocol or that have PFS that are decentralized. And you can build your own, it's open source at the end.
Signal stated already that they would sooner exit certain markets than violate their security (e.g. https://swedenherald.com/article/signals-ceo-then-were-leavi...)
If you keep your messages around in some form then that effectively defeats forward secrecy. In any case where the attacker can get your secret encryption key material, they will be able to get any messages you still have access to. Most people want to keep their old messages around. So for messaging, forward secrecy is of little practical value. If you do keep your messages around, then PGP's encrypt once[1] scheme is much better than what most other systems do. The message is encrypted and stays encrypted. It is never in a decrypted state unless the user wants to look at it. This normally involves the entry of a secure passphrase.
Contrast that with typical instant messengers where the security of retained messages is entirely up to the device security. The implementation of a forward secrecy scheme ironically makes this more likely. Once the session key is deleted, the easiest way to keep the message around is to leave it as plaintext. So the user either has to turn on self deleting messages and lose those messages, or has to leave those messages available to potential attackers.
BTW, "forward secrecy" is a terrible term for usability. Something like "message burning" much better fits with a typical users conceptual context.
There's a form of deniable authentication where you have the ability to forge the signatures of messages once you receive them, so you could alter them on your device.
It's irrelevant, though, because no chat app actually has this feature, so no criminal does it. And the cops don't go by the encrypted bits, anyway - they go by what it says on your screen, or their screen. (Which does mean that if you hack into your own app's database and forge messages, you can convincingly incriminate people, yes) Research into deniability protocols is cool research, but with no relevance to the real world of cops vs robbers.
Yes, if you care about forward secrecy then pgp is not a good solution.
> Signal stated already that they would sooner exit certain markets than violate their security
You still need to rely on a third party's goodwill to keep that promise. Also even if they are willing to keep the promise it is possible that they won't be able.
The point was not really about using PGP specifically but referring to its web-of-trust model, I believe.
Forward secrecy does not require centralized key distribution and/or trust lists.
I’ve lived and worked in France for three years. There are many things I’ve learned about it, some good some bad, but certainly one of them is that France is a country that can show real leadership.
Any grouping (such as nation) of individuals arises from some loss of freedom, income and privacy for the individuals. The loss of individuals or the contribution is the element that powers the nation or a community. 100% privacy means zero privacy-related contribution towards legal enforcement. So the question is all about striking a balance between loss of privacy and the need for legal enforcement. The negotiations would continue, to arrive at the acceptable/needed level of privacy loss.
The problem in this case is that the actual criminals will just move to a more obscure, properly encrypted solution, and as such the normal population that uses Whatsapp, Telegram, Signal will be the only users being monitored.
In 2017 Copenhagen had a wave of gang shootings with 1-2 daily fatalities during the worst weeks. That is nothing compared to the most violent US cities but it was completely unprecedented for a Danish city.
The gang warfare was stopped by massive police surveillance operations. This included military surveillance and signal intelligence planes [1] and helicopters to aid the police.
It worked. I know it goes against left-libertarian talking points on HN/reddit to suggest that police and surveillance can actually stop crime but it did in 2017 in Copenhagen.
Looking at the gang problems still facing Sweden I'm fine with Danish authorities going full surveillance mode back in 2017 instead of letting the gang violence grow to Swedish levels.
[1]: https://www.berlingske.dk/samfund/politiet-tager-nye-vaaben-...
I don't think anyone is opposed to police surveillance at least in public areas or with some warrant.
The questions are 1) proper judicial oversight in the latter case and 2) governments making it illegal for anyone to distribute more effective (assumed) privacy
Tangentially, France has had the CNIL [1] since ~1978, following a scandal about creating a national citizen's database, and exists to prevent exactly that. (I believe the objection stemmed from memories of the Petainist fascist regime during WW2)
The CNIL is why France (and now Europe) has "Right to Forget" laws. It is the direct ancestor of stuff like GDPR.
Unfortunately, I feel like the CNIL is fairly neutered nowadays. Nevertheless, it serves as historical precedent, for those who remember it exists.
[1] "Commission Nationale de l'Informatique et des Libertes" ~= "National Commission of Computing & Liberties"
This goes well beyond historical precedent. The legal system is complex, but even when Parliament approves a law, it can still be struck down if it violates fundamental principles.
For matters concerning IT and privacy, the CNIL (French Data Protection Authority) could spearhead such cancellation proceedings.
And companies doing business in France should watch out—CNIL sanctions are no joke!
Are there specific events making you feel it has been neutered?
I wonder if not having such state database is not causing today more issues than it defends from.
In the 80s I would get it, the state was the only one able to build such a database and people were afraid of what it would do secretly with it. Nowadays, "everybody" has a database with millions of people (ex: facebook, linkedin, x, tax offices, etc.) and discriminatory actions are done based on whims/stupidity rather than on actual good data.
People will do horrible stuff because they believe in it, not because they have good data.
The CNIL is doing a ton of work to limit private databases and cross-checking as well.
It can be hard to believe from more business focused countries, but the agency setting precedents has had dissuasion effects, and most companies do end up caring about their data retention and management policies. I've been in enough meetings where UX proposal gets entirely reworked because of a simple link to the CNIL's guidelines.
I checked the list of the fines (https://www.cnil.fr/fr/les-sanctions-prononcees-par-la-cnil). They are definitely doing good things, but they do not seem to be very active to prevent companies to gather large databases if they can give some reason (ex: facebook / linkedin / etc.).
And I am fine if your opinion is that less data collection is better everywhere, but this idea should be applied to everybody (government & private entities). My opinion is that if you fear much more the government than private entities you give those private entities an advantage.
Linkedin has been fined for their use of personal data for ad purposes (albeit through the RGPD framework after the CNIL passed the case to them):
https://www.lemonde.fr/pixels/article/2024/10/24/donnees-per...
Facebook is also targeted under the RGPD, we've been amply seeing the news. The CNIL doesn't need to be doing everything either.
There is and will be no silver bullet completely stopping companies from building databases. I see having an active agency responding to user feedback as at least a decent counterbalance to it, when it's a complete shit show in so many other countries.
> government
Right now the government having extensive databases allows people to manage all their health payments and data in one place, including any hospital getting access to their full history when they're brought in pain barely able to speak. That also includes ease to vote on the net within minutes, check school records on a standardized site etc.
It's not perfect and probably abused in some way, but right now the net benefit at scale largely overshadows those IMHO.
Registration as an expat in the Netherlands is much smoother than in France, for things like taxes, health, pension stuff, municipality stuff, etc. (not to mention at the time I did in NL I did not know the language and I know well French). You basically register in one place and lots of things are pulled from there when needed by other branch of government.
In France at almost each new authority I interacted with I needed to provide again the same information, while for all intents and purposes the government has it already (just that in another database).
My impression is that lot of effort is wasted due to duplication (including verification, updating, lack of cross referencing) and not sure why (if the case is that "we have N databases because people can't get together to agree on one", that would make some sense ...)
Backdoors are too much of a security risk for the people. The solution is to provide the data upon a search warrant from a judge who determines a reason for suspicion of a crime. That's it. The government pushing for more than that is becoming a new security problem.
> The proposed law was a surveillance wishlist disguised as anti-drug legislation.
So the fact that people break one law which violates their basic human rights, the right to privacy and to decide over what they put in their own bodies, suddenly becomes an excuse to violate their right to privacy even further.
The dumb thing is you know the USA has a backdoor onto everything, probably including Tiktok by now. European states are trying to play fair when everyone else broke the rules a long time ago.
What we really need is a European social media company to use instead of this US dominated **show.
Chat Control may well give them a second bite at the cherry, if it get through.
It keeps getting resurrected with slight variations, and if passed, then they'd be obliged to implement some form of back door.
So I guess all one can say is that the war continues, just one battle has been won.
I would reject a backdoor man date too, but to each their own.
France is shining brightly on many levels at the moment.
They keep trying to impose an all seeing all knowing state and people here have already bought into the "age verification, think of the children" rethoric.
After seeing how gleefully people accepted totalitarian anti constitutional covid laws, It's omly a matter of time. Wait for the next "crisis".
Good one for France, though.
Just don't ask what happened to Telegram :)
Probably just step one of a multi step journey toward European wide mandatory backdoor.
This is a good reminder that regardless of what country you hail from, freedom and liberty are like love — continuous activities that you do every day, not something that you achieve once and then you're done. There will always be those who wish to consolidate more power to themselves than is good and always those who wish to impose their will on others. These people win if you, specifically you reading this, don't do something. So always choose to do something.
Am I the only person giggling at this headline?
I forsee that the future will bring us LLMs that can reasonably precisely find incriminating chats while keeping everything perfectly unreadable for those naughty untrustworthy humans.
Vive La France!
this was a battle not the war, they will come back sooner or later.
Seems so many in government are incapable of asking "are we the baddies?".
Scum rises to the top in our system