I wonder where platforms like slack would land in all of this, and how would they go about akeeping people from just using their own encryption e.g. pgp over unencrypted channels? Is public key cryptography too weak to matter?
Slack is not end-to-end encrypted and belongs to a US company. So there is no need for ChatControl there: the US government already has access to everything that is written on Slack.
I believe they are referring to using GPG to encrypt data before putting it into Slack, much like using the out of band OTR. In that case all the data shared between those using GPG or OTR would only be accessible to those with the right out of band keys. There are probably not a lot of people doing this, or not enough for governments to care. I do this in IRC using irssi-otr [1].
If that ever became illegal because encryption then groups of people could simply use scripts or addons to pipe through different types of encoding to make AI fuzzy searches harder. They can try to detect these chains of encoding but it will be CPU expensive to do every combination at scale given there are literally thousands of forms of encoding that could be chained in any order and number.
palata|5 months ago
Bender|5 months ago
If that ever became illegal because encryption then groups of people could simply use scripts or addons to pipe through different types of encoding to make AI fuzzy searches harder. They can try to detect these chains of encoding but it will be CPU expensive to do every combination at scale given there are literally thousands of forms of encoding that could be chained in any order and number.
Mon -> base64 -> base2048 [2]
Tue -> base2048 -> base131072 [3]
...and so on.
[1] - https://irssi.org/documentation/help/otr/
[2] - https://github.com/qntm/base2048
[3] - https://github.com/qntm/base131072
varispeed|5 months ago
This is completely unacceptable.
naijaboiler|5 months ago