100%? Impossible. But they can effectively ban it.
Pass a law that makes any US company, or company doing business in the US, not allowed to host E2EE-enabled apps. This now bans them from the App Store and Play Store. 99% of users won't find or choose to side-load for android users. Then they can make E2EE actually illegal to distribute in the US. They'll almost never bother going after individuals, but this effectively makes hosting a US-based website unable to distribute E2EE programs. So people will need to use foreign sites. Which the US can force ISPs to block via a whack-a-mole on individual sites.
This isn't very likely, but hell Congress was decently close to banning TikTok for no real reason so who knows?
Oh yeah. There'd either be carve-outs or congress would just knee-jerk against encryption (like they've nearly done before) and deal with the consequences later.
Care to explain the difference? Google is struggling to bring up adequate definitions for carve-out, or why it's different to caveat, and I see multiple sources using both, sometimes interchangeably.
I mean, you're the one claiming dumb Americans can't pronounce English.
Caveat is a noun. It's a really old word, literally from ancient Latin meaning "let him beware." Basically a warning, often noting that while something may seem great, there is often a notable problem.
A carve out is a simple compound, and typically a verb, but can be used as a noun as seen above. It notes an exception (typically to a policy, practice, or law), often one specifically framed to benefit a specific group, at the expense of others.
For example: "Congress' new law creates strong regulations for CO2 emissions, but before you get excited, there's one caveat: there are carve outs for automotive manufacturers, who won't have to abide by those regulations until 2030."
Not only apps and screenreaders. Some legit browsers too.
I have a browser that basically does not let the website know what or who it is ( user agent is a random number ) and cloudflare just flat out refuses me from viewing websites.
Fine cloudflare hosted website, keep your secrets!
They're all uppity that to use cloudflare proxy they have to terminate the ssl connection there. So technically cloudflare can sniff all the traffic. But that's kind of the point of WAFs and Reverse Proxies.
I would argue that the sheer amount of data throughput that Cloudflare has, you'd have to really be on a list to be monitored... and they certainly cannot just log all data willy nilly.
I suppose this one is quite simple. How can they cache, if they don't MitM the connection? I don't think it would be technically possible. If you want the cache/CDN you just need to use a company you trust. If you don't trust them then you don't get the cache/CDN.
Correct. But people are viewing the DDOS protection, Cache, WAF, etc... functions as evidence that Cloudflare is obviously malicious and storing 100% of all data traversing them.
I've seen no evidence of that yet, and will certainly discontinue use of them if they show such tendencies. Until then, I will absolutely leverage their platform for my use as a paying customer.
I do understand the fear with their free platform though... They've gotta make money somehow, and I feel there's probably a fear that is data collection.
I think my issue with cloudflare is not that I think they will compromise my data through their proxy to steal my passwords or go through my data, but that it seems quite likely given their ubiquity that the three letter agencies or similar have backdoor.
It's similar with say Google, i.e. I probably trust cybersecurity at Google more than at bitwarden. Unfortunately Google mines the shit out of my data (shitty but not dangerous) and will probably hand over stuff to some authoritarian government if they asked for it (physically dangerous).
I might be missing something but the document seems to be comparing Cloudflare to the great firewall of China and calling them criminal because of things they could potentially do?
On the other hand I got a different protocol (& implementation up and running) that can be used right away. It's like IPFS but easy to "install" (a double click and a port forward is all that's needed), you are also in control of your data and of course you can change the data without changing the link.
Don't get me wrong, IPFS paved the road. But today we have better ways to do things.
I just use a DigitalOcean VPS. $6+tax a month, plus some other self-hosted services. Don't have to worry about being connected to home or buying a Pi. Still may be more expensive, but not by much (only $4-$6 more expensive depending on how much you use the internet), but this also allows you to setup your own DNS if you want as well.
I don't know how the government will be able to effectively ban E2EE and honestly I want to see them try
100%? Impossible. But they can effectively ban it.
Pass a law that makes any US company, or company doing business in the US, not allowed to host E2EE-enabled apps. This now bans them from the App Store and Play Store. 99% of users won't find or choose to side-load for android users. Then they can make E2EE actually illegal to distribute in the US. They'll almost never bother going after individuals, but this effectively makes hosting a US-based website unable to distribute E2EE programs. So people will need to use foreign sites. Which the US can force ISPs to block via a whack-a-mole on individual sites.
This isn't very likely, but hell Congress was decently close to banning TikTok for no real reason so who knows?
It seems like the great firewall in china, really scary times for the freedom of the web
More like the midly warm pot, as vpns will still be legal
https://mashable.com/article/montana-tiktok-ban-what-to-know
Montana's GOP didn't get the memo that it's a stupid idea.
I'm confused though. Don't banking/ finance apps require E2EE ?
Also Password Managers, VPNs? Do these apps not need E2EE by default?
Oh yeah. There'd either be carve-outs or congress would just knee-jerk against encryption (like they've nearly done before) and deal with the consequences later.
Why do Americans say carve-out, is it because illiterate TV media personalities couldn't pronounce caveat?
Because they mean different things.
Care to explain the difference? Google is struggling to bring up adequate definitions for carve-out, or why it's different to caveat, and I see multiple sources using both, sometimes interchangeably.
I mean, you're the one claiming dumb Americans can't pronounce English.
Caveat is a noun. It's a really old word, literally from ancient Latin meaning "let him beware." Basically a warning, often noting that while something may seem great, there is often a notable problem.
A carve out is a simple compound, and typically a verb, but can be used as a noun as seen above. It notes an exception (typically to a policy, practice, or law), often one specifically framed to benefit a specific group, at the expense of others.
For example: "Congress' new law creates strong regulations for CO2 emissions, but before you get excited, there's one caveat: there are carve outs for automotive manufacturers, who won't have to abide by those regulations until 2030."
All the government needs is copies of the keys. Encryption remains in place for everybody else, so it is ... Plausible.
All these encryption bans are specifically encryptions thee governments cannot decrypt.
Ah that males sense. Thanks for clarifying.
its like banning math
Tories are just trying to kick up as much shit as possible before they're kicked out so they can blame the next party for the fallout.
Seems like something politicians who have not touched a computer would try to pass
You really think things will be different if you're under a different colored heel? 🤣
What's cloudflare done?
Cloudflare has human checks before you can access some sites. Some apps and screenreaders no longer work with those sites.
Not only apps and screenreaders. Some legit browsers too.
I have a browser that basically does not let the website know what or who it is ( user agent is a random number ) and cloudflare just flat out refuses me from viewing websites.
Fine cloudflare hosted website, keep your secrets!
They're all uppity that to use cloudflare proxy they have to terminate the ssl connection there. So technically cloudflare can sniff all the traffic. But that's kind of the point of WAFs and Reverse Proxies.
I would argue that the sheer amount of data throughput that Cloudflare has, you'd have to really be on a list to be monitored... and they certainly cannot just log all data willy nilly.
I suppose this one is quite simple. How can they cache, if they don't MitM the connection? I don't think it would be technically possible. If you want the cache/CDN you just need to use a company you trust. If you don't trust them then you don't get the cache/CDN.
Correct. But people are viewing the DDOS protection, Cache, WAF, etc... functions as evidence that Cloudflare is obviously malicious and storing 100% of all data traversing them.
I've seen no evidence of that yet, and will certainly discontinue use of them if they show such tendencies. Until then, I will absolutely leverage their platform for my use as a paying customer.
I do understand the fear with their free platform though... They've gotta make money somehow, and I feel there's probably a fear that is data collection.
I think my issue with cloudflare is not that I think they will compromise my data through their proxy to steal my passwords or go through my data, but that it seems quite likely given their ubiquity that the three letter agencies or similar have backdoor.
It's similar with say Google, i.e. I probably trust cybersecurity at Google more than at bitwarden. Unfortunately Google mines the shit out of my data (shitty but not dangerous) and will probably hand over stuff to some authoritarian government if they asked for it (physically dangerous).
You can also turn off all the features with a single click and Cloudflare will just be your nameserver.
No high-profile cases yet, but some people are already concerned: https://crimeflare.eu.org/
Doesn't load, maybe they need Cloudflare lol (i'm joking don't send me to internet hell) Wayback doesn't seem to work with it either
Don't tell me Lemmy is big enough to execute hugs of death lol
Nah from Wayback looks to have been a problem for a while for them
I might be missing something but the document seems to be comparing Cloudflare to the great firewall of China and calling them criminal because of things they could potentially do?
Only works on http, and just redirects to https://0xacab.org/dCF/deCloudflare/-/blob/master/README.md
It would help if that site wouldn't look like it was written by some crazy person trying to make a shitpost...
Maybe they should sue Cloudflare for automatic HTTPS if they don't know how to configure a webserver
Site appears to be down. What is this for?
Guess I'll just have to touch grass.
Google, try pulling data from me being at the park when my phone gets left at home!
I knew I kept the glasses and mustache disguise for something
Amazon Ring cameras: Hello
They'll getcha through the parking lot camera, and the traffic cameras on your way there
What about a fully encrypted peer to peer web?
Let's go Veilid!
Yeah I cheer on this one!
On the other hand I got a different protocol (& implementation up and running) that can be used right away. It's like IPFS but easy to "install" (a double click and a port forward is all that's needed), you are also in control of your data and of course you can change the data without changing the link.
Don't get me wrong, IPFS paved the road. But today we have better ways to do things.
Which protocol ?
Tenfingers sharing protocol, working copy & info on tenfingers.org
Like freenet?
PiHole ftw!
AdGuard or NextDNS ftw!
If you're tech savvy enough to set up PiHole you can also set up a Wireguard VPN.
I just use a DigitalOcean VPS. $6+tax a month, plus some other self-hosted services. Don't have to worry about being connected to home or buying a Pi. Still may be more expensive, but not by much (only $4-$6 more expensive depending on how much you use the internet), but this also allows you to setup your own DNS if you want as well.
I know. That's the upper limit. If you use too many queries, it's $2 a month. Hence $4-$6 dollars.
Price is not really a factor, as you already have a machine running PiHole. Never tried NextDNS, but I can't imagine it being easier than Wireguard.
Does something like Wireguard increase traffic? I'm thinking if it'd make problems for when you have low connectivity and bandwidth.
You can set the DNS for your device as well
Web DRM could in theory ban this
I don't doubt that at least the EU certainly would, but will they be fast enough to prevent irreversible damage?
It's the ultimate showdown of ultimate destiny
GoodBad guys, Bad guys and explosions; as far's the eye can see.Great stuff but isnt this nsfw? Should we be seeing a tag?