> The Armed Forces, on the other hand, are negative and write in a letter to the government that the proposal cannot be realized "without introducing vulnerabilities and backdoors that can be exploited by third parties

First time I am seeing an organization against this. Kudos to them for standing up.

FYI the EU wide proposal to scan all your private messages using an AI agent on your devices also originated in Sweden by EU Commissioner Ylva Johansson in 2022.

> EU Commissioner Ylva Johansson has also been heavily criticised regarding the process in which the proposal was drafted and promoted. A transnational investigation by European media outlets revealed the close involvement of foreign technology and law enforcement lobbyists in the preparation of the proposal. This was also highlighted by digital rights organisations, which Johansson rejected to meet on three occasions. Commissioner Johansson was also criticised for the use of micro-targeting techniques to promote its controversial draft proposal, which violated the EU's data protection and privacy rules.

You know it's a banger proposal when even the Swedish armed forces tells you "Please don't".

Signal is headquartered in the US and presumably has no employees in Sweden (and perhaps the entire European Union).

There is utterly nothing the Swedish government can do to stop Signal except for pressuring app stores and/or ISP-level censorship. Preemptive surrender is extremely disappointing, especially for a non-profit - there isn’t even any revenue that can be ‘fined’ by the EU!

While I don't personally agree with the law, I genuinely hope we witness a major corporation withdraw from a market just so we can finally observe the concrete impact of these types of threats. (Even though their position is understandable in this particular case.)

Unlike a certain big tech giant who pretends to care about privacy until it cuts into their profits.

What would even be the point of Signal if there’s a backdoor? This isn’t just principled, it’s necessary for business.

It seems like a lot of these proposals are coming out of Europe—assuming I’m not mistaken (and I may well be), why is Europe cracking down so much on privacy?

Just in case you are counting, there's another proposal in France to force backdoors:

> At Tuta, we are deeply concerned about the proposed amendment to the so-called "Narcotrafic" law, which would force encrypted communication providers to implement backdoors for law enforcement. This would threaten everybody’s security and privacy and could be in conflict with European data protection legislation and Germany's IT Security Act. We urge the French National Assembly to reject this dangerous amendment. A backdoor for the good guys only is not possible.

> France is about to amend a bill against drug trafficking, the “Narcotrafic” law, which will force encrypted messaging apps like Signal and WhatsApp to backdoor the encryption for being able to hand over decrypted chat messages of suspected criminals within 72 hours of the request. In order to enforce it, the text provides for a “fine of EUR 1.5 million for natural persons and a fine of up to 2% of the annual world turnover for legal persons”. The amendment has already been passed by the Senate and is now moving fast to the National Assembly.

https://tuta.com/blog/france-surveillance-nacrotrafic-law

Swedenherald and their 807 vendor buddies value your privacy.

Original article (in Swedish, but the interview with Whittaker is in English): https://www.svt.se/nyheter/inrikes/signal-lamnar-sverige-om-...

What is the state of peer to peer messengers with E2EE? Over ten years ago, Bittorrent Inc. (now Rainberry and Resilio) made a serverless chat client (Bleep IIRC). But I don't think there is anything new that is also user-friendly? (Drop-in replacement of WhatsApp, Signal, iMessage, etc.)

Some background: Lots of stories in the media in Sweden recently about how murders are now ordered via chat apps. Today in fact, there was one about a Snapchat murder. https://www.aftonbladet.se/nyheter/a/8qL3A1/uppgifter-missta...

It is incredibly dangerous to add this kind of functionality to anything. I also believe that this request is illegal with current European legislation.

> The Armed Forces, on the other hand, are negative and write in a letter to the government that the proposal cannot be realized "without introducing vulnerabilities and backdoors that can be exploited by third parties", reports SVT.

What is the meaning of this paragraph? Did someone from Sweden's own armed forces write to the government to dissuade them from the initiative?

I know this is a very unpopular take on HN, but coming fra Scandinavia id like the police to have a system to scan for child pornography etc. We trust our gov. Hard to believe I know.. I’m not sure if it would be technically possible to design a system where the backdoor could really only be used by the gov somehow

Apple did the right thing in the UK. This means that neither politicians nor the military will benefit from E2EE, while it's clear that they wished that just the plebes would be affected by this.

Maybe all IMs should then drop encryption altogether, bringing us back to the stone age of clear text messaging (email sent unencrypted between MTAs).

Because this "please let them use encryption, but let us peek around it" just doesn't feel right.

And people say the US is authoritarian. You can't burn books in Denmark without going to jail and now Sweden wants to spy on all your messages.

I wonder if there is some connection between the more-spying direction of policy to Sweden's recent entry into NATO ("after 200 years of non-alignment"):

https://www.nato.int/cps/en/natohq/news_223446.htm

I certainly hope they don’t install any kind of backdoor, because they will give unfettered access to the fbi, and they will likely use that to hunt down marginalized groups (trans women) to eliminate them.

Interesting that the Swedish military agrees it's a bad idea.

Which bill are they talking about? Chat control?

How are these politicians so clueless?

There is a reason why Free Software (as in freedom) was invented: To ensure that those who create the software do not overpower those who use the software. The idea, that companies or politicians can force the user's machine to work against it's owner, is wrong. And it is wrong, because to be a human in the 21st century means in most cases, that your digital devices and your digital interactions are a core part of who you are as a private person. Invading the privacy of one's digital space is a violation that goes as deep as reading someone's diary when we look back and the time when life was more analog.

The solution to this conundrum is to decentralise these services, i.e. run your own XMPP server for your family and friends. Keep your own data where you can 'see' it, on 'the server under the stairs' with some distributed backups to 'devices under different stairs'.

This is no pie-in-the-sky statement, I've been running such a server for years and have installed several for others. System requirements and maintenance are minimal - you can run Prosody on a Raspberry Pi 1B if needed. Availability and reliability are high, it basically works as long as network connectivity and storage are available. The user experience largely depends on the client applications where Conversations on Android is probably the gold standard and in many ways comparable to Whatsapp.

When using OMEMO the server admin does not have access to cleartext communications so assuming clients are configured correctly there is not much to be gained from raiding the server. If some government entity wants to snoop on communications they'd have to gain access to at least one of the client devices since encryption is handled locally. Instead of backdooring centralised services run by Whatsapp or Signal or Telegram they'd have to get to a multitude of servers-under-stairs and client devices which makes it infeasible to use the 'dragnet approach' which is most likely the intended outcome of these backdoor laws.

Some decades ago at I heard Jello Biafra repeat his statement not to criticise the media but to become the media. This has happened, the (current incarnation of) legacy media is running on its last legs and has been overtaken by 'new' media. Here's a corollary to this statement:

Don't criticise the service providers, become the service provider

Use the internet as it was meant to be, a network of networks. Lots of networks, each running their own services with 'secure' communications between those services. I put secure in quotes because there might be a chance for some TLA or other organisation to break the encryption on one of those communication links. Even if they managed to do so they'd gain access to only a small fraction of the communications going on around the 'net.

But advocating for distributed communications only aids and abets criminals, won't you think of the children?

When guns are outlawed, only outlaws have guns. Criminals already use these services (and some of them have been broken/backdoored) so this is nothing new to them.

But you can't expect grandma to run her own server

No, I don't expect her to do so, she can use yours instead.

But but but but

You're starting to sound like a chicken.

Running this stuff is not hard. If you know how to do it, do so and help others to get started. While you're at it you can help them to secure their networks against intrusion by their service providers as well by making sure the ISP connection terminates at a router managed by the device owner, not the ISP. There is no reason to give the ISP access to your LAN since that only creates an incentive for those government entities to force the ISP to give them access to customer networks. The ISP should be used as IAP - internet access provider - and only be allowed to see whatever traffic you allow out of your network, not what goes on inside of it. That, though, is something for another post, another time.

I've been running services like this for decades, this works, it is not difficult and does not take that much time. It has only gotten easier over time, hardware has gotten cheaper and smaller, power use has gone down, performance has radically improved. This is not a pipe dream, it has been first my, then our reality for more than 30 years.

Don't criticise the service providers, become the service provider