I’m so sick of being stressed about the same thing over and over again. There needs to be a large scale investigation on the people that keeps trying to push this. I’m shocked there isn’t a constant media outrage to match these attacks. And I don’t hear anybody talking of codifying encryption integrity neither. It’s always just privacy experts discovering such attacks at the last minute seemingly by chance and trying to rally people against it in time. Does nobody in positions of power who care to stop these?
I’m shocked there isn’t a constant media outrage
The media is generally owned by very wealthy people and, as a result, reports in ways that benefit the rich and powerful. Centralization of media is very bad for democracy.
Media targets the average citizen. Average citizens won’t easily understand the ramifications, so the media writes on clickable stories instead.
Media could just oversimplify it: „the EU wants to know what porn you watch“, „this law allows your country to grab all your passwords“.
Write that article and post it in a blog. Use ChatGPT if you need to. Bang, you’re the media.
I mean, you’ll want to do all the SEO things to drive your hit rate, but this ain’t the old days anymore where major media conglomerates control the news.
You can simplify and explain without being oversimplifying or lying.
My dude the Crypto wars get wheeled out again every few years and has for decades at this point. It’s so tiring.
I haven’t had a chance to check anything yet, but given who (Mozilla) is reacting and how, I suspect this is just another case of EU authorities acting to protect their citizens from (American) corporate abuse
I haven’t had a chance to check anything yet, but given who (Mozilla) is reacting and how, I suspect this is just another case of EU authorities acting to protect their citizens from (American) corporate abuse
Not in this case. I suggest you read the open letter (which is signed by 335 scientists and researchers from 32 countries so far).
Or, do you consider it to be corporate abuse when Mozilla prevents governments from using their certificate authorities to launch MITM attacks and impersonate websites for the purpose of intercepting internet traffic? Because that is what we’re talking about.
Until I find the bloody proposal that none of it’s detractors seems to dare link to, I’m going to assume that I, as a citizen of EU, has a clear and present interest in not having Mozilla et al using their control of our browsers to block government services.
I can do without my browser suddenly deciding that it doesn’t trust the fire department, thank you very much.
(Or the pharmacy, or my doctor, or, or or at lot of things.)
They haven’t released the text publicly but they’re voting on it in less than a week. That’s also one of the many objections that Mozilla et al has to this whole thing: it’s basically being done in secret in a way that won’t give the public any time to react or object.
Historically, the browser vendors have only distrusted certificate authorities when they had reason to not trust them, not some arbitrary reason.
One of the examples of them preventing a CA from being trusted is Kazakhstan’s, which was specifically set up to enable them to intercept users’ traffic: https://blog.mozilla.org/netpolicy/2020/12/18/kazakhstan-root-2020/
Even if all of the EU states turn out to be completely trustworthy, forcing browser vendors to trust the EU CAs would give more political cover for other states to force browser vendors to trust their CAs. Ones that definitely should not be trusted.
I think there wouldn’t be nearly the same level of objection if it was limited to each country’s CC TLD, rather than any domain on the internet.
deleted by creator
bloviating
What a wildly inappropriate waste of a thesaurus.
the slightest bit of research
Are you competing in some obscure Internet irony competition?
I don’t know whether it’s true.
I am however confident that you don’t know either.
But as for the “slightest” research, riddle me this: Why is there no link to the proposal in the article?
You think you’re a pragmatist, but you’re just an ignorant fool.
How is giving any EU state the ability to be a certificate authority in your browser for issing a certificate for any site, without them needing to follow the rules the browser vendors have for what makes an authority trustworthy, with no option to disable them or add additional checks to their validity, “protecting their citizens from (American) corporate abuse”?
From the Mozilla post:
Any EU member state has the ability to designate cryptographic keys for distribution in web browsers and browsers are forbidden from revoking trust in these keys without government permission.
[…]
There is no independent check or balance on the decisions made by member states with respect to the keys they authorize and the use they put them to.
[…]
The text goes on to ban browsers from applying security checks to these EU keys and certificates except those pre-approved by the EU’s IT standards body - ETSI.
Removed by mod
FOSS maybe, but google’s chrome is not FOSS.
Removed by mod
Well that makes it reason number 4379 to not use Chrome.
Yes, but if all browsers will become outlawed other than that one…
Users probably (?) won’t get fined, for sure it will become much more cumbersome to find a copy of Firefox, unless you are ready to build it yourself.
We just came from the chat control odissey. This is so tiring and unjust for those that have agitated lives. We re fighting against people who spend their work schedule entirely on this stuff.
There isn’t much info on this.
What can I do as an European citizen in this case???
If you have the time, you could write to the member of the European Parliament who is responsible (Romana Jerković). Otherwise, the best you can do is probably to spread the word and remember to vote next year.
I suppose a non-compliant browser will need to be build if this comes to pass.
deleted by creator
It seems like EU has two groups - one which wants to have mass surveillance and one which tries to protect privacy.
I like to compare the EU to an overprotective parent – on the one hand, they want to protect us from all external threats, but at the same time, they want to know all about us and control us.