
U.S. government seeks Facebook help to wiretap Messenger - tareqak
https://www.reuters.com/article/us-facebook-encryption-exclusive/exclusive-u-s-government-seeks-facebook-help-to-wiretap-messenger-sources-idUSKBN1L226D
======
mjevans
I think it has become abundantly clear that a fully peer to peer, encryption
required (non-optional), no single central server infrastructure solution is
the answer.

No points to tap.

No point in tapping the data.

If they want to capture conversations it's time to go back to the proper old
ways of actually spying on high-value targets.

~~~
paulcole
Isn’t this what Slack is?

~~~
Arubis
Slack literally stands for Searchable Log of All Content and Knowledge. It’s
incredibly useful and transformative for what it is. It’s about the furthest
thing possible from private.

~~~
paulcole
OK, this is all news to me. I have to go delete a bunch of stuff.

------
CGamesPlay
At what point does the technical community stop trying to technically
interfere with the efforts of law enforcement, and start trying to change the
laws that make law enforcement behave this way?

~~~
EvilEndures
> At what point does the technical community stop trying to technically
> interfere with the efforts of law enforcement, and start trying to change
> the laws that make law enforcement behave this way?

Law enforcement and government are addicted to power to an unhealthy degree.
Convincing people to voluntarily give up power is rarely successful.

You seem to believe majority support is enough to make something happen. It is
not.

The Public Option has 75% popular support. Medicare-For-All has 59% popular
support.

Yet we have neither.

~~~
gerdesj
_The Public Option has 75% popular support. Medicare-For-All has 59% popular
support. [HR] Yet we have neither._ Brexit was decided on an embarrassingly
close vote: 51.9%

So we have two seemingly popular things that haven't happened and one that has
happened but was not so popular (but it turns out that it was more popular
than was suspected by anyone beforehand). I'm afraid that is politics. If it
helps, I am not a fan of Brexit but will have to live with it anyway.

There is no conspiracy and I don't think that it is fair to accuse your police
and government of being arseholes (to put words in your mouth!) Sometimes we
simply have to accept that our personal will does not always dovetail with
that of the majority - that is how democracy works. To be fair though, there
is also nothing wrong with getting a good rant in on HN.

If you feel really strongly about healthcare, why not emigrate to the UK? Our
NHS is bloody amazing and only costs: [https://www.gov.uk/national-
insurance/how-much-you-pay](https://www.gov.uk/national-insurance/how-much-
you-pay) \- roughly 12% of your salary. There is a lower band and an upper
band so it is not 12% of everything you earn and it also covers unemployment
payments and other things.

~~~
EvilEndures
> There is no conspiracy and I don't think that it is fair to accuse your
> police and government of being arseholes (to put words in your mouth!)
> Sometimes we simply have to accept that our personal will does not always
> dovetail with that of the majority - that is how democracy works. To be fair
> though, there is also nothing wrong with getting a good rant in on HN.

You've clearly never dealt with either in the US for a protracted period of
time.

Yes, they very much are. Their response to them breaking the law and/or making
a mistake is "Fuck off, sue us."

> If you feel really strongly about healthcare, why not emigrate to the UK?
> Our NHS is bloody amazing and only costs: [https://www.gov.uk/national-
> insurance/how-much-you-pay](https://www.gov.uk/national-insurance/how-much-
> you-pay) \- roughly 12% of your salary. There is a lower band and an upper
> band so it is not 12% of everything you earn and it also covers unemployment
> payments and other things.

A) You are moving the goal posts from the original discussion.

B) I was born here. I'm not leaving just because I don't win every battle.

> Brexit was decided on an embarrassingly close vote: 51.9%

[https://www.theguardian.com/world/2018/jan/10/russian-
influe...](https://www.theguardian.com/world/2018/jan/10/russian-influence-
brexit-vote-detailed-us-senate-report)

[http://nymag.com/daily/intelligencer/2018/06/britains-
russia...](http://nymag.com/daily/intelligencer/2018/06/britains-russia-
collusion-scandal-looks-just-like-trumps.html)

[http://nymag.com/daily/intelligencer/2018/06/top-brexit-
back...](http://nymag.com/daily/intelligencer/2018/06/top-brexit-backer-
passed-trump-team-info-to-russians.html)

[https://www.bbc.com/news/uk-politics-43336351](https://www.bbc.com/news/uk-
politics-43336351)

> The four most recent readings - taken by BMG Research and Survation between
> November and January - have, on average, once the 8% who said "don't know"
> are left to one side, put Remain on 52% and Leave on 48%.

Now that it isn't being influenced by an outside party, it is no longer
narrowly winning.

To be honest, I don't think people should cry they have a mandate from the
people with less than a 55% majority.

~~~
gerdesj
_Now that it isn 't being influenced by an outside party, it is no longer
narrowly winning._

My original point about Brexit being very close still stands and I would
suggest that your _Remain on 52% and Leave on 48%_ are still very close given
the sheer pain of the separation that has become apparent since the original
vote (you try listening to the news here - its bloody boring.) If you had
waved say 60% Remain, I might take notice.

~~~
EvilEndures
Yeah but your statements are largely irrelevant to what I was saying. A
heavily influenced vote with borderline +/-2% isn't what I was discussing.

------
_bxg1
"it could make similar arguments to force companies to rewrite other popular
encrypted services such as Signal and Facebook’s billion-user WhatsApp"

Umm... Signal is open-source, so unless they outlaw encryption across the
board, the worst-case scenario is someone just has to fork it.

~~~
craftyguy
There's no guarantee that the client you install on your device is built from
the same source code that is publicly available, unless you build the client
yourself from that source code. I suspect no one is doing that at this point
(since Noise died with CopperheadOS).

~~~
seorphates
Right, for the masses, but for focused enterprise, like a well resourced gang,
for instance, refortifying your security is just another build away. Add on
some sneakernet transport and side-load instructions and the only people
affected by a weakened platform is everyone else.

------
crb002
Facebook's Haxl team openly discusses their ability to wiretap Messenger at
scale for anti-spam.

[https://www.youtube.com/watch?v=sT6VJkkhy0o](https://www.youtube.com/watch?v=sT6VJkkhy0o)

Users should be given the option to use peer to peer strong encryption with
friends they whitelist.

------
sneak
*a different department of the US government. We already know that the NSA wiretaps Messenger at will extrajudicially via PRISM and other programs.

------
eatbitseveryday
Would [perfect] forward secrecy prevent a government from asking an entity
from decrypting intercepted and recorded transmissions?

~~~
mjevans
Forward Security is about creating a single session key and then ensuring that
it isn't trusted after the session.

This is a good best practice and SHOULD be used everywhere.

It does not prevent any attacker, government or otherwise, from making client
implementations do things like:

    
    
        * add in third party key distribution (backdoor the conversation)
        * send a 'backup' of keys or other details to a central server
        * directly man in the middle by only establishing a "secure" connection to a middle server
        * compromise the situation in other ways; E.G. using a flawed "random" source
    

BTW, if you can't build the client your self from source, how do you KNOW the
above isn't being done?

------
jetti
"Law enforcement agencies forcing technology providers to rewrite software to
capture and hand over data that is no longer encrypted"

Would this, or could this, fall under compelled speech? Especially if an
employee is using the product themselves?

------
ezoe
It happens because Facebook's design is fundamentally flawed for the security.

~~~
occamrazor
How is it fundamentally flawed?

------
throw2016
It's strange for the same issues with China there is 'outrage', and then for
the exact same things here we see hand waving and 'technical' solutions.

What technical solution is going to protect the human being from the indignity
of security personnel presuming the right to going through your personal
papers and thoughts? And this is already in effect in US airports with no
pushback.

It is this denial by many about what is happening at home and the absence of
mainstream protests and push back that has allowed the the rise of
surveillance capitalism, the NSA, secret courts, secret orders, secret
processes and brazen surveillance demands by governments.

The worse it becomes the more the need to posture and distract by seeking to
hold others accountable for the very things you are neck deep in.

------
annadane
Article on HN: "The government shouldn't be trying to do this, we need
encryption, decentralized services"

Article on Reddit: "Delete Facebook! Fuck Zuckerberg."

~~~
felixvolny
One is a consumer’s answer, the other one is a creator’s answer.

Makes sense, as these are the respective target audiences of the two
communities.

------
rhizome
Easily tapped central server(s) is my nutshell theory of why rightwing
extremists aren't being kicked off of Twitter. Third-party doctrine, and all
that.

~~~
Consultant32452
I honestly can't tell what groups are being banned, nor what the rules are.
Isis isn't banned but random right winger is. Jimmy Dore and Kyle Kulinski
have pointed out seemingly random left wingers getting banned, Sarah Jeong
gets a blue check. It all seems so random and incoherent. I am genuinely lost.

~~~
rhizome
You are definitely lost if you think Sarah Jeong should be sanctioned.

~~~
Consultant32452
I don't think anyone should be censored/sanctioned. ISIS, Alex Jones, Antifa,
let them all speak as far as I'm concerned. But to the extent that there are
currently censorship rules in place, I genuinely do not understand them.
Enforcement seems genuinely random and arbitrary.

Sarah Jeong mocks white racists, no ban, fine.

Candace Owens copy/pastes Sarah Jeong's tweets, gets banned, not fine.

A world in which Alex Jones gets banned but ISIS does not is total insanity.

To reiterate, I don't want any of the above to be banned/censored. However, in
an world in which the above facts exist, I am suggesting I do not understand
what the rules are at all. It seems random and arbitrary.

------
qrbLPHiKpiux
Face to face still the most secure. No tech involved. Just saying.

~~~
fkshit
Not everyone has the means to walk over and talk in person, grandpa

~~~
qrbLPHiKpiux
I know. Just know it’s a compromise. I’m late 30’s BTW

------
tribesman
The other day i posted a rant on p2p here on HN and everyone was like, huh!
Use whatsapp.

We need to build our own p2p and e2e secure chat client like whatsapp which
works on every platform.

Sure, it's possible - skype was exactly this before except for the e2e part.

Why we techies can't? Let's make a group and dissect the problem in our free
time. Who is up for it?

~~~
mos_basik
Some people are working on this problem. You might be interested in looking at
the Matrix standard [0] or some of the things built using it like Riot [1], a
Slack-like web client supporting text, voice and video communication for one-
on-one or group contexts.

0:
[https://matrix.org/docs/guides/faq.html](https://matrix.org/docs/guides/faq.html)

1: [https://about.riot.im/what-is-riot/](https://about.riot.im/what-is-riot/)

------
egberts
Wut? Go to Github and cobble a MitM proxy.

------
hsienmaneja
Reading the comments here reminds me of how silo’ed this community is,
philosophically speaking.

