Chat control and government attempts to force backdoors into OS'

With the new chat control law being pushed through the EU legislature, I have been thinking about the ramifications of this legislation. At the outset, I was initially very sceptical and still am. But after attempting to find a good intentioned reason for proposing something so drastic as the first draft, I actually could soften a bit to some of the proposed reasoning. I will say that I ultimately think this is not the role of the government to nanny people’s childrens behaviour on social media, but I also have to recognize the enormously negative impact that social media has had on people of all ages. But I still think it is the parents job to raise their kids, also online behavior. But parents don’t currently have the right tools to properly monitor what their children are exposed to online, asik. Especially the big social media platforms should have tools to better shield children against harmful content. Honestly, I wouldn’t mind banning social media completely for children under at least 16 years of age.

But at the same time, I also see this used as an excuse to tighten control with the whole citizenry. The proposed legislation that forces backdoors in encryption is probably the most low IQ, totally anti-democratic, anti-western values, dramatic overreaction solution to a solve a minor problem ever proposed. It is a total betrayal of Western values and only serves those in power.

But the future seems set to go in a direction that includes heavier surveillance. The right approach to deal with this will be to stop these laws from being enacted. But if this fails, I think it will not be long before backdoors are forced on even open source software. So, how will we react to this?

The solution, I think, it to build decentralized self-hosted communication solutions that cannot be practically surveiled on a mass scale.

I am not completely against some form of monitoring of the big platforms, but to monitor everybodys communication is such an outrageous solution that it is shocking that any Western politician would put his or her name to such a proposal.

If/when the pressure is put on projects like e/os to put backdoors into the OS, how will the project and community react?

I think the only way to deal with it is to, like Snowden said, to make mass surveillance impractical and remove the technical backbone architecture from any one entity that can be pressured, to decentralized self-hosted solutions.

What are your thoughts?

This stance could be seen as a bit extreme, but i think science, especially neuro-sience, reach the same conclusion.

I agree with this.

Yes. Look at XMPP, Matrix & SimpleX.

I absolutely agree. It should be noted that enforced breaking of encryption seems to have been avoided for now; still, we will have to wait for the final negotiation results between EU parliament, EU Commission, and EU Council. (I refer to the German FAQ on FAQ: Wie geht es weiter mit der Chatkontrolle?)

As for self-hosted solutions, there may also be Nextcloud Talk. As for decentralized solutions, Delta Chat is very interesting because it relies on email protocols, so any mail server can be used for communication. This makes it (probably) even harder to block.
I should mention that I do not have tested these two solutions, but they come from a reliable developer (Nextcloud) or seem to be around for quite some time (Delta Chat).

I totally agree with you. And I absolutely detest the “think of the children” tactic thats being used to argue in favor of such a blatant violation.
When Signal announced they would rather leave the european market than allowing such backdoors in their messenger I started thinking about a “what if” solution for myself.
After some personal research (mind: I’m absolutely no encryption or computer expert) I stumbled over the Briar Project & Messenger. P2P, no centralized servers, works with WiFi, Bluetooth or TOR.

What do you guys think about this solution?

But then again: I’m not sure if a single messenger would mitigate any serious risks from overreaching governments I ask myself the same question as you did: Would it be possible (read: conceivable) to force backdoors not only into messengers, but operating systems in general? Would /e/ allow that or would everybody who wants his communication to stay private have to resort to a Pixel with GrapheneOS?

The entire Chat Control situation kinda caught me off guard. I’d never thought that there was such a huge political support of flushing everybody’s right of privacy down the gutter to achieve some sort of “higher goal”. So I guess now I generally distrust the european government that they would - if push came to shove - protect my right to communicate without third parties being involved. And that’s why I’d like to be prepared if such a situation arises.

Briar is good but text messages only - no audio/video calling. It is also Android only. It has its use cases but really we need to include users of as many devices and operating systems as possible.

What do you think of DeltaChat ? FOSS, décentralized, all platforms, call, video, and more

It’s a clever idea but the email protocol is not instant. In practice messages usually arrive quickly enough that it doesn’t matter. But sometimes emails take days to arrive. Also spam filters can get in the way. It’s quite a difficult concept to explain to the terminally nontechnical folks when things go wrong.

It works with dedicated chatmail relays. Does the limitation you highlight apply to those ?

Thanks, I wasn’t aware of this. You still need an address on a normal email server and this might not work with chat relays. See here:

Sorry but this might be an unfounded assumption.
I didn’t had to provide any actual email address to use delta.chat

It’s many years since I last used it. It seems things have changed since then.

I would like to know how e/os would deal with attempted forcing backdoors into the OS. We can talk about chat apps and that is important, but I think we need to have a conversation about pressure to allow backdoors into the OS.

This is not specific only to e/os but is a valid concern for all operating system projects. How can we build safeguards that make sure that we keep ALL bad actors out of our private lives.

I think law enforcement should have tools to help them solve crimes, when there is a reasonable suspicion, but that is why they have to have a warrant. This wholesale dragnet surveillance is just not an acceptable solution. The price is too high, compared to the problems it is supposed to solve.

We see how for example telegram was coerced by certain European governments. I fear this will come to open source operating systems as well.

Could you provide sources for this assertion ?

EDIT : I’ve been finding this, but I don’t know if it apply.

It was reported in the media that the CEO was jailed in France because he did not want to allow the French government a back door into telegram. He was released after 4 days.

I assume that they came to some sort of agreement. This is a well known story.

No mention of backdoor allowing …
The trial isn’t set yet.
Durov is not free, he is still under indictment …

I doubt they would actually publicize backdoors

So isn’t all this pure speculation ?

No. I would even go so far as to suggest you educate yourself on this topic.

Why do you think that governments are trying to pass chat control? That is not speculation.

I would appreciate some public policy from the e/os project, and all other os projects regarding this issue.

Will e/os comply with blanket backdoor access to user data or OS level access if asked or pressured?

No matter what the policy is, I think it is important to at least have the public discussion with users.

I am also concerned about the state of Europe and its transformation into a surveillance dictatorship.
My approach is to use services based on the Nostr protocol. It is highly decentralized and offers a whole range of chat solutions.

I will install one of the chat solutions for my family. I will have to stay away from my friends, as I don’t think they would be willing to use Nostr…