Technology

69247 readers

3746 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

L4s@hackingne.ws

497

Florida’s New Social Media Bill Says the Quiet Part Out Loud and Demands an Encryption Backdoor (www.eff.org)

submitted 1 week ago by cm0002@lemmy.world to c/technology@lemmy.world

37 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] tal@lemmy.today 36 points 1 week ago* (last edited 1 week ago) (4 children)

it would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.”

Mmmhmm. Apparently the Threadiverse is about to become illegal in Florida.

First, let's generate a strong public-private GPG keypair for myself and some hypothetical other Threadiverse user, anotheruser@lemmy.today:

$ gpg --quick-generate-key tal@lemmy.today
$ gpg --quick-generate-key anotheruser@lemmy.today

And show the tal@lemmy.today public key:

long keyblock

$ gpg -a --export tal@lemmy.today -----BEGIN PGP PUBLIC KEY BLOCK-----

mQGNBGf6kRMBDAD3qJIznSVVQZu092nTthUt8R8DNXS6eYNqgbpYHTY+6i+RSFMe
YDDnOz0cL3drxnWpNC37l9HouJGohua/Cjx2Iju/zd4A5mZkXchIt4lfZ3bbXx2k
p0eC1m9+B3Dc37lSLPgEpTnfPGtMfKJU4bNVBdwkFCyS9Mxc499uIrAUpjPQLmgP
1rQ2Wk1wzGfAh3VNCxg8xsHcOHWQZqSUzsLk/PeG1QtfGTVBG44tI6msGawwQct6
XVnVOk0DfEGmoru4dGuQDk+oZRVz/O4/wLOQzfAVCzsbv/RrCzywrcQM3WAoVBDI
awe9UG++Y4N6Eof46UQ1KnzA2ndkHFt35KybidaqxlWM4Sslx/Is+wCgqt+FpJRN
MPLsAet6Eg6vGB6ES3Fk/IXX5OEvtWMfKKrgSP88NwoP/VFr/BU7SsJW1Opo4Ccf
DDPuWlgMCmsVE9xsPS1oFMzxiHbJYj8gWgH7AOtl24NgYXVi/QdetYA6SZqonU0T
xnGmEw5JdcvWdmMAEQEAAbQPdGFsQGxlbW15LnRvZGF5iQHUBBMBCgA+FiEE7S76
Je3x/gWVtrNsdlwPXPfD8YIFAmf6kRMCGwMFCQWjmoAFCwkIBwIGFQoJCAsCBBYC
AwECHgECF4AACgkQdlwPXPfD8YJy+wv+JJ3MP+zZRy4pJZ+u7iiSOwVVwUboT8Pi
kX7rxLl6TF9wGuLPjl/P8Cfy0WMsZQ2Ab0S/84cE2bIVbcISwqeqkMZ1Puk6y5Nn
8uHK3qHrYb1n89uOwjgeBIC3XopdJpSPtaKBWHZn/s0AYQ3suqJt/BoJo+hTv4oJ
/8Rtcs2+YKnQtoLtM/0tKO3J4Qzvqrzi0F14R1Rv6kiFzePkEPQFSPN4uIR5CPJm
t6HuYWYcWNKhfIkKJH08GAV0jP+qrbe/yacO0tKt8gnxKBdpXLRwLePx5sDV14ch
Ay/3n1aVa7PbUGA4m51xOSl0Ro54s6K8uwJ2fz6z5fdjpOkbvDw51tPEdxQzW0JH
myyaC31j4h5YwzOAfGaK6lp3pAHStDFhDJXZPLYsDlcMGSPvV+qBMAh86t8mqIqd
tBPjNj60aIbps+mImBpRlO/xRvUWjjVsm1FKqxBq7QQR5SW0MLnkwvcnUMDCbOs/
wMN6ghyZp6RDhUXGgb9HJVSQhXLjaqf+uQGNBGf6kRMBDADFYNE00Rr2Ujm9+i7k
LsHz49xqJUNtv3b7pHWTOZNhkSFf/OieayE45lkBMQl1ZkuY56QjmcgYZWsOf7+y
kbrsQjdNE5lHl/hRAqGV13LUscTKPUCvTXnfFX+/p64Kgv1f74fAdfkQu663sGOM
xbFP9/3jOQLF9dI2M8H14TPF/JDhjXDZvvoMrMBxwFlRctvwbeS6Yar+XKxKZQvh
I63Ad2OyFc0p+pnJOnrWN3Q6iEqnAq0SA/EdsjVx3MWpqZW15YDyU0lIWrHAn/yD
PfMaAqcgXj2LLBDziYdfm1ACBceS+WAu6w7i07xMAbdypKOsPB2cL1PlX//WEiwW
55iBTJ7oRAW7Q0LRsk2k40mq61xfOLyOBT8gHJfEb7ked9KuSXQdBn9K2hT2SH+U
OT2E63ShPHL9F2F1yQSbjFbHJve2klIuqrMeJ21QtDWgz+Auzp7PPWZ59SN+XCVj
qzrueXIvzsK3Shfqf636/Buj1g5heIY3nBd3dtbq4gUBO90AEQEAAYkBtgQYAQoA
IBYhBO0u+iXt8f4FlbazbHZcD1z3w/GCBQJn+pETAhsMAAoJEHZcD1z3w/GCzXkL
/i1k5ra/YZPpiJgCOO61x6Iog5/hyL/APhHT/CMg1ZAYObfqCD0QT0f+n0qdZXhH
ALGXzCMsbFqr0oxqOFFccLGQzUxv9AkyrO94HLoL726fxi3gkF+UekHjWgcxkcXQ
PHZCOdHczxyCIGRB+mKn+tGweXpCwMNkymagdoyzOs+t+5cGUTv18ceun72Mqf1H
4vCZ4LLb94NLkSJqGKeQuzjVhopDVCJ8t/exRuk2ra2SkeChKPCpq5zJP+OpzAx3
hPNSL9v8xRD6D/NKQP/zYXvry1dfQaaOYUbw+GMgSxtVNsTyGMtDg2kE8ZSuvVKq
ZIoODdjZRZvTB90+UKFRF3st1MeBXGNskvcZJhit7K1eMGhUbjykNWrq0A8aoRAN
P0DBRg09Uumub1GNnJlHFNxAS5e0A686YHzA6AOify+lhscdrFKiv8GRFBZGK39W
vY5YDDdpY632O6w1Te1UFIhS7pIWXsm5AfffFPDc/UJd6ZaBOcnKH45R4y2qObS2
eA==
=ommg
-----END PGP PUBLIC KEY BLOCK-----

And then show an example of someone else importing it, pretending that they're anotheruser@lemmy.today (though in my case, I've already got the tal@lemmy.today public key in my keyring):

another long keyblock

$ gpg -a --import <<EOF -----BEGIN PGP PUBLIC KEY BLOCK-----

mQGNBGf6kRMBDAD3qJIznSVVQZu092nTthUt8R8DNXS6eYNqgbpYHTY+6i+RSFMe
YDDnOz0cL3drxnWpNC37l9HouJGohua/Cjx2Iju/zd4A5mZkXchIt4lfZ3bbXx2k
p0eC1m9+B3Dc37lSLPgEpTnfPGtMfKJU4bNVBdwkFCyS9Mxc499uIrAUpjPQLmgP
1rQ2Wk1wzGfAh3VNCxg8xsHcOHWQZqSUzsLk/PeG1QtfGTVBG44tI6msGawwQct6
XVnVOk0DfEGmoru4dGuQDk+oZRVz/O4/wLOQzfAVCzsbv/RrCzywrcQM3WAoVBDI
awe9UG++Y4N6Eof46UQ1KnzA2ndkHFt35KybidaqxlWM4Sslx/Is+wCgqt+FpJRN
MPLsAet6Eg6vGB6ES3Fk/IXX5OEvtWMfKKrgSP88NwoP/VFr/BU7SsJW1Opo4Ccf
DDPuWlgMCmsVE9xsPS1oFMzxiHbJYj8gWgH7AOtl24NgYXVi/QdetYA6SZqonU0T
xnGmEw5JdcvWdmMAEQEAAbQPdGFsQGxlbW15LnRvZGF5iQHUBBMBCgA+FiEE7S76
Je3x/gWVtrNsdlwPXPfD8YIFAmf6kRMCGwMFCQWjmoAFCwkIBwIGFQoJCAsCBBYC
AwECHgECF4AACgkQdlwPXPfD8YJy+wv+JJ3MP+zZRy4pJZ+u7iiSOwVVwUboT8Pi
kX7rxLl6TF9wGuLPjl/P8Cfy0WMsZQ2Ab0S/84cE2bIVbcISwqeqkMZ1Puk6y5Nn
8uHK3qHrYb1n89uOwjgeBIC3XopdJpSPtaKBWHZn/s0AYQ3suqJt/BoJo+hTv4oJ
/8Rtcs2+YKnQtoLtM/0tKO3J4Qzvqrzi0F14R1Rv6kiFzePkEPQFSPN4uIR5CPJm
t6HuYWYcWNKhfIkKJH08GAV0jP+qrbe/yacO0tKt8gnxKBdpXLRwLePx5sDV14ch
Ay/3n1aVa7PbUGA4m51xOSl0Ro54s6K8uwJ2fz6z5fdjpOkbvDw51tPEdxQzW0JH
myyaC31j4h5YwzOAfGaK6lp3pAHStDFhDJXZPLYsDlcMGSPvV+qBMAh86t8mqIqd
tBPjNj60aIbps+mImBpRlO/xRvUWjjVsm1FKqxBq7QQR5SW0MLnkwvcnUMDCbOs/
wMN6ghyZp6RDhUXGgb9HJVSQhXLjaqf+uQGNBGf6kRMBDADFYNE00Rr2Ujm9+i7k
LsHz49xqJUNtv3b7pHWTOZNhkSFf/OieayE45lkBMQl1ZkuY56QjmcgYZWsOf7+y
kbrsQjdNE5lHl/hRAqGV13LUscTKPUCvTXnfFX+/p64Kgv1f74fAdfkQu663sGOM
xbFP9/3jOQLF9dI2M8H14TPF/JDhjXDZvvoMrMBxwFlRctvwbeS6Yar+XKxKZQvh
I63Ad2OyFc0p+pnJOnrWN3Q6iEqnAq0SA/EdsjVx3MWpqZW15YDyU0lIWrHAn/yD
PfMaAqcgXj2LLBDziYdfm1ACBceS+WAu6w7i07xMAbdypKOsPB2cL1PlX//WEiwW
55iBTJ7oRAW7Q0LRsk2k40mq61xfOLyOBT8gHJfEb7ked9KuSXQdBn9K2hT2SH+U
OT2E63ShPHL9F2F1yQSbjFbHJve2klIuqrMeJ21QtDWgz+Auzp7PPWZ59SN+XCVj
qzrueXIvzsK3Shfqf636/Buj1g5heIY3nBd3dtbq4gUBO90AEQEAAYkBtgQYAQoA
IBYhBO0u+iXt8f4FlbazbHZcD1z3w/GCBQJn+pETAhsMAAoJEHZcD1z3w/GCzXkL
/i1k5ra/YZPpiJgCOO61x6Iog5/hyL/APhHT/CMg1ZAYObfqCD0QT0f+n0qdZXhH
ALGXzCMsbFqr0oxqOFFccLGQzUxv9AkyrO94HLoL726fxi3gkF+UekHjWgcxkcXQ
PHZCOdHczxyCIGRB+mKn+tGweXpCwMNkymagdoyzOs+t+5cGUTv18ceun72Mqf1H
4vCZ4LLb94NLkSJqGKeQuzjVhopDVCJ8t/exRuk2ra2SkeChKPCpq5zJP+OpzAx3
hPNSL9v8xRD6D/NKQP/zYXvry1dfQaaOYUbw+GMgSxtVNsTyGMtDg2kE8ZSuvVKq
ZIoODdjZRZvTB90+UKFRF3st1MeBXGNskvcZJhit7K1eMGhUbjykNWrq0A8aoRAN
P0DBRg09Uumub1GNnJlHFNxAS5e0A686YHzA6AOify+lhscdrFKiv8GRFBZGK39W
vY5YDDdpY632O6w1Te1UFIhS7pIWXsm5AfffFPDc/UJd6ZaBOcnKH45R4y2qObS2
eA==
=ommg
-----END PGP PUBLIC KEY BLOCK-----
EOF

And now let's pretend we're anotheruser@lemmy.today and use end-to-end encryption that doesn't have a back door, using sed to prefix each line with four spaces so that we get nice blockquoted Markdown that we can paste into a Threadiverse comment or direct message to tal@lemmy.today:

encrypting message with end-to-end encryption

$ gpg -a -e -u anotheruser@lemmy.today -r tal@lemmy.today <<EOF |sed "s/^/    /"
Hello there, tal@lemmy.today!  This is anotheruser@lemmy.today.  I just wanted to send you a message.
* Florida Man cannot read this.
* Even instance admins cannot read this.
EOF
    -----BEGIN PGP MESSAGE-----
    
    hQGMAwk4edDpeyVkAQv+Mu6kJj1KkKs8i72YixAbAMuO+uNJDq0Vu9sz9mGUv3nG
    DibQTkFFz0h+IcK7/2xVrfBcf//6MDqYmlVnTlmpPcNOel4B1YbU4KpHus6ZELcy
    7t0WP2IX03FWTooIBdfX7jIdH9us7PPyG2s4edTX7yD69H7oRdVJiNN6qJUbtObU
    sHWfmq0oQlHoevw47FuWGjAaIbA9volFV3IotEAhmTQ8cCJs2SG8bQjiJmpGE5pO
    xBSNtqo9X49FhQ0xoouwWil/9c76nNw7MtF/4WjU2HlzzRdFIXKeReq0ZzJ8fdkU
    YENYV+7lcp3jmGm91nC+E7HYTCjwy6XmMx+6wrzpCtNnLOaOL9caC7Div6ZvBtBi
    RVTiT1Kewth+QQvLHh2ErN0XKDzFrfFqfrZq4tX3TTn3rQkM/v0UrlR+3rr+iePX
    iKPmtsQBxNa81GVNxx0IR/1r+by8ELenCCRjaq2OpzfUhckqHkn1M6ycBPrwX8yR
    uBuIf7E65Pi2QfSoDeOH0rsBR/yGwU/h8HeEp6ChYEEEs1v+INI2dQ+zxhqaimKz
    vg7gTlVNplI9rpb/VLhlk8tzjCMQ4+Dqe4KeYqtvCLLJtgPFNlujMrgOEmbDL46X
    kQ8xQTForYFqPvODnPDUo+dbmt2UlXJGw3dyztEhQRUEqoCvUan9ERcY1gJS4mT6
    WmAJKfVHfLos+UiibRZBhRzAsFCvyEPF1lOEJNVD0cz9tya2CfszNsqz+ITeHWfm
    HchPmmEq4pqHr1/a
    =PQN2
    -----END PGP MESSAGE-----

And let's have tal@lemmy.today decrypt it:

decrypting message

$ gpg -a -d <<EOF -----BEGIN PGP MESSAGE-----

hQGMAwk4edDpeyVkAQv+Mu6kJj1KkKs8i72YixAbAMuO+uNJDq0Vu9sz9mGUv3nG
DibQTkFFz0h+IcK7/2xVrfBcf//6MDqYmlVnTlmpPcNOel4B1YbU4KpHus6ZELcy
7t0WP2IX03FWTooIBdfX7jIdH9us7PPyG2s4edTX7yD69H7oRdVJiNN6qJUbtObU
sHWfmq0oQlHoevw47FuWGjAaIbA9volFV3IotEAhmTQ8cCJs2SG8bQjiJmpGE5pO
xBSNtqo9X49FhQ0xoouwWil/9c76nNw7MtF/4WjU2HlzzRdFIXKeReq0ZzJ8fdkU
YENYV+7lcp3jmGm91nC+E7HYTCjwy6XmMx+6wrzpCtNnLOaOL9caC7Div6ZvBtBi
RVTiT1Kewth+QQvLHh2ErN0XKDzFrfFqfrZq4tX3TTn3rQkM/v0UrlR+3rr+iePX
iKPmtsQBxNa81GVNxx0IR/1r+by8ELenCCRjaq2OpzfUhckqHkn1M6ycBPrwX8yR
uBuIf7E65Pi2QfSoDeOH0rsBR/yGwU/h8HeEp6ChYEEEs1v+INI2dQ+zxhqaimKz
vg7gTlVNplI9rpb/VLhlk8tzjCMQ4+Dqe4KeYqtvCLLJtgPFNlujMrgOEmbDL46X
kQ8xQTForYFqPvODnPDUo+dbmt2UlXJGw3dyztEhQRUEqoCvUan9ERcY1gJS4mT6
WmAJKfVHfLos+UiibRZBhRzAsFCvyEPF1lOEJNVD0cz9tya2CfszNsqz+ITeHWfm
HchPmmEq4pqHr1/a
=PQN2
-----END PGP MESSAGE-----
EOF
gpg: encrypted with 3072-bit RSA key, ID 093879D0E97B2564, created 2025-04-12
      "tal@lemmy.today"
Hello there, tal@lemmy.today!  This is anotheruser@lemmy.today.  I just wanted to send you a message.
* Florida Man cannot read this.
* Even instance admins cannot read this.

I guess the only option will be to lock up instance admins for violating Florida law, as they're operating a social media platform with end-to-end encrypted communications with no backdoor.

EDIT: It'd also probably be nice to have browser and client support to make this more-convenient, no copy-pasting. I haven't used it, so I can't vouch for its functionality, but for users using Firefox, this Firefox extension claims it can automatically detect and decrypt GPG content in a webpage; if it can pick up on encrypted, ASCII-armored blockquoted text in a Threadiverse comment, that would hopefully let one simply read encrypted messages in Lemmy or whatever without any additional copy-pasting effort (though sending an encrypted message would still require copy-pasting some text):

https://addons.mozilla.org/en-US/firefox/addon/gnupg_decryptor/

[–] CosmicTurtle0@lemmy.dbzer0.com 10 points 1 week ago (2 children)

Not that I disagree with your point, but Florida law is only relevant within Florida and, to a limited extent, the United States. Admins of US-based instances could likely be subpoenaed and then held in contempt if they refused, assuming they don't pull a PornHub and just block all of Florida.

That said, this is very worrying since subpoenas have a MUCH lower threshold of legal bearing than warrants. I suspect that Apple will likely challenge this in court or they stop selling iPhones there.

[–] taco@piefed.social 1 points 1 week ago

...Florida law is only relevant within Florida and, to a limited extent, the United States.

And even then only to the extent those with the power to do so choose to enforce it. It might matter if you or I break the law; it will not matter in any meaningful way if Meta does.

load more comments (1 replies)

load more comments (2 replies)