Beep boop - this is a robot. A new show has been posted to TWiT…
What are your thoughts about today’s show? We’d love to hear from you!
1 Like
Make sure you’re running TOR when you set up your account though since, otherwise, ProtonMail would have your real IP address
As for WhatsApp being able to read your messages, though, I’d be inclined not to believe they are since I can’t find another source for it apart from ProPublica
1 Like
How does anyone like bucatini? It’s easily the worst pasta shape. You go to slurp in the pasta and you can’t get any suction because air comes through instead. I despise it with all my heart.
2 Likes
I don’t think there’ll ever be a pasta I won’t like.
2 Likes
Regarding Germany and the Pegasus software. The law and constitutional court are very clear.
E2EE is preferred, for the safety and security of the sender and recipient.
If the police want to eavesdrop a conversation, they have to get a court order, which allows them to install a trojan on the devices specified in the court order. Preferably by hand - although with devices like phones, that can be difficult, as we tend to not leave them laying around in open spaces.
That would mean that, with a court order, they could “Pegasus” a phone to enable the reading the the messages being sent and received as per the court order. This used to be the Staatstrojaner, but I’m guessing that keeping it up to date, so that it still works on modern, patched devices is too much work. Therefore they bought in the Pegasus solution, with the features that would be illegal under German law disabled.
While I don’t like the idea of zero days being hoarded and used to attack personal devices. I do think this type of trojan software is one way to solve the E2EE debate. The police get a warrant, like they have always needed to and, once they have the warrant, they are free to install the software and listen to conversations within the bounds of the court order.
A better way would be to have an official API that they get access to, once they present the phone maker with a valid court order. But this comes back to the same problem with having any sort of backdoor to a system, it is open to abuse, and once it is known, it will be exploited.
I don’t think there is any clean solution and the person being observed should have the right to remove the malware, if they find it. But installing monitoring software on devices once a court order has been issued is the way to solve this problem, not to ban E2EE.
Yeah I don’t think it’s possible to have total security and a backdoor. If there is any way that the good guys can get access to things remotely.There is always a chance a bad guy can and may possibly get access to it. But I do believe if there is a valid court order police should be able to search the phone and obtain evidence. I do think Apple’s current policy of, if it’s backed up to icloud we’ll give it to you is very reasonable.
1 Like
Wait. Say what?!?!?!?!
1 Like
I was thinking the same thing. But if I had a bad experience with something like that I’d probably swear myself away from it in the future too.
3 Likes