Andy Yen says draft safety standards ‘would force online services … to access, collect and read users’ private conversations’
What the hell Australia. This isn’t gonna magically help you prevent the next Emu war.
But it will help them in their corruption and self-enrichment, which is the entire purpose of all attempts to erode civil liberties.
Australia is a country with shit laws as someone who lives in Australia
Life is fine unless you somehow manage to break those stupid laws
For example there was that video of the one guy from Australia who wanted to ban anime, yeah some of our politician’s are that stupid
Thankfully anime isn’t banned completely but hentai is which I find stupid because it’s fictional drawings
Hentai is NOT banned here in Australia. As an Australian I’m sure you knew that and had some reason to lie. The freaks who import DVDs and manga from Japan depicting minors are getting targeted by immigration, but it isn’t a general ban. But who cares about them? If they are looking for something too fucked up to be on the internet it’s probably pedophilia. Also I want you to know that every time I hear someone bring up that hentai is fictional and above criticism I assume they are an actual child molester.
I’m not lying and I had no intent to lie, as my experience living in Australia all I’ve seen is that Australia has banned hentai
Your experience of living in Australia is very likely different to mine as we are not the same person
Im very well aware of the import ban: https://www.abf.gov.au/importing-exporting-and-manufacturing/prohibited-goods/list-of-items
The emu are watching. Waiting. They cannot be stopped.
Or Kangawars. Or Toadwars. Or Kangatoadwars becaue you know those bastards are gonna fuck and make a super beast death machine animal…thing.
I’d watch the wheels off of “Kangatoadwars!”
Closest we got was Tank Girl and…well…it’s Tank Girl. With ninjaroo’s and missile tits.
But yeah you could totally do a Jurassic Park/Planet of the Apes rewrite mashup and someone would watch it at least once.
The spider turtles are coming
It’s worse then you think. As a Australian citizen you are required to comply with any order which includes leaking code and introducing back doors. Failure to comply or notifying your employer about the request will result in federal charges with a sentence between 20 to 60 years in prison. The legislation that contains this was passed almost a year ago.
Recently there’s been a wave of mass disruptions and data theft in Australia including most of our ports halting operations for a day and one of our largest phone and internet service providers being compromised where millions of peoples personal information like driver licences and passports being leaked.
That’s a really fucking stupid law. Do we need to worry about Australia becoming fascist?
You think that’s stupid? How about our leaders:
I don’t want to believe this, my brain is refusing to process that statement, I have stared at that article in a state of disbelief for a minute. Surely someone can’t be that stupid, right?
I have heard plenty of brain dead arguments by anti-encryption people, but this is by far the stupidest. There is no way, there is just no way that he’s so… I want to say brain dead, but that would imply that there is even a brain there for it to be dead.
Regardless of political affiliation, or even the individual’s stance on encryption, surely there can’t be a single person that heard that statement and didn’t laugh at it, right?
Perhaps the Australian stereotype of being upside down holds some truth, considering his… utterance; he must walk on his hands and constantly get bit by snakes and attacked by drop bears on his daily commute, that’s the only explanation for how someone can make such a statement
Oh, it’s no fun. And we have media concentration issues here too, so you won’t get balanced or even a mention of both sides of an issue.
Australia has been the testing ground for implementing Big Brother’s spying technology policies. The ones that are often tried later on in the US or UK.
Nearly all of them have passed with full support from the two major parties here. I wish everyone better luck.
- In Australia, a kilogram of apples weighs two kilograms
- In Australia, gravity is an opinion
- In Australia, if you have three kangaroos and two koalas you have 9 wombats
- In Australia, if you pay $15 for a $20 dollar meal the restaurant owes you $400
- In Australia, right angles are 69 degrees
- In Australia, 1 is more than 2 except when you write it on its side
- In Australia, a minute is 2 seconds long, which is 24 hours out of the 6 hours in a day
- In Australia, the square root of any number is “a dingo’s breakfast”
- In Australia, dividing by two doubles the number, as sharing is caring.
- In Australia, if you travel north you’ll end up south
- In Australia, the shortest distance between two points is the scenic route
- In Australia, a watch moves counter clockwise, to remind you not to live in the past.
- In Australia, counter clockwise always means the following order: 1, 26, 55, 0, 0, 0, 9999, kangaroo, spider, mate
- In Australia, your left hand is always your right, because we don’t like to leave any hand behind.
- In Australia, the speed of light is adjustable depending on how bright the sun is shining.
- In Australia, when you whisper, the sound travels faster than when you shout
Too late. Already is.
deleted by creator
How does that even work? When you push code for a back door it’s going to still go through a code review so it’s not exactly going to be secret, right?
Yep and then you get fired but atleast you won’t go to jail
My point is that any dev team worth anything has it set up so that it isn’t possible to merge changes into master unless someone else approves. So it’s more like it isn’t possible in most cases, not “you should do the right thing”.
20year minimum, really? Isnt that also for murder?
I recently switched my email from gmail to proton mail, because fuck google’s… well… everything. Glad to hear that Proton Mail keeps fighting for privacy!
I changed back when google got rid of the free “mail for your domain” and frankly its been a great thing for me. They keep announcing new things that replacing my existing apps.
They have a password manager now that I use. They are finally adding actual fuction to their online drive storage so I can sync files and backup photos.
Its been well worth the price for me. If only they had an office suite lol
I really wish their password manager used a serif font, though. That’s pretty unacceptable if you’re generating secure passwords.
Could you explain why them not using a serif font is bad?
Generally speaking, serif fonts make it easier to distinguish between visually similar characters like o, O, and 0 or 1, I, and l.
Yeah that’s true, but I can’t see why distinguishing is required of a human. I use my password manager to generate and input passwords for me. I don’t even know any of them.
It’s not uncommon for the password manager to not be on the same system as where the password is being entered - hence a human needs to type. For example: consumer electronics with their own dinky little screens. Smart TVs/game systems and servers where remote access is not possible (or copy/paste does not work by design).
Oh yeah that makes perfect sense; I just hadn’t thought of it because those scenarios haven’t applied to me for a bit. One solution would be to generate readable passwords like discernible sentences. Longer in most cases so more entropy, and less chance to confuse characters.
Some password managers provide this as an option, though some authN systems require special characters because they think it improves security.
Or if you have to do business with a dinosaur company that won’t let you paste in the PW field.
Please don’t use serif fonts for UI elements. Imagine the buttons on your file manager being Times New Roman. (eww.) I think what you’re looking for is a monospaced font that’s designed to distinguish O/0, I/1/l, etc.
Plug for one of my favorite fonts: https://www.jetbrains.com/lp/mono/
The only thing I haven’t found a good replacement for was how G Drive also handles Office style documents. I make use of that a lot, especially from my phone. But I agree, Proton Mail hasn’t been painful one bit.
Seriously? My workplace uses google drive, and many documents are made with word. … A very common problem is that sometimes someone opens a word doc from the web interface of google drive - which automatically can conveniently opens it with google docs, which totally screws up the formatting and then autosaves it.
(I hate google, and I resent that even after I’ve removed all aspects of it from my home & personal usage, I still have to use it at work.)
I wish I could integrate it with like onlyoffice or something like that. Would be perfect.
For now I have to be happy with saving to my documents folder and knowing its backed up.
Dude, that email alias feature is the best thing about their password app! I’ve started using it all the time for services, new and old. Will make it easy as hell to find those selling my info.
Yeah the email alias rock. Especially when I was car shopping recently.
Want my email? Sure, here you go. SPAM? BEGONE, FOREVER BEGONE!
Proton’s feature set is very limited and kind of all over the place depending on platform, and development is incredibly slow, especially for Linux, but I do believe they’re committed to privacy and they do have a whole suite of products now under a single, very reasonably-priced subscription.
It’s only slow for Linux because they can’t find Linux devs. If you know any, tell them to apply.
I dont believe that for a second. It’s slow because, like most things Linux, almost nobody used it.
However, it is undoubtedly the most private and secure desktop OS.
I use the web mail client and thunderbird client and it works fine. Protonvpn works fine in arch linux, there’s gui and cli, I prefer cli. Drive isn’t on linux yet but web client works wonderfully fast.
What part of Proton’s feature set is limited and compared to what other service? You can do a whole lot more with proton than with Gmail for example.
Couldn’t forward emails until about a month ago.
Their drive app backs up only the computer it’s on and other computers cant access that backup. It’s like a sectioned off part. Or I can upload files that any of my devices can access.
Their calendar has some problems with compatibility of run into and it’s things that the person on either side can’t change. Not world ending but it’s really annoying.
They literally just added the ability to automatically add holidays to the calendar. And of course I had set it up about a month prior so I manually entered everything.
The proton drive app for your phone doesn’t automatically back up anything.
I’m not shitting on proton because I’m an active proton unlimited subscriber and I use a bunch of their services, but I also recognize the flaws and how it’s not as seamless as Google yet, which I don’t expect it to be.
I also wish they had some better Linux support in preaching to the choir with that.
Love their vpn and the netshield features. Email works great and I love knowing I can read an email and automatically have trackers blocked. Aliases are great but I use their simple login site free with my proton subscription too. So my point is I like them lots, but it’s not a complete Google replacement yet.
Couldn’t forward emails until about a month ago.
wow, that in particular seems like a minimum viable product feature
You could forward emails manually, but you couldn’t setup a rule to automatically forward emails based on a rule.
Fwiw, I’m in the same boat as the other poster. Love proton, but it’s not as seamless as Google.
Yep sorry I wasn’t specific and thank you for clarifying. Auto forward so like I want my girlfriend to receive all my Walmart+ emails which doesn’t let you have accounts like Amazon. So I forward all emails. Had to keep my Gmail to just make it easy. I’m sure there’s a more complicated setup but it’s Walmart… I just need email to get to both of us about orders.
It’s like this because it’s secure, there’s was good reason they didn’t have this feature. But it’s inconvenient and I’m not using Proton because I’m a secret agent, I just to want to pay for a product instead of being the product.
Oh ok I was just referring to the email part. You are right that their non-email offerings do leave a lot to be desired. I’ve found that downloading files from Proton Drive as small as 3GB is almost impossible, because their download rate is atrocious and on iOS if you don’t keep the screen active during the download it’ll just stop with no way to resume later.
Their calendar, contacts and bridge don’t support CalDAV/CardDAV, so you can’t synchronise them anywhere.
The iOS app doesn’t synchronise contacts or calendars either. There’s a one way “upload to proton”, but not the most helpful.
The public holidays only include some countries (not mine).
Their VPN is terrible with 20% packet loss, despite sitting in the same data center as other VPN providers without that issue.
But, still not google, and their mail app is better on iOS than fastmail.
I mean…that’s a long list, my guy.
Gmail client, no, but I have my (work) Gmail connected to Shortwave, which honestly is a fucking Godsend for all the people who insist on continuing to use email. It just makes it so much easier to organize everything.
You can’t do the same thing with Proton (for good reason) but there’s no reason they can’t incorporate those features.
To everyone saying they’ve changed to protonmail, check out https://simplelogin.io/ , owned by proton and free for all paying proton members. Unlimited email aliases so you can have a unique email per service. The apps also on fdroid.
Why would I switch from Firefox relay that gives unlimited aliases at 1/4 of the price?
You dont have to switch but if someone is paying for Proton than they can utilize it for no extra charge
Ooh so if you are already a Proton Other Things subscriber you get the unlimited alias version for free? Because that’s an excellent reason.
They should make that more clear in the pricing page.
Thanks!
Yeah I wish they advertised that because it’s an excellent deal. I don’t know if the free Simplelogin Premium applies to all levels of subscription plans but Unlimited for sure has it. Been using it and it’s amazing, it allows you to add PGP encryption through protonmail and simplelogin.
I didn’t try Proton’s solution, but free Relay was blocked at some services I tried to use it. It was so weirdly specific since no one really knows about them, so I guess some web admins has enough time on their hands to create a whitelist of all mail services they support, and moz.com wasn’t there.
I just had a company refuse to send to mozmail.com, thought they managed to charge the credit card just fine and the email address didn’t throw an error on sign up. Figured it out on phone with support so they have a record of exactly why they lost that sale worth a few thousand dollars. I’d like to think they’ll learn but more likely the only lesson learned was me re: shopping there.
There are github repositories where people curate a list of domains providing temporary emails or email aliases and admins can just point to the maintained list to block.
In the ~20 I’ve created so far I’ve had 2 services that wouldn’t accept simple login. For those I’ve used proton mail’s built in email alias service where you get 15 aliases with their proper domain.
I’m just finishing up that transition myself and glad to hear I made a good choice!
Same, using Proton mail and I am now blissfully Google free. Something else I found the holidays good for is finding out all the old accounts I have floating out there from sites that I interacted with over the years so I can cancel them or change the email if i decide to keep them. But, no more Google! Next on my list is Amazon.
I’m in the (gradual) process of switching all my stuff from Gmail and Google to Proton mail. I really like the mail client and Proton Drive works better on my computers than Google Drive did, but Proton Drive doesn’t back up my phone yet and I wish they had an office suite like Google does. I don’t put anything important or private on Google docs, but it’s useful to be able to access my textbook notes from any of my computers. I haven’t used the password manager because I’m using Bitwarden, which I really like.
They just released photo backups on android
I missed that update! This is great news!
I want Proton Drive support on Linux.
It’s currently completely useless to me, unfortunately.
Rclone supports proton
Indeed, but rclone is a CLI tool (with a web interface available, which I found to be a really clunky way to do things). I tried using Celeste, which uses the rclone backend, but it never finished backing up my documents folder.
The CLI process was pretty smooth for me, and afterward just works. I mean no offense when I say I didn’t expect a Linux user to balk at using CLI. A GUI would be nice, I suppose, but I like the way rclone works for me.
Fine, you got me, I’ll give the CLI a solid. :P
As a software developer, I work in CLIs and codebases all day, the last thing I want to do when coming home is more CLIs and code hahah
Same and windows arm too
In the same boat. I currently just forward everything from gmail to ProtonMail and am gradually changing my contact email one at a time. It dawned on me that I receive mails from services I don’t give a damn about, so maybe I should not change those.
Protonmail isn’t great, their deliberately misleading about the encryption. Many consider protonmail to be a honeypot.
Do you have anymore background on that?
https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
https://cldc.org/does-protonmail-snitch/
In addition protonmail do not protect your metadata (from memory), it’s not encrypted in transit.
Protonmail also keep your public and private keys on their servers, it’s PGP however they don’t want the end users to have to manage their own keys. That to me isn’t ideal.
Receiving from another provider you’ll get TLS encryption until it hits protonmail servers but protonmail will then decrypt your email and again encrypt your email using your PGP stored on their servers.
Sending an email from proton to another provider will be encrypted on protonmail servers but that’s where it ends. TLS will take care of the in-transit and again may not be stored securely on the receiving end.
He wrote their instead of they’re, make your judgement.
Well god damn it! Did you have any links to articles about it? Also what would you view to be better then proton.me?
Tuta (in my eyes) is a step in the right direction, using a client like thunderbird or enigmail and managing PGP yourself would be more secure as the message is decrypted by the recipient and not a company owned server.
I appreciate the follow up! I’m looking into Tuta to learn more about it! It just sucks Tuta didn’t come up at all when I was researching solid alternatives to Gmail.
Yeah except I forgot how to login and now I’m burned
The eSafety commissioner, Julie Inman Grant, has proposed cloud and messaging service providers should detect and remove known child abuse material and pro-terror material “where technically feasible” – as well as disrupt and deter new material of that nature.
The eSafety regulator has stressed in an associated discussion paper it “does not advocate building in weaknesses or back doors to undermine privacy and security on end-to-end encrypted services”.
I so love these magic wand-waving legislators. “Spy on your users and control what they do on your encrypted platform, but in a way that doesn’t break encryption or violate privacy…”
deleted by creator
We need a robust democracy with strong regulation, not a lack of structure in our society.
deleted by creator
Debatable
deleted by creator
You can debate anything if you’re stupid enough.
deleted by creator
Agreed. Essentially the big reason many people support the idea of a government is simply because it is an effective deferral of responsibility for certain issues. The most effective example is unironically the existence of the government “benefit”.
deleted by creator
Yeah so we have a robust system of checks and balances, strong regulation and systemic processes to discourage corruption. For example, if you are in your role due to a public election or representing a public body and you are found to have taken bribes you have to serve 20 years in prison and lose all entitlements associated with your office including pensions.
deleted by creator
This isn’t a reality, I’m saying the system could work if.
deleted by creator
If a corporation won’t ruin a good thing, you leave it to government to get the job done.
The Australian government would have you believe that we’re in the middle of some kind of CP endemic and everyone needs to suffer for it.
This will catch precisely nobody, as the criminals will immediately move to a different platform, of which there are many.
I host my own mail. If the AFP want to inspect it, they’ll need a warrant.
As an Aussie, Australia has cp problem. Most boomers keep getting arrested here for these stuff. Keep you child away from anyone above the age of 60+ as most of these guys getting arrested are around the age and are registered pedo
Edit: going to leave this here for people downvoting. There’s many more cases. Keep your kids away from white 60+ year olds.-
https://news.yahoo.com/australia-worst-pedo-p-hile-194840872.html
as most of these guys getting arrested are around the age and are registered pedo
I think Australia has also another problem: they are registered pedo, so I suppose they are guilty of at least a past offense, why on earth should they be able to be outside a jail ?
deleted by creator
But only those within the family.
Attacks by strangers are rare (10% or so), so leave your child with a stranger wherever possible.
This is the best summary I could come up with:
The eSafety regulator has stressed in an associated discussion paper it “does not advocate building in weaknesses or back doors to undermine privacy and security on end-to-end encrypted services”.
But privacy and security groups argue the draft standards, as written, could allow the eSafety commissioner to force companies to compromise encryption to comply.
Andy Yen, the founder and chief executive of Proton, told Guardian Australia the proposed standards “would force online services, no matter whether they are end-to-end encrypted or not, to access, collect, and read their users’ private conversations”.
“These proposals could not only force companies to bypass their own encryption, but could put businesses and citizens at risk while doing little to protect people from the online harms they are intended to address,” he said.
A spokesperson for the eSafety commissioner said Inman Grant welcomed feedback on the draft standards – including on the technical feasibility exception.
“Having mandatory and enforceable codes in place, which put the onus back on industry to take meaningful action against the worst-of-the-worst content appearing on their products and services, is a tremendously important online safety milestone,” Inman Grant said.
The original article contains 468 words, the summary contains 187 words. Saved 60%. I’m a bot and I’m open source!
The eSafety regulator has stressed in an associated discussion paper it “does not advocate building in weaknesses or back doors to undermine privacy and security on end-to-end encrypted services”.
Just straight up lying with that one.
Technically maybe, but not necessarily. This is tactic that executives use all the time to force their employees to do illegal, or unethical actions, without ever telling them to.
For example, Wells Fargo executives didn’t tell their bank employees to commit fraud, but they set their sales targets such that the ONLY way to reasonably achieve them was to defraud their customers.
However, I didn’t read the actual white paper, so maybe it does explicitly say backdoors need to be built.
Hey inman grant if you ever see this, fuck you
We know your acting intentionally obtuse
Good. I fully support them. Fuck this shit
Organisations and groups who want to protect privacy should come up with ways themselves on how to protect their services from certain activities.
You mean like implementing strong data privacy measures and fighting regulators to protect them? That sounds like a good idea to me. If you’re interested, that is what the article is about.
No, I mean that they should think of own measurements against illegal media and communication.
You can’t have both privacy and protection from illegal media and communication.
But didn’t proton give up some information to like the Finnish government or something like that a couple years back? Like I mean what they’re doing now is good, but what about that other thing that happened?
They follow Swiss law. The Swiss govt had a legal warrant and they only provided legally required informationafter that.
It’s not anarchic. They still have to abide by the law of their jurisdiction.
They gave up information to the Swiss government after they got a warrant, and due to the way Proton works, they were only able to give them the IP address so they could arrest the person, who was also Swiss. They didn’t compromise security, because they can’t.
They don’t respond to demands from other governments, and the Swiss government haven’t cooperated with other governments either, so far as anyone knows. In the end, there isn’t really anything the Australian government can do to them if they refuse to create a backdoor for them.