Recent searches
Search options
Things have been relatively quiet on the “crypto wars” front, which makes me think we’re going to see something dramatic soon. Maybe not here in the US, but probably from another US-allied country.
The question is *what*. Encrypted messaging seems to be proliferating and there are now many alternatives, from Apple, Meta, Signal. Many of those companies have threatened to leave countries that ban it. I have a hard time seeing any US-aligned country wipe that out.
Local device encryption seems to be ubiquitous now. It’s really hard to see a country demanding that phones become unencrypted. There would be huge pushback globally. So again, where is the weak link that governments can push on?
The one place where end-to-end encryption is “weakest”, ie where deployment rates are lowest, is *cloud backup*. This is, coincidentally, one of the best places for governments to obtain data.
So why am I tweeting about this on a Saturday? Because something funny happened recently.
I heard (thirdhand) from a person at Big Company X that they were under pressure to disable end-to-end encryption for cloud backup.
This is a company that has cloud backup E2E encrypted as a default. And so at first I assumed that this was just a business demand — that it was costing the company a lot to keep this service running. But now I’m getting more worried about it. Maybe I’m paranoid.
So maybe it would be good to give a lay of the land on this issue. Here is what I know about fully-E2E backup in major services:
Apple iCloud: available as an opt-in (called ADP)
Google: on for Android backups, if you use Google/Android backup (caveats)
Meta/WhatsApp: available opt-in, sometimes by default (for texts)
I wish I could offer more than a funny feeling. I think the upshot of all of this is that the companies doing “opt in” backup should be pushing harder to make “opt in” into “heavily encouraged” and then into “by default.” The sooner the better.
@matthew_d_green Makes me wonder if gov pressure might be behind some of the constant demands to e.g. turn on google photo cloud sync.
Or if it's just google wanting more data to train their AIs on.
@matthew_d_green yeah idk this seems like a perfectly reasonable and not paranoid perspective. Some folks in my extended community are worried about quantum based decryption of stored data and doing math on just how far back alphabet soup agencies could decrypt given price of storage. We live in interesting times [derogatory]
@matthew_d_green what's the state of the art on deduplication of encrypted backups? backup services rely on a lot of their users uploading copies of the same data
@bob Most use convergent encryption. I don’t know how much it really saves.
a gut feeling from experience is pretty valuable.
FWIW I concur, I'm also very uneasy about cloud backups of sensitive information generally, and I worry that those are large, centrally managed repositories that can be attacked administratively without users necessarily realizing.
@matthew_d_green a recent video by Rob Braxman really hit an important point that all of this massive GenAI/LLM rollout and push will effectively bypass E2EE. These GenAI products are basically the client side scanning that were previously resisted. These products and services are able to scan and access E2EE data and messages. Just like most people can't avoid their email being scanned by Google because so many use Gmail, the same will go for people trying to use E2EE messaging. Message a friend on Signal that has full notification details enabled? The AI will be able to scan that notification card.
It's perhaps a bit conspiratorial but I wouldn't be surprised if three letter agencies are cheering on and supporting this situation behind closed doors. Thus their silence may be in part due to them now having access to this data. No need to push for backdoors when backdoors are now the new hype.
Here's the original video: https://youtu.be/yh1pF1zaauc
@seanm @matthew_d_green reminds me of this meme from like 10 years ago, except now actually worrying in the context of Microsoft recall: "Hey ai model that has everything I've seen on this device indexed for easy search, can you remind me what my friend and I were talking about last Tuesday? Wow this is so convenient"
@seanm How do serious people say this with a straight face? Client-side compromise is not new. This is not particular to AI. It applies to any software running on a device. If a user trusts Apple, Microsoft, or Google to run their OS, they are inherently trusting them to safeguard privacy. That horse has long since bolted. AI adds another layer of complexity, that's it.
@nf3xn @matthew_d_green sure, client side compromise has always been a problem. For example, I believe that's why Signal avoided encrypting the desktop app's data for a long time. Signal was trying to be upfront that they could not protect the data if the host was compromised. Antivirus and other security tools are constantly (or frequently) scanning filesystems and phoning home, too.
Historically, the bogeyman of Apple or Microsoft compromising a system was less attractive at scale. I can't deny that Android and Google products have always had significant surveillance. Windows 11 is a surveillance platform that also happens to be an OS. The scale is much larger now because the entirety of Windows deployments are now fully connected versus the less-connected Windows XP of two decades ago. You can't escape the surveillance if you use Linux or some other platform because the AI is now also scanning the majority of service platforms (e.g., customer support platforms), too. If law enforcement wanted to scan a Windows XP box they'd have to compromise the individual system, as it would be phoning home significantly less telemetry.
I consider GenAI services (and client side scanning tools) to be slightly worse because they are designed to do a "better" job of scanning and "understanding" the content. They are being perversely embedded into everything without consent. Sure, an antivirus can flag filenames and maybe even some file content but it is not their strength to do much beyond that. The GenAI tools are much more capable of making an attempt at classifying images and other generally hard to OCR information then syncing that data to the cloud.
So, the concern and point is more about the change of scale and purpose-fit nature of the new tech compromising endpoints. (Also, how they have essentially pulled a fast one by just renaming the tech) I'm not sure why you would assume that I'd be dismissive or unaware that device compromise is game over. And, to Matthew's original point, these GenAI systems almost entirely connect back to some unencrypted cloud storage and don't respect data privacy of end-users.
@seanm the AI are not actually processing the information on the device themselves, you could argue correctly and point taken that it is better at processing sure but you are already cooked if they have exfilled your messages, like do you trust them or not is my point, as to how they are stored if they were stolen is also moot and highly speculative, like how tf would he know.
@matthew_d_green I use a backup client that encrypts my stuff before backing it up with a cloud provider but I also have some stuff in iCloud. I turned on ADP but will that protect it? I don’t know.
@matthew_d_green It’s not a “funny feeling” - it’s objective reality that the government will slurp down any data they can get their hands on. See: Snowden revelations.
@matthew_d_green I’ve wanted it to be default for such a long time! But from a different angle. Like knowing someone has the Tor browser is a red flag to law enforcement, knowing someone has enabled encrypted cloud backups, or photos, maybe be seen as a red flag, too. It should be the norm, and that means default
@matthew_d_green ADP was one of the first things I turned on when I switched to an iPhone. I feel a lot more comfortable using services with E2EE. Even for things like notes and reminders, it’s nice knowing it’s protected.
@matthew_d_green In an only vaguely related note, my backups are all via Tarsnap, run by Collin Percival (SCRYPT). I used his key-splitting to ensure my external-facing machines have only a "create" key; no attackers can read or delete any backups. My threat model is ransomware or loss of the machine.
@matthew_d_green A perfect time for Autonomi to be opening up their secure p2p storage to the world.
@happyborg @matthew_d_green The whole token earning thing smells too much of crypto bro :/
@fink
I get that, especially since they put their native (non Blockchain) token back and adopted an ERC20 token in the mean time. But the project remains sound.
To be fully decentralised and autonomous though, you need a way to manage value: reward those providing resources and pay the network for storage.
We all know and benefit from this in the fiat economy, but obviously people are shy of this kind of project after all the scams and so on with...
1/2
...cryptocurrencies in recent years.
In time, if the project proves itself useful I expect more will see that. I'm working on a FOSS library and app (for web, rclone backup, Solid Pods) to help.
@happyborg @matthew_d_green Yeah, but "paying" could also be less focused on crypto token stuff :)
Not sure what your definition of 'crypto' is.
I don't know a way of 'paying' that is decentralised, autonomous and doesn't currently involve cryptographically secured money of some kind.
I do not believe a blockchain solution meets the "fully decentralised, autonomous" goal, but that the planned native token could.
But you might regard both as 'crypto', IDK. If you know another solution that meets the goal, I think it would be very interesting.
@happyborg @matthew_d_green My feeling was in the direction of "let's slap some crypto coin on it, as the cool kids do".
My first guess would be something in the direction of I allow the usage of 1 gig, so I can upload 1 gig. If I need more I need to make more space myself. That would not allow something like providing 1 gig now, using nothing, and upload more later. (1/2)
That would require some trusted database, etc. Perhaps a crypto coin is the proper solution, and also makes it easier to understand.
As I said, slapping some crypto currency on it makes a wired feeling... (2/2)
@fink
I assure you that wasn't the reason.
The problem is always, how do you validate this provision (e.g. of 1GB) while meeting other ambitious goals?
One reason it has taken so long is that the goals and require solutions to several tricky problems.
Anyway, it is fine for you to have reservations. Having followed this project I do not expect an solution out of a social discussion and am happy to leave this.
@matthew_d_green
@happyborg @matthew_d_green All good, as I said - just my feeling :)
@matthew_d_green Sounds fishy to me. My approach to AWS cloud backup many years ago included compressing and PGP encrypting an extra copy on GCP in case S3 broke and because we didn’t trust Google.
@matthew_d_green Another possibility here is that it has to do with AI (because AI enshittifies everything). Businesses (are told they) want to feed all the data they have anywhere and everywhere into an LLM, but encrypting data gets in the way, so now a bunch of hyped up business bros come in and demand that data not be encrypted at rest so AI can slurp it up.
(Different kind of paranoid, I know. :-)
@jschauma
Not completely impossible.
@matthew_d_green
There are too many services and categories of data not generally protected by E2EE in cloud backups across the board. Therefore, I would not necessarily fear the existing E2EE to be turned off (there probably aren't many strong reasons for that), but rather it not being enabled for new ones.
@matthew_d_green Oh, how I hope @noybeu reads this. This should be the end of the GDPR viability for US-owned cloud-based services.
@matthew_d_green@ioc.exchange reminds me of when I wanted to configure Velero (basically the only open source kubernetes backup provider) to back up with E2EE. I was flabbergasted. It's not possible. When I looked into implementing it myself, I found out that basically their entire plugin architecture makes this really hard. You'll either have to refactor everything or implement it for every backup store plugin separately. You can, of course still enable encryption on your backup store (usually some S3-compatible storage), then objects would arrive there TLS-encrypted and get immediately reencrypted. Still better than nothing, but it's not E2EE.
But yeah, providers not supporting it is a technical problem that can be solved, governments trying to prohibit it is the bigger problem here.