@matthewdgreen.bsky.social
I teach cryptography at Johns Hopkins. https://blog.cryptographyengineering.com
The leader of the CDU caucus has stated that the CDU is now against the proposal, which is a good sign. There will be a vote tomorrow on the positioning of the German government.
netzpolitik.org/2025/eu-uebe...
I hear that the EU ChatControl situation is going better today. I cannot believe how close the EU has gotten to passing this crazy regulation.
07.10.2025 20:20 — 👍 34 🔁 7 💬 4 📌 0Who is “we”?
07.10.2025 14:55 — 👍 2 🔁 0 💬 1 📌 0One where every commenter on the liberal blogs is not a hard-right Bush-era Republican.
07.10.2025 13:49 — 👍 9 🔁 0 💬 1 📌 0
NEW: In May, a Texas police department said they used the powerful Flock surveillance network against a woman who had an abortion "for her safety"
Newly obtained court records show it was a 'death investigation,' and they considered charging her with a crime
www.404media.co/police-said-...
Substack is a bad place.
07.10.2025 13:32 — 👍 104 🔁 14 💬 11 📌 1If AI became quietly superintelligent in 2018 and began reorganizing our world to its purposes, would that look very different than what’s happening today?
05.10.2025 22:46 — 👍 26 🔁 4 💬 7 📌 0Anything is possible to pull off if you’re willing to force someone to redesign their app, and you’re not concerned about security. Just force people to upload the texts to a server before they even get encrypted.
04.10.2025 15:34 — 👍 6 🔁 2 💬 0 📌 0It's too long a story to explain how I know this, but I once found out that the FBI made challenge coins about how they tried to force Apple to break iPhone encryption. Challenge coins celebrating shitty behavior is deeply a part of FBI culture.
03.10.2025 18:21 — 👍 1357 🔁 272 💬 43 📌 14The Xiaofeng Wang search warrant has been unsealed, thanks to @riana.bsky.social. infosec.exchange/@hovav/11531...
04.10.2025 00:00 — 👍 22 🔁 7 💬 0 📌 0We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...
03.10.2025 16:14 — 👍 3920 🔁 2426 💬 40 📌 146Buy me a drink, sing me a song, take me as I am because I can’t stay long?
02.10.2025 12:37 — 👍 1 🔁 0 💬 0 📌 0
As the Trump administration threatens them, liberal nonprofits have been quietly preparing to do everything from surrendering 501(c)(3) status to relocating outside the US.
02.10.2025 10:01 — 👍 835 🔁 339 💬 29 📌 33Doesn’t sound much like what the states require for age verification, but I guess that’s good?
02.10.2025 10:43 — 👍 0 🔁 0 💬 1 📌 0These laws are never ever put to bed. One day you’ll be distracted and they’ll get one through.
02.10.2025 10:42 — 👍 3 🔁 0 💬 0 📌 0They’ve been going after Meta too.
02.10.2025 10:42 — 👍 2 🔁 0 💬 0 📌 0So BlueSky is blocked in Mississippi and requires age verification for “adult content” in SD, WY, OH and the UK. How accurate is their classification of adult content?
02.10.2025 10:41 — 👍 15 🔁 3 💬 7 📌 0“AI expert” to a computer scientist: you’re working on optimizing model architectures and improving backprop.
“AI expert” for real: you’re gluing transformers together with Python and hoping you get better results.
My student pointed me to this paragraph in the Guardian’s “CoverDrop” white paper. Gagh we need more good software engineers to build libraries!
01.10.2025 18:16 — 👍 17 🔁 0 💬 2 📌 0All of them.
01.10.2025 13:57 — 👍 2 🔁 0 💬 0 📌 0Would be a technical nightmare because now you’d have two versions of Apple encryption, where the security changes depending on where in the world you are (ie your IP address.) This is so dangerous that it’s tantamount to a global backdoor, including against US citizens.
01.10.2025 13:53 — 👍 23 🔁 8 💬 2 📌 0A final note: it’s not totally clear what the UK is asking for here, but one theory is: they want access to foreign users who have ADP encryption on, but are on UK soil (for example, foreign diplomats.)
This would be a technical nightmare, but it fits the facts.
What’s worrying here is that the UK government seems absolutely determined to access user private data, no matter the bad press and the consequences. And they’re now willing to do it overtly. Between this and recent moves against encryption in the EU, we’re going to a bad place.
01.10.2025 13:35 — 👍 58 🔁 31 💬 2 📌 0It’s also possible that the UK is asking for a backdoor in Apple’s iMessage text messaging system. That isn’t technically “iCloud” but it’s adjacent enough that I could see it getting presented that way. This would not be the first time the UK gov expressed interest in that.
01.10.2025 13:35 — 👍 13 🔁 0 💬 1 📌 0So “we want a backdoor to access iCloud encryption” could mean access to those password vaults and secure health data. This means Apple would have to disable those features in the UK as well, or deploy new insecure encryption code that could affect users globally.
01.10.2025 13:35 — 👍 15 🔁 0 💬 1 📌 0As to question (1), the article isn’t super clear. But it’s worth pointing out that Apple doesn’t just provide end-to-end encryption for backups through their ADP feature. They also provide end-to-end encrypted backup for health data, web history and passwords, even without ADP.
01.10.2025 13:34 — 👍 14 🔁 1 💬 1 📌 1Second, how is Apple supposed to make a single encryption system that’s secure for US users but not for UK users? This would require that they partition their software globally and have many versions, which seems like a disaster. Are you sure you’re running the “secure” OS?
01.10.2025 13:34 — 👍 14 🔁 2 💬 1 📌 0So here we are again. This time the UK is narrowly targeting their request at UK users only. But this is baffling for two reasons.
First, Apple no longer offers the ADP encrypted backup feature to new UK users, and existing users are being migrated. So what is the UK asking for?
When this fact became public, it drew a huge backlash. Apple announced that it was entirely removing the encrypted backup feature for all UK users. Trump administration figures rebuked the UK government.
01.10.2025 13:34 — 👍 11 🔁 0 💬 1 📌 0
