Privacy

29883 readers

759 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

-8

Death of encryption - the real agenda behind Copilot & Recall? (youtu.be)

submitted 3 weeks ago by [email protected] to c/[email protected]

15 comments fedilink hide all child comments

I know people have mixed opinions on Braxman but I don't see any huge leaps in logic here tbh... Thoughts?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 17 points 3 weeks ago (2 children)

3 letter agencies, governments in general and data hungry companies will continue searching for a way to bypass encryption. And just a reminder: direct access to the system (remote or physical) bypasses all kinds of encryption unless it's protected separately. Backdoors and kernel level anti-cheats ftw

[–] [email protected] 5 points 3 weeks ago (3 children)

Physical access trumps all.

[–] [email protected] 3 points 3 weeks ago (1 children)

Physical access like an NPU chip fixed onto your motherboard?

[–] [email protected] 2 points 3 weeks ago (1 children)

Sure, anything with direct bus access to unencrypted data.... that'll do it

[–] [email protected] 2 points 3 weeks ago (1 children)

I didn't mean that. I meant if the hacker has access to the administrator (or just user in case with E2EE messengers) account, they can see and download anything, no matter how encrypted it is. The chips can do stuff as well but idk any proof of that tbh

[–] [email protected] 1 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Sure, side channel leakage if you can run locally.

Honestly, most machines have enough cores, that you could pin a process to a specific core giving it independent cache, and work around a lot of these side channel attacks. So you're encrypted end to end messenger would get an exclusive core. Kind of like how we do VM pinning nowadays

[–] [email protected] 2 points 3 weeks ago (1 children)

What?

[–] [email protected] 1 points 3 weeks ago (1 children)

Bone apple tea. Fixed

[–] [email protected] 2 points 3 weeks ago

Sus

[–] [email protected] 3 points 3 weeks ago

Not really? If disks are encrypted good luck getting anything out of it. A remote access to a running machine? It's all laid there.

[–] [email protected] 3 points 3 weeks ago* (last edited 3 weeks ago)

Eh, kind of. Remote Desktop with an admin account would be more useful than physical access to a locked computer. Because if Bitlocker is enabled, then all that matters is that you can sign into the computer. Use strong passwords, don’t open RDP to the WAN, lock your workstations when walking away, etc…

Even cloning the drive to crack later (historically, this was a popular choice if you had physical access) is pretty useless if you don’t have a user’s password.