Germany Passing Law to Allow Intelligence Services to Spy on People Even if Innocent

since no news sites are mentioning this (weird & creepy)… i thought i would post it here:

https://www.ccc.de/en/updates/2021/offener-brief-alle-gegen-noch-mehr-staatstrojaner

ill leave it to the reader if they want to exclude germany from their list of possible exit nodes on tor or not (configurable via the torrc file)

This is crazy. I hope other countries won’t follow.

I’m using several services from German providers (mail, cloud, IM…), nothing illegal of course, but still don’t like this. The only good thing is - if you use trusted clients (with E2EE), there is not so much they can do. As I understood, this law will allow them to force providers to send malicious apps to clients, i.e. with backdoor or weak encryption, without court order. Meaning they could target anyone they want. It’s kind of Stasi 2.0

I doubt I’ll change my mail provider (since I’m not using own domain), but I think I’ll skip German providers in future

It’s a lot easier to compromise the endpoints in end-to-end-encryption than breaking the encryption itself while in transit. If they can send and possibly install malware remotely it can render the whole encryption useless. If you are on a group chat and only one of the devices gets compromised, then it’s ruined for everyone too.

So this is terrible news, because of the technical implications but also unprecedented legal consequences. This will come to stay as people will come to accept it as normal just like it has in other countries already.

1 Like

I guess we really need an extention of the GDPR to protect us from these ridicolous propositions.

3 Likes