This is the business case for encryption. Not being able read the private communications of your users makes you immune to a lot of hassle such as this.
> Not being able read the private communications of your users makes you immune to a lot of hassle such as this.
That trick won't work in the US. The government will come knocking and force to either backdoor your system so they can read what they want or you can refuse and shut down your service and still possibly end up in trouble. (see for example https://en.wikipedia.org/wiki/Lavabit)
It will protect your company against copyright trolls and DMCA notices, but that's about it.
> Meanwhile Signal, WhatsApp, Snapchat, and FB Messenger amongst other US based apps all exist in opposition to your belief.
I can't really speak to snapchat. I mostly forgot that they even exist (although i did notice this: https://www.bbc.com/news/world-europe-68056421.amp) but I'm pretty sure the government is balls deep in everything facebook and I strongly suspect that signal has been compromised for a long time now. At least ever since they started collecting and permanently keeping user's data in the cloud. I take the fact that the very first line of their privacy policy is a lie to be a giant dead canary. There have been multiple requests for them to update their privacy policy to reflect the data they are collecting but they refuse.
Instead, signal seems to have done everything they could to warn people away without saying as much directly. They introduced crypto features nobody asked for, killed off the single most popular feature they had (the ability to get secure and unsecured messages in a single application) and then of course insisted on collecting data on users and storing it insecure ways which drew criticism from experts (https://www.vice.com/en/article/pkyzek/signal-new-pin-featur...) and users (https://community.signalusers.org/t/proper-secure-value-secu...) all while being extremely misleading and evasive in their communication to the public (https://old.reddit.com/r/signal/comments/htmzrr/psa_disablin...). Maybe they've done the best they can do to warn people while under a gag order.
If signal hasn't been compromised we'd have to accept that they're marketing their service to protestors, whistleblowers, and civil rights activists - people whose freedom and/or lives are often at risk - while also lying to them about the risks of using their product by not disclosing the data collection in their policies and by their misleading communication. I'm constantly running into signal users who have no idea at all that signal is keeping any data in the cloud. Until it was pointed out to them, they believed the lie that that no data is ever collected, and that's pretty damning. Any secure communications tool that advertises itself to such vulnerable people should, at a minimum, be making it extremely clear exactly what data is being collected and how so that users can make informed choices.
Good. I'm glad. It was getting ridiculous. My wife and I are gamers. It's what we do to relax we'll often stream a movie or TV show through discord and watch together while tooling around in a game. There was a constant battle with automated copy protection that would work on some sites / shows and not others. We started doing this a lot with friends during the pandemic and having movie nights and watching stuff as a group. It's no different than sitting on my couch with friends.
IDK how much E2EE from discord will help, not only because the DMCA requests are targeted at text links not covered by AV E2EE, but also because in my experience it's less about streams detecting content, and more often content detecting being streamed. Amazon is particularly cagey about this. Playback is copy protected via widevine etc, and gets spooked even by legitimate use cases such as trying to AirPlay a browser window on my laptop to an apple TV across the room. The browser seems to be able to detect and pass on information about whether the screen is being mirrored, cast, etc. I would expect that whatever system utils discord's screen capture service hooks into would snitch to the browser, with little possible recourse by discord (short of doing something dropbox-like where they roll their own screen scrapers but try to pass it off as a normal system util [0]).
Honorable mention to HDCP cabling, wherein two copy-protection-compliant (lol) devices might purposefully refuse playback when a cable manufacturer has failed to pay an annual ransom to Intel [1].
Funny enough, that link about dropbox fuckery was entirely unsurfaced when I tried to search "dropbox imitate system dialog" on google, which said there were 10 pages of results on page 1, but then quit halfway down page 2. Russian search service Yandex returned the HN discussion as the first result for the same query. What a world when the best way to find uncensored content in America is to ask the freakin Russians.
It's just a specific case where Discord refused to comply with a second subpoena from a particular Korean company. The article's title makes it sound like a general thing.
It looks like the court could come back to compel Discord. So what Discord has really done is made it more expensive for this other company to do what they may do anyways.
This is the business case for encryption. Not being able read the private communications of your users makes you immune to a lot of hassle such as this.
Not a coincidence. https://support.discord.com/hc/en-us/articles/25968222946071...
> Not being able read the private communications of your users makes you immune to a lot of hassle such as this.
That trick won't work in the US. The government will come knocking and force to either backdoor your system so they can read what they want or you can refuse and shut down your service and still possibly end up in trouble. (see for example https://en.wikipedia.org/wiki/Lavabit)
It will protect your company against copyright trolls and DMCA notices, but that's about it.
Lavabit was able to be compelled because they weren’t E2E.
Meanwhile Signal, WhatsApp, Snapchat, and FB Messenger amongst other US based apps all exist in opposition to your belief.
> Meanwhile Signal, WhatsApp, Snapchat, and FB Messenger amongst other US based apps all exist in opposition to your belief.
I can't really speak to snapchat. I mostly forgot that they even exist (although i did notice this: https://www.bbc.com/news/world-europe-68056421.amp) but I'm pretty sure the government is balls deep in everything facebook and I strongly suspect that signal has been compromised for a long time now. At least ever since they started collecting and permanently keeping user's data in the cloud. I take the fact that the very first line of their privacy policy is a lie to be a giant dead canary. There have been multiple requests for them to update their privacy policy to reflect the data they are collecting but they refuse.
Instead, signal seems to have done everything they could to warn people away without saying as much directly. They introduced crypto features nobody asked for, killed off the single most popular feature they had (the ability to get secure and unsecured messages in a single application) and then of course insisted on collecting data on users and storing it insecure ways which drew criticism from experts (https://www.vice.com/en/article/pkyzek/signal-new-pin-featur...) and users (https://community.signalusers.org/t/proper-secure-value-secu...) all while being extremely misleading and evasive in their communication to the public (https://old.reddit.com/r/signal/comments/htmzrr/psa_disablin...). Maybe they've done the best they can do to warn people while under a gag order.
If signal hasn't been compromised we'd have to accept that they're marketing their service to protestors, whistleblowers, and civil rights activists - people whose freedom and/or lives are often at risk - while also lying to them about the risks of using their product by not disclosing the data collection in their policies and by their misleading communication. I'm constantly running into signal users who have no idea at all that signal is keeping any data in the cloud. Until it was pointed out to them, they believed the lie that that no data is ever collected, and that's pretty damning. Any secure communications tool that advertises itself to such vulnerable people should, at a minimum, be making it extremely clear exactly what data is being collected and how so that users can make informed choices.
I don't like it, but it's still a solution to dmca notices
Good. I'm glad. It was getting ridiculous. My wife and I are gamers. It's what we do to relax we'll often stream a movie or TV show through discord and watch together while tooling around in a game. There was a constant battle with automated copy protection that would work on some sites / shows and not others. We started doing this a lot with friends during the pandemic and having movie nights and watching stuff as a group. It's no different than sitting on my couch with friends.
This never happened to me and I similarly watched several shows with friends in this manner.
What does it look like when they detect copyright material? Do you just get disconnected?
IDK how much E2EE from discord will help, not only because the DMCA requests are targeted at text links not covered by AV E2EE, but also because in my experience it's less about streams detecting content, and more often content detecting being streamed. Amazon is particularly cagey about this. Playback is copy protected via widevine etc, and gets spooked even by legitimate use cases such as trying to AirPlay a browser window on my laptop to an apple TV across the room. The browser seems to be able to detect and pass on information about whether the screen is being mirrored, cast, etc. I would expect that whatever system utils discord's screen capture service hooks into would snitch to the browser, with little possible recourse by discord (short of doing something dropbox-like where they roll their own screen scrapers but try to pass it off as a normal system util [0]).
Honorable mention to HDCP cabling, wherein two copy-protection-compliant (lol) devices might purposefully refuse playback when a cable manufacturer has failed to pay an annual ransom to Intel [1].
[0] https://applehelpwriter.com/2016/07/28/revealing-dropboxs-di...
[1] https://www.cablematters.com/Blog/HDMI/what-is-hdcp-the-comp...
Funny enough, that link about dropbox fuckery was entirely unsurfaced when I tried to search "dropbox imitate system dialog" on google, which said there were 10 pages of results on page 1, but then quit halfway down page 2. Russian search service Yandex returned the HN discussion as the first result for the same query. What a world when the best way to find uncensored content in America is to ask the freakin Russians.
It's just a specific case where Discord refused to comply with a second subpoena from a particular Korean company. The article's title makes it sound like a general thing.
Correct title: Discord Disputes DMCA Subpoena, Rejects Role as ‘Anti-Piracy’ Partner
It looks like the court could come back to compel Discord. So what Discord has really done is made it more expensive for this other company to do what they may do anyways.
The court can't compel discord because it's E2E encrypted now.
According to https://discord.com/blog/meet-dave-e2ee-for-audio-video, the E2EE only covers calls, not messages (or metadata).
So far yes. The TF article didn't make it clear what object type they objected to.