Recent searches
Search options
It's bizarre watching people realize slowly, in real time, that tech companies do not, in fact, have their backs.
They never did. They only pretended to because it was fashionable.
They would kill you and your entire family if it made their growth in profits increase by 0.1% this quarter, and they'd do it with a song in their hearts.
And they would do so without fear of prosecution, because they've basically bought out the entire political system through lobbying and can blatantly bribe Supreme Court Justices without consequence.
Why would they be incentivized to actually protect your privacy? Especially when your data is so valuable for growing their profits?
To a lot of business types, encryption isn't a question about privacy. It's about access controls. And they implicitly believe they get access.
So, too, will their buddies in the government.
You cannot, and should not, expect billionaires to have your backs. They don't give a fuck about you. They never will. Don't believe them.
Today we heard the US government is planning to invest half a trillion dollars into an "AI Infrastructure" project.
Hey, didn't @matthew_d_green just write about this topic?
https://blog.cryptographyengineering.com/2025/01/17/lets-talk-about-ai-and-end-to-end-encryption/
Now, despite all the things we call "oracles" in cryptography, none of us can see the future. This is just the totally foreseeable consequences of the system as it existed yesterday.
I'd like to share a few thoughts on this matter.
The people should absolutely learn to break AI systems. I feel that this will become crucial to online privacy in the coming years.
But I also implore you to keep AI 0days secret. Don't disclose them publicly--especially to AI companies!
Feel free to share them privately with your friends (over E2EE chats) and only use them if they can help people.
And, to be clear, this is coming from Mr. "I drop 0day on my furry blog" himself.
If the client's plaintext is sent to the AI before encryption, then there can be no talk of end-to-end encryption. This creates a similar threat to the presence of keyloggers and sniffers, making the client environment vulnerable.
Thus, the question of whether AI will pose a threat to end-to-end encryption is irrelevant, as end-to-end encryption does not address the issue of malware. Other protective measures must be employed to deal with this threat model.
@Seyd @soatok @matthew_d_green The answer is really simple: that "AI" is smoke and mirrors garbage. Yet another instance of fascists intentionally making the world worse in hopes they can profit from it. The sooner the bubble pops the sooner we can put this gratuitous threat behind us.
The issue of privacy is much deeper, and AI doesn't fundamentally change anything here. Even without AI, you can't be sure about the security of your phone. The software has grown to enormous sizes, and auditing tens of gigabytes is difficult. Users can install additional software, and there are many specialized processors in phones that can affect privacy.
Cybercriminals sell infected devices on marketplaces. Often, manufacturers themselves install firmware with malware on devices.
https://iz.ru/1823322/dmitrii-bulgakov/nanesti-zarazenie-kak-tehnika-s-marketpleisov-stanovitsa-istocnikom-virusov
https://www.wired.com/story/android-tv-streaming-boxes-china-backdoor/
AI is just another ingredient in this complex issue.
@Seyd The issue I'm talking about is not the whole of privacy and malicious user devices, but specifically the supposed demand for AI having access to private user data and that being used as an excuse for client-side backdoors bypassing e2ee.
That excuse goes away when the AI scam does.
By the way, my avatar was created by AI, and this message was also translated by AI. Has this knowledge changed your attitude towards the drawing and the text?
@Seyd It's changed my attitude towards you.