Jump to content

A new era of mass surveillance

Darmodret

Link 1: https://www.eff.org/de/deeplinks/2024/08/un-general-assembly-and-fight-against-cybercrime-treaty

Link 2 (translated with google translate): https://dnip-ch.translate.goog/2024/09/02/die-uno-staatengemeinschaft-hat-ein-globales-ueberwachungsregime-ausgehandelt-doch-es-haette-noch-schlimmer-kommen-koennen/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=de&_x_tr_pto=wapp

 

Direct Quote from the first link:
"A striking pattern throughout the Convention as adopted is the leeway that it gives to states to decide whether or not to require human rights safeguards; almost all of the details of how human rights protections are implemented is left up to national law. For example, the scope and definition of many offenses “may" or may not include certain protective elements. In addition, states are not required to decline requests from other states to help investigate acts that are not crimes under their domestic law; they can choose to cooperate with those requests instead. Nor does the treaty obligates states to carefully scrutinize surveillance requests to ensure they are not pretextually attempts at persecution. This pattern continues. For example, definitions of core cybercrimes—that have in the past swept in good faith security research, whistleblowers, and journalistic activities—let states choose whether specific elements must be included before an act will be considered a crime, for example that the offense was done with dishonest intent or that it caused serious harm. Sadly, these elements are optional, not required.".


Well... I don't even know what to say anymore.... What did Woody Allen once say? "I believe there is something out there watching us. Unfortunately, it's the government." Well... it's definitely worse than anybody could have imagined

 

Here is a question that i am currently unable to answer: Could the treaty’s provisions potentially be used to justify the criminalization of activities associated with VPNs or other privacy tools? The entire text is rather open to interpretation - which is very concerning.

Link to comment
Share on other sites

Link to post
Share on other sites

vpn are bs and there there to "say" we dont collect data but they do and some point will sell it. besides the goverment has backdoors in to all tunnals the vpn would use anyway. that and all info gose thow the isp witch they do also sell your data.

 

dont want data dont go on the net.

I have dyslexia plz be kind to me. dont like my post dont read it or respond thx

also i edit post alot because you no why...

Thrasher_565 hub links build logs

Corsair Lian Li Bykski Barrow thermaltake nzxt aquacomputer 5v argb pin out guide + argb info

5v device to 12v mb header

Odds and Sods Argb Rgb Links

 

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, thrasher_565 said:

vpn are bs

not really. Certainly some are, but others really do seem like they are on the up and up and just in it for the straight cash from their users
 

1 hour ago, thrasher_565 said:

"say" we dont collect data but they do

There are easily understandable ways for them to genuinely collect no data

 

1 hour ago, thrasher_565 said:

besides the goverment has backdoors in to all tunnals the vpn would use anyway

Bold claim. On the one hand, yeah, NSA/Unit 8200 probably have the capability to penetrate the systems of most VPN services, but they can't just hang out in there, that's a fast way to get caught. However, the tunnels themselves? No. Those are literally math and cold hard numbers mean that cracking encryption on a tunnel would take a monumental amount of time
 

1 hour ago, thrasher_565 said:

all info gose thow the isp witch they do also sell your data.

This is again an encryption thing. When connected to a VPN, yes, the ISP can see your traffic. But all they can really tell is that your computer is talking to a VPN. They cannot see where that traffic goes after it dives into the VPN's servers. They can't even see the URLs you're visiting. 
 

1 hour ago, thrasher_565 said:

dont want data dont go on the net.

Or, and stay with me, or we can agitate and advocate for legal protections.

5950X/4090FE primary rig  |  1920X/1070Ti Unraid for dockers  |  200TB TrueNAS w/ 1:1 backup

Link to comment
Share on other sites

Link to post
Share on other sites

Summarized OP's link:

  • A new UN Cybercrime Convention has been negotiated, which raises significant concerns from human rights organizations and the tech community about its potential to enable surveillance and censorship by authoritarian regimes.
  • The convention was initiated by Russia, China, and other authoritarian states, raising suspicions about their motivations from the start. Many liberal democracies, including Switzerland, initially opposed it.
  • Despite efforts by democratic countries like Switzerland to enshrine human rights protections, the final text is seen as a problematic compromise that grants broad surveillance powers to all UN member states, regardless of their respect for human rights and the rule of law.
  • Key criticisms include the lack of robust safeguards, the potential to undermine encryption and anonymity, and the risks of dissidents, activists, and journalists being extradited to authoritarian states under the guise of fighting cybercrime.
  • Microsoft and other tech companies have strongly condemned the convention, arguing it goes far beyond addressing cybercrime and could undermine global cybersecurity.
  • The comparison to the 2001 Budapest Convention of the Council of Europe is seen as flawed, as the UN convention applies to a much more diverse set of countries with varying human rights records.
  • Switzerland and other democratic countries managed to include some protective clauses, but their effectiveness in practice is uncertain, especially against determined efforts by authoritarian states.
  • There are concerns the convention could provide a pretext for expanding surveillance powers and undermining privacy protections in democratic countries like Switzerland as well.
  • The lack of public attention and awareness around this issue has enabled authoritarian states to push through this convention largely unnoticed by Western democracies.
  • Overall, the document paints a picture of a missed opportunity to establish robust global norms for cybersecurity and human rights, with authoritarian states exploiting the inattention of liberal democracies.

Time saved reading: 10min

 

3 hours ago, Darmodret said:

Here is a question that i am currently unable to answer: Could the treaty’s provisions potentially be used to justify the criminalization of activities associated with VPNs or other privacy tools? The entire text is rather open to interpretation - which is very concerning.

I guess that's pretty scary, if they can prosecute for encrypted traffic, you can't really just un-encrypt the internet, there will always be another protocol, another endpoint. Journalists in an authoritarian state have a reverse proxy setup. How do you even detect a reverse proxy that uses rotating ip addresses disguised as legitimate websites using SSL. They get caught after collating traffic patterns from many users, likely one that has already been caught by it's endpoint. Tips for those journalists in punishable authoritarian states, don't get caught and have your own rotating collection of IP's, unique to you.

 

I don't have an answer for your question as yes it's rather open to interpretation but i have provided what is already going on in these authoritarian states, these journalists already get prosecuted. It appears that channels are been opened that may allow say an authoritarian states to actively collect data hosted outside their borders with legal cooperation (or coercion). I just don't want them to prosecute other people outside of their borders. Now I say just with a lot of precaution, because every time its just a next step to global surveillance.

 

As for legitimate VPN *aaS they already have your contact details and will comply with government requests. The anonymous ones, I feel they are a honeypot and an invitation to be monitored.

 

As for non-authoritarian states we do a good job catching cyber-criminals, these laws aren't needed and extradition can be worked out if they really are a cyber-criminal. I don't see why this was ever on the negotiation table to begin with, darn authoritarian states. You've opened up a can of worms. Think of what Julian Assange went though for 7 years, don't let it be meaningless. They were government documents everyone had the right to see. The government shouldn't be some protected entity immune from the worlds eyes.

The Hermit Build | AM5 1U Uzi Server

Qualifications | Adv Dip Computer Engineering  |  CCNA  |  ITIL  |  macOS Support Essentials  |  Security + |  Internal Cabling License  |  SAA-C03  |  RHCSA (studying)

Jobs | Level 2 Support full admin AD  |  IBM Server Build Technician  |  Various IT consulting work

Link to comment
Share on other sites

Link to post
Share on other sites

TL;DR:  If you expect any simple software to protect you from government surveilance?

You're delusional.  Ain't gonna happen.  

Link to comment
Share on other sites

Link to post
Share on other sites

This current conversation has nothing to do with the links that I have provided for you guys to read. This topic is way too important to simply dismiss. Therefore, please read the links. Thank you and wishing all of you a wonderful weekend - even though we might all lose any and all rights to privacy.

 

@Nuzicx, thx for reading the articles 🙂

Link to comment
Share on other sites

Link to post
Share on other sites

I don't see any news here. The countries pushing this (and some neutral or "opposed" to it) are already doing everything this would allow them to do, or worse, anyway.

 

Who really cares if the UN says it's ok, or not. Will that really affect what FVEY, the Warsaw Pact countries, or anyone else are doing with internet or citizen surveillance and censorship? I doubt it, considering that what they are already doing (yes, including the USA) is significantly worse than anything this would technically allow.

Data privacy is more a matter of class warfare than personal privacy.

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×