The Council of the European Union has released this
Draft in which they call for what is effectively a ban
on End-to-End Encryption (E2EE). The document itself is unsurprisingly vague,
but if you follow the parallel document about "Exceptional
Access" you'll see a bunch of proposed solutions, all of which require the
interception of your private communications.
As it is to be expected, the documents pinky swears that this is the only way
that terrorists and child predators will be stopped.
There are several reasons why this is a stupid idea. Today's post will briefly
detail the main two.
First, this is technically impossible. The entire point of E2EE is that no one
(not you, not me, not the NSA) can decrypt their content without the right key.
And yet, the proposal that
has been passed around in the last years is the idea of a "master key", a key
that only authorities have and that would be "carefully" used by the authorities
to legally decrypt content between two parties that they consider suspicious.
So let's assume that WhatsApp implements this idea. They now have a single key
that only the EU can access. Well, two keys - Australia has legally mandated
they need their own. And China will need one too. The US wouldn't need one,
simply because some of WhatsApp servers are in the USA and therefore the NSA can
use a National Security Letter to
force WhatsApp to reveal the other keys while forbidding everyone to talk about this.
As you can see, the "one single key" idea is flawed from the very beginning.
And then there are the hackers: if it comes out that there is a secret key
that breaks WhatsApp's encryption, it is now a race between WhatsApp's
engineers to keep it safe against every single government in the world trying
to break it.
The second main point is: if you ban secure communications, then only criminals
will have access to secure communications. We already have unbreakable
encryption and it is trivial for any criminal organization to deploy their own.
So they are not the ones whose communications will get intercepted. The only
wiretapped ones will be us, the law-abiding citizens. Instead of keeping us
safe from criminals, the Council of the European Union is delivering us into the
data collection efforts of the NSA and friends.
A call for action
Do you remember when the European Unions imposed
sanctions against the NSA for their illegal data collection? Me
neither, because that didn't happen. And I don't see why this time it would be
any different. Well, there is that one time when Angela Merkel told Obama that
she was angry he wiretapped her phone.
I'm sure he felt really bad about that. But my point is: I wouldn't expect
our politicians to stand up for our privacy, in particular when they are the
ones creating the problem to begin with.
We have once again a proposal that will not stop any criminals,
is technically impossible, and that is being written without asking anyone who
knows what they are talking about. If you are in the EU I ask you to contact
your representatives - I am not aware at the time of any movement against this,
but I bet at least the Pirate Party will
have something to say (edit Nov. 25: they do). The tech industry already lost the DRM fight (as
exemplified by the ongoing youtube-dl saga) and
the fight against Article 13.
And there are lobbying efforts underway to
bring software patents to Europe.
Don't let your privacy go away too.
- Whenever someone swears that they can keep the "master key" secret, remind
them of that time the secret NSA luggage keys
ended up in the Washington Post.
- A Hacker News thread with
more than 650+ comments discussing several other points
with much more details.
In today's weekend posting, two recommendations about things that are not free
(which is a first) and a rant (which is very much in brand for this blog).
Drawing faces with JLJ
On a previous blog entry I complained that it's very
difficult to find a good drawing tutorial because many, many teachers will
suggest something as useless as "do whatever comes natural". So imagine my
surprise when I found a course on drawing faces that makes none of those
The course in question is titled "How to draw a portrait" and is taught by an
illustrator from Florida called Joshua L
Johnson. The course guides you through the
steps of framing your drawing, identifying the main features, refining the
details and, finally, adding shadows. The course can be found on Skillshare
following this link.
I like this course for a couple reasons. First, each step is actionable: when
he wants you to draw an eye, he explains that a generic eye is composed of 7
segments and explains where to place each one. Second, the workflow itself is
designed in a smart way, first delimiting "areas" of work and then refining them
step by step. The course ends with a 40 minutes, real-time lesson on how to draw
a specific face from beginning to end which I found really helpful. So if your
faces are as bad as mine, you should consider taking a look.
Solutions and other problems
It is hard for me to express to you how ridiculously funny Allie Brosh is.
Her blog Hyperbole and a half is
the only website I can remember where I had to stop reading for minutes at a
time because I couldn't stop laughing.
Some of the most well-known entries are probably This is why I'll never be an
adult which gave rise to the "all the things" meme, and the creation of the Alot.
Unsurprisingly, her first book collecting some of these stories ended up
being a New York Times best-seller.
Perhaps more well-known are her two posts on depression (part 1,
part 2) where
she manages to put in words the feelings of thousands of people. I have seen
an actual therapist recommend these posts to people, and the almost 10K
collective comments in those entries alone seem to agree.
And the reason I am bringing up these two sides of her blog is because I
recently read her second
book, and let me tell
you, it is a roller coaster: it is funny, it is sad, and sometimes it's both at
the same time. It is the best thing I read all year, and I think everyone should
do the same. To say that I recommend it would be an understatement. It would be
more accurate for you to imagine me grabbing you by your clothes while yelling
"READ THIS BOOK".
Disclaim all of the things
I didn't want to leave this post as it is without complaining about how
difficult it is to make an honest recommendation on the internet.
I have a subscription to Skillshare because I like the quality of their courses,
but I am really, really annoyed at their marketing showing up everywhere. With
so many youtubers doing paid promotions for courses they don't care about, I
feel slightly dirty making a recommendation just like them, even if no one is
paying me for doing it.
I thought for a second about pointing you to a free mirror, but that would be
unfair to the course's creator.
Similarly, someone on Allie Brosh's publishing team had the brilliant idea of
creating fake Reddit accounts and using them to market the book. People like
them make it impossible for me to recommend almost anything in good conscience.
I have decided to make an exception for this specific book, but I don't see that
happening again anytime soon.
There was once an article about Jim Davis, creator of Garfield, in which
he recognizes the recipe of his success. The trick, it seems, was to make
Garfield as inoffensive as possible. No matter what you believe, no matter how
delicate your sensitivities are, you can always read Garfield without feeling
hurt or offended. Comedians might object that a lot of humor boils down to
ridiculing something, so it's worth asking: if Garfield does not offend anyone,
how does it manage to keep being funny? The answer should be obvious to
Garfield's readers: it doesn't. Because Garfield is not funny.
The reasoning is pretty interesting: Jim Davis' goal was not to be the next
greatest American cartoonist, nor to push the boundaries of comic strips as an
art form (that would be Bill Watterson).
His goal was to make money, and boy did he succeed at that. By being a
recognizable, bland, perfectly formulaic icon, Garfield can be adopted by any
company or product willing to pay for it. The key, said Davis in this interview,
was to make the strip as plain and predictable as possible. "Oh, look,", says
the reader, "Garfield is mad because it's Monday". Cue the sound of crickets.
The same, I'm afraid, has happened to Dilbert some time ago. And while it pained
me to stop reading after so many years, I've read enough to understand that the
Dilbert I liked is gone, replaced by that which he was intended to criticize.
Including the archives, I read about 27 years worth of strips, so it was not a
decision I took lightly. That was about 4 years ago, and I haven't regretted
For those who might feel like me, and as a service to the community, I give you
the one and only strip you will ever need from now on. It is the culmination of
years of Dilbert, and nothing you read in the actual strip will be better than
this in the foreseeable future.
Now, in all fairness, congratulations to Scott Adams: he has managed to
secure Dilbert in the mind of the public, and he made a lot of money out of
it. It was sad to see the old Dilbert go
away, but then again, I don't have an animated series nor an (forever in
production) upcoming movie to my credit. Having said that, I can only wonder how
much more he could have produced if he hadn't rested on his laurels: his
Wikipedia achievements have almost entirely peaked around 2010, and he seems to
spend most of his time nowadays writing about what an amazing president Donald
Trump is. While this is speculation on my part, I believe this might be why his
blog is no longer featured on the Dilbert homepage.
I can see why he doesn't need to come with new ideas for Dilbert strips. After
all, he has enough money to do whatever he wants. I just wish "make Dilbert
funny again" was one of those things he cared about.