This will probably be my last direct post to Twitter. My account may or may not stay active, and I may or may not get to delete old posts. Auto-syncing from @rene_mobile@infosec.exchange has now been disabled. Please follow me on the Fediverse for further updates.

Joint statement from more than 300 scientists from 32 countries warning against the EU proposal for regulation to detect Child Sexual Abuse Material https://t.co/Z2yi3gMgrK… The technologies it puts forward are inadequate to solve the problem and bring huge societal risks 🧵

Too much timing data is available even from encrypted messaging apps, when a passive adversary surveills the network links for a whole country. It might be smart to add some kind of delayed delivery feature.

More than 300 scientists from 32 countries have signed an open letter criticizing the EU proposal for regulation to detect Child Sexual Abuse Material https://t.co/Lul7lI8ZtS TL;DR ineffective; risk for function creep & abuse; violates human rights -collab. w @carmelatroncoso

See also https://t.co/vM2RARNG3w for an initiative that happened in parallel.

While I'm strongly in favor of effective measures against child abuse and exploitation, client-side scanning and weakening of of end-to-end encryption in popular messengers can't be the solution. We explain our arguments in an open letter today:

@insjku Original toot at https://t.co/A2kKxh1uUG, this thread is a copy for visibility.

@insjku (see https://t.co/S4Y8k5N1HB for that reference). Please boost on any channels you deem adequate. The discussion is still open, and we have little time to bring it to a more rational level. #csam #law #eu #privacy #dataprotection #humanrights #messenger #chatcontrol #e2ee 4/4

@insjku This debate is expected to gain new steam with #Spain taking over the EU council presidency, given recently leaked statements like "Ideally, in our view, it would be desirable to legislatively prevent EU-based service providers from implementing end-to-end encryption" 3/

* The second (in German, by #Austrian academics) one is online at https://t.co/ylnCvEuOaQ (hosted by @insjku) and explicitly includes law experts in addition to the arguments from a security, privacy, and AI perspective. 2/

Today, two open letters from academics on the scientific arguments against the current client-side scanning initiatives have been released: * The first (in English, internationally coordinated) one is online at https://t.co/pdvNj0oKPK and still open for additional signatures. 1/

One more powerful voice:

My video "Cloning Credit Cards" (#research published in @usenix WOOT'13) is reason for @YouTube to suspend my channel due to "Content intending to sell certain illegal or regulated goods and services" ... WTF? Is this @Google understanding of support for the research community?

@jkulinz @insjku We have been working on decentralized digital identities for years, and this is an effort to form an open source basis for future, interoperable credential wallets. In parallel to international standards, components for open, transparent implementations are important parts. 2/2

I am happy to announce that @jkulinz / @insjku is one of the two academic institution founding members of the OpenWallet Foundation: https://t.co/p3GUEA5lOx, https://t.co/lGBDkZ6FSH 1/

ChatGPT and other LLMs are the industrialization of post-factual society, the cheap mass-production of plausibly sounding disinformation.

@Microsoft For unlocking, we should enter a phone number for an unlock code, and when we do, the error message on sending texts is either "Usage limit exceeded" or "We cannot send a text message to this number". Well done, #Microsoft, well done. 2/2

Ok, so @Microsoft managed to lock my daughter's account (only created for games) for "Terms of Use" violations. On Christmas. When she wants to play a game she got as a present. An account that hasn't been used in over a week, and has certainly not posted anything. 1/2

https://infosec[.]exchange/@rene_mobile is the mangled link, in case Twitter still lets me post the non-direct version.

Make link sharing harder with a robots.txt entry. You will have to trade short-term traffic for freedom from a platform that will ban you for negative coverage. https://t.co/t39BBvZOct https://t.co/Ft5HgHNlrl (2/2)