A nationwide firewall could always be bypassed (see: Russia, China, Iran), but what if they just went directly to the end user device and add a chip that constantly scans for anti-regime keywords? Especially when there is “AI” that could be embedded to just do basic OCR and close the browser when such “prohibited items” are detected.
Maybe for the aforementioned countries, its harder to create their own chips.
But I think an authoritarian USA definitely could.
Intel, AMD, Qualcomm, Apple Silicon, are all in the US; Couldn’t the US government just order those companies to add such “censorship chip” to devices sold in the US? Checks and balances seems to be not really a thing anymore…
This way, no amount of “VPN” is gonna work. The censorship chip is gonna block any negative mentions of trump. And with the US’s cooperation, Russia, China, Iran could also acheive the same in their jurisdictions.
Am I just worrying to much.
Is a “censorship chip” even possible?
Apple already does this, they can go around your VPN and use your actural location
It’ll almost certainly never work. You’d need to write high level software that can interpret pictures on any display manager, and even then Linux would never do it.
Would literally just speed up the adoption of RISC.
Or it’ll more likely turn me off computer usage all together, and I’ll go live in the woods.
for chinas case, people are using proxies and anti-detect browsers , vpn is mostly easily blocked by many
I think they did this but they don’t use it loudly
There’s a reason Digital Rights Management techonologies are loved by corpofascists; control over the full communication channel, from file source, to OS kernel (TPM modules, trusted computing, signed OS images via UEFI), to transmission protocol, to physical channel (hdmi) to screen de rendering in the final device.
Once the tooling is laid out and people are forced into not owning their devices, nor being able to copy, nor consume media that hasn’t been cryptographically signed and approved, then it’s all fair game.
There’s ways to ensure digital rights and reduce privacy that don’t need forcing people to not own any part of the communication channel whatsoever (privacy is a UX problem, give people an easy way to consume media and they will pay for it).
It’s also why they are also scared of the “analog hole” (https://en.m.wikipedia.org/wiki/Analog_hole) that they try for people to self-censor.
Edit: I kept scrolling through Lemmy to find this thread, were Cory Doctorov explains how DMCA enables control from corporations: https://lwn.net/SubscriberLink/1021871/ffeed46818908c91/
Ask yourself why TrustedComputing became a thing, why UEFI and TPM are required for newer Windows versions and what they actually do. And each new step they add something more restrictive to prevent your system running unidentified code. Ask why kernel-level DRM is employed as an anticheat measure. What other kernel-level DRM is on your system? Do you know? Do you care enough to stop using the products pushing it onto your system in the first place? We’re slowly but surely letting the dystopian futures we were warned about happen by not protesting every single time they lock some part of your life down “for reasons”.
TPM and trusted computing/boot chains are some of the single most important security measures that we’ve had in the last decade. I can agree on the kernel level stuff though that’s a bit bullshit even though I understand why low level access is needed for some anti cheat tasks and DRM prevention. I think there should be APIs provided instead of having to install unknown modules
This is some ignorant FUD. Everything you just listed is technology companies, who get blamed for every computer failure whether its their fault or not, trying to prevent those problems. TrustedComputing and TPM is a direct answer to malware. UEFI a direct answer to ever increasingly complicated computer hardware, kernel-level DRM is a direct answer to software piracy and online game cheaters.
These things are implemented because there’s a lot of people making a lot of money ruining the lives of people who just want to use their computer. Just because YOU can’t explain it, doesn’t mean it’s evil.
Right, because UEFI is open sourced and can be checked by anyone. Oh, wait, no, that’s why Libreboot is a thing: https://libreboot.org/ I will agree that TrustedComputingGroup and the way they use TPM have a more open standard, but I still don’t trust some of the companies behind it. Especially Microsoft, who have completely lost the plot with recent Windows versions. There is definitely a reason to be wary of it, as cryptographer Ross Anderson is quoted here on wikipedia: https://en.wikipedia.org/wiki/Trusted_Computing#Criticism Software Piracy is a direct answer to greedy publishers who burn out developers and force them to make crapware which they then force DRM on so people can’t play it even if they own the original release. Better people than me have written about how awful DRM is in games. See https://www.gog.com/blog/what-exactly-is-drm-in-video-games-and-why-should-you-care/ or https://expertbeacon.com/why-is-drm-bad-for-gaming/ for exaples. DRM is bad for game preservation purposes or simply to allow someone to install and reinstall the game they own several times. Better people than me have written out about the various issues which DRM caused in the past, most notably safedisc and securom which were well-reported upon. It does not belong in gaming. I can explain a lot, and can attribute a lot to stupidity and greed on either side of the argument. It’s not FUD when it’s a slow crawl to further enshittification and overzealous identification and exclusion of individual users and systems while giving false reasons for why we should put up with it.
kernel-level DRM is a direct answer to software piracy and online game cheaters.
Had me going until this line.
Solid troll haha
A country for example could enact their mandatory certificate authority that they control. Then have ISPs who are in the middle use what was mandatory a trusted CA to act as the certificate issuer for a proxy. This already exists in enterprise, a router or proxy appliance is a mitm to inspect ssl traffic intercepting connections to a website say Google, but instead terminates that connection on itself, and creates a new connection to Google from itself. Since the Google certificate on the client side would be trusted from the proxy, all data would be decrypted on the proxy. to proxy data back to clients without a browser certificate trust issue, they use that already mandated CA that they control to create new certificates for the sites they’re proxying the proxy reencrypts it back to the client with a trusted certificate and browsers accept them.
It’s actually less than theoretical, it’s literally been proposed in Europe. This method is robust and is already what happens in practice in enterprise organisations on company devices with the organisations CA certificate (installed onto organisation computers by policy or at build time). I’ve deployed and maintained this setup on barracuda firewalls, Fortigate firewalls and now Palo alto firewalls.
Wow, I wonder why Russia and China haven’t done this yet.
I mean, the US, people have guns, so implementing this might cause people to just start rioting.
But Russia and China has strict gun controls, its totally feasible to implement this.
I think this is a very short-sighted, surface level take that shows of a very naive understanding of how societies become more totalitarian.
They could be, but I assume say like an apple device won’t install a ccp root authority unconditionally. Huawei and xiamoi probably could be forced, but the browser too, like Chrome, Firefox and safari need to also accept the device certificates as trusted.
But the pressure in Europe would likely be to trade within Europe, you must comply.
It fundamentally destroys the whole trust of PKI if this did go ahead. We just need to hope it does not.
apple device won’t install a ccp root authority unconditionally
They already removed VPN apps from the Mainland China version of the Apple App Store. In capitalism, profits are above everything else. China is a very large market with 1.4 Billion people, I doubt Apple is gonna be willing to lose access to this market.
Edit: changed a word for style.
I guess you could force people to do firmware updates. Otherwise, your censorship parameters will get out-of-date. For example, criticism of Musk may go from forbidden to mandatory as he falls out of favor with the MAGA regime.
“Please restart your device for a required political update”
Jesus man, that sounds bleak. Sadly it also sounds entirely plausible for the dystopian nightmare we are currently living in.
Orwell really didn’t miss
Technically possible? In the strictest sense, sure I guess?
Practically speaking though, it’d probably be a mess to manage and likely trivial to circumvent for anyone with a little knowledge and an IQ above room temperature.
If your browser and device has a state sponsored CA certificate it’s not trivial to bypass. Transparently all certificate traffic could be intercepted by an ISP. Look at Europe already trying. Once someone malicious (to you) is a trusted certificate issuer you no longer can verify either the destination nor the privacy of the content.
Ssl based vpns are also decrypted. And vpns which use public key for identification would no longer be trusted.
If anything like this becomes widespread, you can bet people will figure out all sorts of ways around it and if it becomes problematic enough, they’ll probably just stop using it entirely.
That hasn’t stopped them from making idiotic laws before, look at all the US states that are trying to ban porn on the internet.
Sure, there’s been talk of banning encryption as well, but practically speaking, that would be an unmitigated disaster in terms of security alone.
Of course it would but politicians are famously stupid, they have no idea and little care if something is actually feasible.
Short answer: easier than most people think.
Read Ken Thompson’s article Reflections on trusting trust for some tangential hacks.
Like the river finds the sea, people will find a way around it. Satellite connections, just as an idea.
Anything a chip does can be backwards engineered to fool it. People will break your proposed surveillance chip eventually.
Most of these companies are maybe US-owned to varying degrees but they don’t produce everything in the US. Also, they would put a very high price on these government mandated chips for two reasons: 1) government has deep pockets and 2) it would keep them away from very profitable so-called AI biz opportunities.
The pandy has shown us that with a few disruptions in the supply chain, any system that requires a cryptographic chip check to function can be sent to hell in a handbasket. I forgot if it was HP or Canon or some printer company had to teach its customers to bypass, i.e. hack their own cryptogtaphic chip checks because they couldn’t get more chips and otherwise the printers wouldn’t print. A few disruptions could also affect the censorship chip supply chain.
The great firewall of China has also shown how creative people get to get their message across. If it’s not just human censors but also so-called AI censors it will just take creativity to a new level. Necessity is the mother of invention.
So there are some reasons why you might be worrying too much. I think another one is much broader. The majority of Americans did not vote for the current president. If he started censoring the internet now there would be Civil War II - Now It’s Digital. The reason why Russia or North Korea can censor their people much easier is because they have never had or only on paper a brief period of liberty and rule of law. It will be much harder to control the US population. There isn’t just the one media outlet, the one ISP, the one judiciary to dominate. It’s splintered. And populated by feisty people, some of them armed. You couldn’t pull off what you suggested without much more support for 47. And he seems to be losing it more than gaining these days.
The V-chip is still in TVs.
