Please check out https://fightchatcontrol.eu/ if you want to take action against this.
this post was submitted on 03 Oct 2025
261 points (100.0% liked)
Privacy
42334 readers
533 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Signal does not have a large enough userbase to threaten something like this. EU will just shrug and move on.
Hard disagree. Politicians use Signal themselves for their private group chats.
Canary coal mine kind of signal (pardon the pun)
Edit: they also obviously do not have a choice. If they legally must weaken their work and the core of their work is that it's not weak... then they have no work. So they can't accept it.
If signal pulls out of Europe we're in a pretty fucked state. Apps like signal will be reduced to operations it a few fringe countries eventually
Signal is nice because it has a pretty good adoption rate even with non techies (which is why they've been mentioned by name in the chat control proposal). But privacy enthusiasts will still have briar/simplechat/xmpp. Those aren't centralised like Signal and will be a lot harder to regulate
ChatControl 2.0, if passed means your entire device is backdoored so it doesn’t matter what apps you installl, they can get your info pre-encryption
Custom roms is your best bed at that point. I do use GOS already.
It's great as long as you can guarantee that the person you're communicating on the receiving side does the same. Otherwise it's useless as your messages will be read on the receiving device. In practice it will make private communication extremely cumbersome and niche.
Also, the authorities can backdoor your custom ROM device at will, when seized.
I mean I don't see them back dooring GOS anytime soon. But your right both ends need to have a custom ROM.
Steganography. There’s more than one way to protect your communication.
And encryption in transit is better than no encryption at all (assuming the baddies don’t already have full access to your phone data).
assuming the baddies don’t already have full access to your phone data
That's the whole point of Chat Control 2.0
Not quite; Chat Control hearkens back to Apple’s doomed attempt at on-device CSAM filtering - the idea is that on-device images and message contents would be scanned for known hashes. This means a nation state could go fishing on devices for known content, but it wouldn’t allow them to indiscriminately sift through all the content at rest — they’d have to know what they were looking for.
That’s where the steganography comes in, because the hash based approach will fail if the content they’re looking for is obscured in some manner.
Just a matter of time as soon as it gets passed. https://balkaninsight.com/2023/09/29/europol-sought-unlimited-data-access-in-online-child-sexual-abuse-regulation/
Custom roms is your best bed
Didn't know they come with sleeping facilities. They're so versatile nowadays! SCNR
😅🤣
Unless you outlaw alternative ROMs some devices will be not backdoored.
They will begin so, but the regulation means the authorities can backdoor your device way easier than they can today. It doesn't mean your custom ROM device will be free of the scanning software forever.
It also means that you need to know that the receiving device you're communicating with is clean custom ROM device, otherwise your messages will be scanned on the receiving side.
The regulation is a complete shitshow privacy nightmare hiding under CSAM trenchcoat. We'd do well to organize and fight against it, instead of trying to back down to the perceived safety of esoteric custom ROMs.
I like to be in control of what happens on the hardware I own and what services I use. If given no choice I will cease using them altogether. I agree that the law is an absolute shitshow, but with the recent speedrun to totalitarianism we should not fool ourselved that it won't be passed. It will be, eventually. It doesn't hurt to start digging the trenches meanwhile. For it is a war.
ChatControl 2.0 will mean that phones localized outside of Europe will sell at a premium.
You won't be able to install those apps soon after Android bans sideloading of apps that aren't signed, or bans sideloading of apps that are not from the playstore itself.
What then?
I don't think privacy enthusiasts use vanilla Android. People will stick to Lineage/Graphene for as long as it works and then switch to something like Postmarket. It's already in a state where it's rough but usable.
Europe: Companies can't lock down your operating system.
Also Europe: Companies must force back doors into their operating systems.
I wonder how long those two things can coexist.
Well, Google’s current behaviour is already putting the future existence of F-Droid into question.
We need FOSS phones badly and in numbers that manufacturing isn't horrible. That is until our governments force carriers not to connect them.
If I could find a reasonably priced 8" Linux tablet, I'd sell my phone and buy a cellular wifi AP.
You can spoof IMEI and pretend your phone is an old iPhone. Carriers wouldn't know.
Yes, but not everyone they want to talk to will go through that effort. It's already hard enough to convince someone to download another messaging app that they will only use with you.
"privacy enthusiasts" not everybody can do that. also remember that privacy is a spectrum.
We still have Matrix.
This is the right choice.
I always threaten to pull out, but I never do
For a future with privacy, not mass surveillance, Germany must stand firmly against client-side scanning in the Chat Control proposal [PDF - Statement from Meredith Whittaker, President, Signal Foundation]
Anywhere to petition or digitally sign?
Shocker. I do however wonder what prevents someone from downloading and installing the apk to their phone. Am I wrong in believing this is a real way to bypass them leaving a market?
what prevents someone from downloading and installing the apk to their phone
google.
https://www.androidsage.com/2025/08/26/google-blocks-sideloading-of-android-apps/
Doesn't Signal work with phone numbers? They will probably block every EU number from accessing the service to protect themselves legally. Maybe you could use something like jmp.chat to circumvent that? Probably need a VPN as well to mask your IP. In any case, it will decimate the user base, so you're left chatting with yourself anyway.
load more comments
(1 replies)
I don't understand how this "threat" is supposed to work. If the law passes won't any and all chat encryption be affected? In that case it doesn't matter how you get the app, or if you manage to get it in europe. Its encryption will be broken/unavailable.
Laws don't magically break encryption. I'm not sure what you're trying to say.
They're trying to force Signal to weaken the application, Signal says they won't do it.
They can ban Signal for not complying, but you know how difficult it is to ban a digital application? It might make it more popular since it'll be one of very few actually secure messaging apps out there.
I imagined the law would be enforced by a deal with google and some global android state approved keylogger/backdoor completely bypassing all apps including Signal. But yeah, I'm having trouble wrapping my brain around this.
Recently Google announced they were going to restrict certified Android devices to only allowing apps approved by Google. An F-Droid member found references to "blocked developers" in the new verification code. It's not unreasonable to assume that this developer blocklist could be region-dependent and Google could use this ability to block Signal from being installed in EU.
Encryption isn't magically broken because a legislature says it is.
They have to apply teeth to a market they control. Not everything is within their control. Though, signal is.
I suspect that signal will be asked to add a backdoor to their encryption, they will refuse and subsequently banned from EU app stores.
banned from EU app stores
What even is that? Aren't the 2 app official app stores American anyway?
Yes they are based in america but they have to comply with regional laws since they operate internationally. the apps available in these stores, and the laws that apply to them, differ per country.
load more comments
(1 replies)
view more: next ›