Free to speak. ECC Update

Missed this, thank you.

2 Likes

My understanding is that Brazil requires legal representation in country so that the courts have someone to approach for the purpose of having content removed that it considers to be a crime, and that Elon is not complying. In this case, I believe the issue arose when seven accounts posted content about a possible coup. Complicated indeed.

But my reference here is related to more than Elon not complying with the law. They tried to shut down people’s access to VPNs. Even if you believe that Brazil’s laws are just, can we agree that this is a troubling action? Related article.

3 Likes

Ah yes, I agree. They quickly gave up on the blanket VPN ban but there is still a fine in place for accessing Twitter via VPN (which is silly and mostly unenforceable). The upside is that Brazilians are migrating en masse to BlueSky :joy:

4 Likes

Camera access is necessary to allow scanning QR codes. Unfortunately Android’s security architecture doesn’t support a more dynamic way of ensuring that a permission is used only when the feature that needs it is being used, via a UI that makes that apparent to the user. So if an app ever needs the camera, it must request camera permission for the whole time it is running (either in the foreground or background). That sucks because if there were a vulnerability that allowed the app to be taken over via external input, then all of its permissions could potentially be misused. Most of the code being written in memory-safe languages does help there.

I’ve been complaining about this issue for literally longer than Android has been a thing, and advocating for the use of capability-based security models that would allow it to be fixed in general. The specific case of QR code scanning could be handled within the current security model by having a dedicated “scan QR code” permission, but there is currently no such thing. (Also we plan to have support for Keystone wallets which need animated QR codes in order to send more data that can fit in a single code. So a dedicated permission would have to handle that in order to support Keystone.)

Some of the other permissions there look as though they should not be necessary. I think you meant that they are requested by the Raise app rather than Zashi, though?

3 Likes

Ask everytime
 and yes I select every time ‘Only use this time’.

I assume the policy for the app and the API will be the same unless otherwise put in writing. Appreciate the thoroughness in this regard. :+1:

1 Like

Hey it’s the first part of our tagline!

Free to Speak. Free to Earn. Free to Choose. Free2Z.

Hopefully the next update will be “Free to Earn” and then the rest. :pray:

4 Likes

Thanks for clarifying. I will specifically make sure that using their SDK does not result in any permissions creep.

2 Likes

I have a disagreement : allowing third party speech in France always can lead you in troubles. Back in 2014, I was following course in how 1 should get it technically right to not get into legal troubles in order to prepare for my law exam in computing (like how to set up a radius tracking system for offering Wi‑fi). The reality is bloggers do get arrested over the past 20 years for the comment of other peoples (though blog have the status of book publishers and not host provider).

Basically, under the current jurisprudence you have 48 business Hours to comply with any law enforcement takedown requests. After that, you are no longer considered to host the speech but to publish it. A book publisher (Ă©diteur) is considered accomplice of everything being sayed/perpetraded. Hence why Pavel Durov is also charged to be a full willing accomplice of terrorism and illegal pot trade.

While taking citizenship he should had noticed the French’s Police ᎘ʜᎀʀᎏꜱ illegal online reporting platform that was created in 2009. Also from Napoleon until 1996, any civilian use of encryption was completely banned (only the military could use encryption without asking a prior authorization). Even today, any service provider must submit a copy of it’s encryption to the French’s ᎀɎꜱꜱÉȘ : jurisprudence tells that putting yourself in a situation where you can’t access the keys (peer to peer encryption) is no excuse against the law.

Constitutionally speaking, things aren’t better as the year 1789 French declaration of man’s rights states :

tout citoyen peut donc parler, Ă©crire, imprimer librement, sauf Ă  rĂ©pondre de l’abus de cette libertĂ© dans les cas dĂ©terminĂ©s par la loi

which means the law is free to limit free speech.

I was surprised why Pavel Durov wasn’t arrested earlier given such conditions : it later turned out Emmanuel Macron’s folks attempted to protect him from the own local laws he helped to pass. Prosecution took extra step so that the president doesn’t get aware of his pending arrest.

So to sum up : France wasn’t the right country if you want absolute free speech with the exception of 1881 until Lois scĂ©lĂ©rates - Wikipedia short’s period when publishing how to bomb bistros was Ok : what’s happening to Pavel Durov is like having gay sex in a country like Mauritanie and finding yourself in prison after failing to search if what you could do could be illegal.
He’ll find some lawyers guys who will promise him freedom and telling him he is the target of something normally legal but the reality he his guilty under laws which made what he did illegal and would had sent him to prison a long time ago if he wasn’t a billionaire (it’s law that make something legal or not and not what it should be). He should plead guilty as a first time offender or face problems with hardned inmates.

Zcash

Telegram has a centralized infrastructure to run and thus it s not a developping software (otherwise Pavel might not had got arrested because he don t operate an encryption system which would the legality as the same as suicide machines). Even then, there s a view key system. If such views keys are automatically submited to the right persons, this might be Ok.

1 Like