How feasible would it be for authoritarian regimes to add censorship directly into the hardware of modern consumer electronics? (Therefore making the use of VPNs to bypass censorship useless.)

Submitted ⁨⁨1⁩ ⁨day⁩ ago⁩ by ⁨throwawayacc0430@sh.itjust.works⁩ to ⁨[deleted]⁩

A nationwide firewall could always be bypassed (see: Russia, China, Iran), but what if they just went directly to the end user device and add a chip that constantly scans for anti-regime keywords? Especially when there is “AI” that could be embedded to just do basic OCR and close the browser when such “prohibited items” are detected.

Maybe for the aforementioned countries, its harder to create their own chips.

But I think an authoritarian USA definitely could.

Intel, AMD, Qualcomm, Apple Silicon, are all in the US; Couldn’t the US government just order those companies to add such “censorship chip” to devices sold in the US? Checks and balances seems to be not really a thing anymore…

This way, no amount of “VPN” is gonna work. The censorship chip is gonna block any negative mentions of trump. And with the US’s cooperation, Russia, China, Iran could also acheive the same in their jurisdictions.

Am I just worrying to much.

Is a “censorship chip” even possible?

source

Comments

Sort:hotnew top

randamumaki@lemmy.blahaj.zone ⁨1⁩ ⁨day⁩ ago
Ask yourself why TrustedComputing became a thing, why UEFI and TPM are required for newer Windows versions and what they actually do. And each new step they add something more restrictive to prevent your system running unidentified code. Ask why kernel-level DRM is employed as an anticheat measure. What other kernel-level DRM is on your system? Do you know? Do you care enough to stop using the products pushing it onto your system in the first place? We’re slowly but surely letting the dystopian futures we were warned about happen by not protesting every single time they lock some part of your life down “for reasons”.

source
- shadejinx@lemmy.world ⁨1⁩ ⁨day⁩ ago
  This is some ignorant FUD. Everything you just listed is technology companies, who get blamed for every computer failure whether its their fault or not, trying to prevent those problems. TrustedComputing and TPM is a direct answer to malware. UEFI a direct answer to ever increasingly complicated computer hardware, kernel-level DRM is a direct answer to software piracy and online game cheaters.
  
  These things are implemented because there’s a lot of people making a lot of money ruining the lives of people who just want to use their computer.
  
  source
  - randamumaki@lemmy.blahaj.zone ⁨9⁩ ⁨hours⁩ ago
    Right, because UEFI is open sourced and can be checked by anyone. Oh, wait, no, that’s why Libreboot is a thing: libreboot.org I will agree that TrustedComputingGroup and the way they use TPM have a more open standard, but I still don’t trust some of the companies behind it. Especially Microsoft, who have completely lost the plot with recent Windows versions. There is definitely a reason to be wary of it, as cryptographer Ross Anderson is quoted here on wikipedia: en.wikipedia.org/wiki/Trusted_Computing#Criticism Software Piracy is a direct answer to greedy publishers who burn out developers and force them to make crapware which they then force DRM on so people can’t play it even if they own the original release. Better people than me have written about how awful DRM is in games. See gog.com/…/what-exactly-is-drm-in-video-games-and-… or expertbeacon.com/why-is-drm-bad-for-gaming/ for exaples. DRM is bad for game preservation purposes or simply to allow someone to install and reinstall the game they own several times. Better people than me have written out about the various issues which DRM caused in the past, most notably safedisc and securom which were well-reported upon. It does not belong in gaming. I can explain a lot, and can attribute a lot to stupidity and greed on either side of the argument. It’s not FUD when it’s a slow crawl to further enshittification and overzealous identification and exclusion of individual users and systems while giving false reasons for why we should put up with it.
    
    source
- independantiste@sh.itjust.works ⁨1⁩ ⁨day⁩ ago
  TPM and trusted computing/boot chains are some of the single most important security measures that we’ve had in the last decade. I can agree on the kernel level stuff though that’s a bit bullshit even though I understand why low level access is needed for some anti cheat tasks and DRM prevention. I think there should be APIs provided instead of having to install unknown modules
  
  source
kittenzrulz123@lemmy.blahaj.zone ⁨20⁩ ⁨hours⁩ ago
Apple already does this, they can go around your VPN and use your actural location

source
lemmy_outta_here@lemmy.world ⁨1⁩ ⁨day⁩ ago
I guess you could force people to do firmware updates. Otherwise, your censorship parameters will get out-of-date. For example, criticism of Musk may go from forbidden to mandatory as he falls out of favor with the MAGA regime.

“Please restart your device for a mandatory political update”

source
- the_riviera_kid@lemmy.world ⁨1⁩ ⁨day⁩ ago
  Jesus man, that sounds bleak. Sadly it also sounds entirely plausible for the dystopian nightmare we are currently living in.
  
  source
  - Auntievenim@lemmy.world ⁨1⁩ ⁨day⁩ ago
    Orwell really didn’t miss
    
    source
FriendOfDeSoto@startrek.website ⁨1⁩ ⁨day⁩ ago
Like the river finds the sea, people will find a way around it. Satellite connections, just as an idea.

Anything a chip does can be backwards engineered to fool it. People will break your proposed surveillance chip eventually.

Most of these companies are maybe US-owned to varying degrees but they don’t produce everything in the US. Also, they would put a very high price on these government mandated chips for two reasons: 1) government has deep pockets and 2) it would keep them away from very profitable so-called AI biz opportunities.

The pandy has shown us that with a few disruptions in the supply chain, any system that requires a cryptographic chip check to function can be sent to hell in a handbasket. I forgot if it was HP or Canon or some printer company had to teach its customers to bypass, i.e. hack their own cryptogtaphic chip checks because they couldn’t get more chips and otherwise the printers wouldn’t print. A few disruptions could also affect the censorship chip supply chain.

The great firewall of China has also shown how creative people get to get their message across. If it’s not just human censors but also so-called AI censors it will just take creativity to a new level. Necessity is the mother of invention.

So there are some reasons why you might be worrying too much. I think another one is much broader. The majority of Americans did not vote for the current president. If he started censoring the internet now there would be Civil War II - Now It’s Digital. The reason why Russia or North Korea can censor their people much easier is because they have never had or only on paper a brief period of liberty and rule of law. It will be much harder to control the US population. There isn’t just the one media outlet, the one ISP, the one judiciary to dominate. It’s splintered. And populated by feisty people, some of them armed. You couldn’t pull off what you suggested without much more support for 47. And he seems to be losing it more than gaining these days.

source
_haha_oh_wow_@sh.itjust.works ⁨1⁩ ⁨day⁩ ago
Technically possible? In the strictest sense, sure I guess?

Practically speaking though, it’d probably be a mess to manage and likely trivial to circumvent for anyone with a little knowledge and an IQ above room temperature.

source
- the_riviera_kid@lemmy.world ⁨1⁩ ⁨day⁩ ago
  That hasn’t stopped them from making idiotic laws before, look at all the US states that are trying to ban porn on the internet.
  
  source
  - _haha_oh_wow_@sh.itjust.works ⁨1⁩ ⁨day⁩ ago
    Sure, there’s been talk of banning encryption as well, but practically speaking, that would be an unmitigated disaster in terms of security alone.
    
    source
    -> View More Comments
- biscuitswalrus@aussie.zone ⁨1⁩ ⁨day⁩ ago
  If your browser and device has a state sponsored CA certificate it’s not trivial to bypass. Transparently all certificate traffic could be intercepted by an ISP. Look at Europe already trying. Once someone malicious (to you) is a trusted certificate issuer you no longer can verify either the destination nor the privacy of the content.
  
  Ssl based vpns are also decrypted. And vpns which use public key for identification would no longer be trusted.
  
  …com.au/…/eu-row-over-certificate-authority-manda…
  
  source
  - _haha_oh_wow_@sh.itjust.works ⁨14⁩ ⁨hours⁩ ago
    If anything like this becomes widespread, you can bet people will figure out all sorts of ways around it and if it becomes problematic enough, they’ll probably just stop using it.
    
    source
swordgeek@lemmy.ca ⁨1⁩ ⁨day⁩ ago
Short answer: easier than most people think.

Read Ken Thompson’s article Reflections on trusting trust for some tangential hacks.

source
barryamelton@lemmy.world ⁨1⁩ ⁨day⁩ ago
There’s a reason Digital Rights Management techonologies are loved by corpofascists; control over the full communication channel, from file source, to OS kernel (TPM modules, trusted computing, signed OS images via UEFI), to transmission protocol, to physical channel (hdmi) to screen de rendering in the final device.

Once the tooling is laid out and people are forced into not owning their devices, nor being able to copy, nor consume media that hasn’t been cryptographically signed and approved, then it’s all fair game.

There’s ways to ensure digital rights and reduce privacy that doesn’t need forcing people to not own any part of the communication channel whatsoever (privacy is a UX problem, give people an easy way to consume media and they will pay for it).

It’s also why they are also scared of the “analog hole” (en.m.wikipedia.org/wiki/Analog_hole) that they try for people to self-censor.

source
cooopsspace@infosec.pub ⁨21⁩ ⁨hours⁩ ago
It’ll almost certainly never work. You’d need to write high level software that can interpret pictures on any display manager, and even then Linux would never do it.

Would literally just speed up the adoption of RISC.

Or it’ll more likely turn me off computer usage all together, and I’ll go live in the woods.

source
biscuitswalrus@aussie.zone ⁨1⁩ ⁨day⁩ ago
A country for example could enact their mandatory certificate authority that they control. Then have ISPs who are in the middle use what was mandatory a trusted CA to act as the certificate issuer for a proxy. This already exists in enterprise, a router or proxy appliance is a mitm to inspect ssl traffic intercepting connections to a website say Google, but instead terminates that connection on itself, and creates a new connection to Google from itself. Since the Google certificate on the client side would be trusted from the proxy, all data would be decrypted on the proxy. to proxy data back to clients without a browser certificate trust issue, they use that already mandated CA that they control to create new certificates for the sites they’re proxying the proxy reencrypts it back to the client with a trusted certificate and browsers accept them.

It’s actually less than theoretical, it’s literally been proposed in Europe. This method is robust and is already what happens in practice in enterprise organisations on company devices with the organisations CA certificate (installed onto organisation computers by policy or at build time). I’ve deployed and maintained this setup on barracuda firewalls, Fortigate firewalls and now Palo alto firewalls.

…com.au/…/eu-row-over-certificate-authority-manda…

source
- throwawayacc0430@sh.itjust.works ⁨1⁩ ⁨day⁩ ago
  Wow, I wonder why Russia and China haven’t done this yet.
  
  I mean, the US, people have guns, so implementing this might cause people to just start rioting.
  
  But Russia and China has strict gun controls, its totally feasible to implement this.
  
  source
  - LyingCake@feddit.org ⁨11⁩ ⁨hours⁩ ago
    I think this is a very short-sighted, surface level take that shows of a very naive understanding of how societies become more totalitarian.
    
    source
  - biscuitswalrus@aussie.zone ⁨23⁩ ⁨hours⁩ ago
    They could be, but I assume say like an apple device won’t install a ccp root authority unconditionally. Huawei and xiamoi probably could be forced, but the browser too, like Chrome, Firefox and safari need to also accept the device certificates as trusted.
    
    But the pressure in Europe would likely be to trade within Europe, you must comply.
    
    It fundamentally destroys the whole trust of PKI if this did go ahead. We just need to hope it does not.
    
    source
    -> View More Comments
Ledericas@lemm.ee ⁨20⁩ ⁨hours⁩ ago
for chinas case, people are using proxies and anti-detect browsers , vpn is mostly easily blocked by many

source
untakenusername@sh.itjust.works ⁨1⁩ ⁨day⁩ ago
I think they did this but they don’t use it loudly

source
realcaseyrollins ⁨1⁩ ⁨day⁩ ago
You could put it in the firmware. I remember there being an extension in Chrome that can replace all naughty words so what you're envisioning can't be that hard to do at all.
- _haha_oh_wow_@sh.itjust.works ⁨1⁩ ⁨day⁩ ago
  It would be easy to implement something, but it would not be easy to create an effective system that was extremely difficult or impossible to circumvent.
  
  Even if they achieved a perfect system on a technical level, people would still find ways around it. It’s far more complicated and involved than it might seem at first glance. On top of that, free expression is extremely engraved in American culture: Odds are good that implementing such a system would result in a far worse mess than whatever they were attempting to “clean up” in the first place.
  
  source
  - realcaseyrollins ⁨1⁩ ⁨day⁩ ago
    AI could make things a lot easier though. Scan constantly for words that look like a particular thing and change those words on the fly, for example, can allow for the type of censorship you're asking about.
    
    Verbal stuff might be harder unless you put in a delay though (or you're dealing with pre-loaded media that can be censored as it buffers) because you don't know what a word is going to be until it's uttered.
    
    -> View More Comments