How would PGP help in the long run? If client side scanning is mandated for everything then the natural place for it to wind up is in the OS. Once your OS is scanning all the things, your privacy is finished - pretty good or otherwise.
In fact, proprietary OSes already phone home so often it's just mind blowing. On the mobile camp, only GrapheneOS and niche Linux distributions like SailfishOS are quiet if you inspect network traffic. The tools for client-side scanning are there, it's quite easy to implement total control.
> If client side scanning is mandated for everything then the natural place for it to wind up is in the OS. Once your OS is scanning all the things, your privacy is finished - pretty good or otherwise.
An air gap can solve that problem:
1. Create an illegal message on a machine with no internet.
2. Encrypt the message.
3. Copy the encrypted message over to a machine that does have internet.
In that case you could an Arduino, Raspberry Pi, or similar to write and convert the message. The converted msg can then be sent over USB, wifi, etc to the computer
Right, and then Chat Control looks at the encrypted text and goes "oh huh this looks encrypted and suspicious, let's put this user on a list for closer inspection" or eventually just refuses to let you send the message at all. Steganography is hard and it will be very difficult to hide that you're sending encrypted messages.
But how do we then protect our messages to less tech savvy people? Encryption must be effortless and usable by the masses, or it will be almost pointless.
If Chat Control passes, then encryption will not be effortless and usable by the masses, that's the whole point. Basic encrypted chat will be on the level of Snowden trying to communicate with the journalists back in the days – only possible if both parties are willing to go to lengths.
