A nationwide firewall could always be bypassed (see: Russia, China, Iran), but what if they just went directly to the end user device and add a chip that constantly scans for anti-regime keywords? Especially when there is “AI” that could be embedded to just do basic OCR and close the browser when such “prohibited items” are detected.
Maybe for the aforementioned countries, its harder to create their own chips.
But I think an authoritarian USA definitely could.
Intel, AMD, Qualcomm, Apple Silicon, are all in the US; Couldn’t the US government just order those companies to add such “censorship chip” to devices sold in the US? Checks and balances seems to be not really a thing anymore…
This way, no amount of “VPN” is gonna work. The censorship chip is gonna block any negative mentions of trump. And with the US’s cooperation, Russia, China, Iran could also acheive the same in their jurisdictions.
Am I just worrying to much.
Is a “censorship chip” even possible?
A country for example could enact their mandatory certificate authority that they control. Then have ISPs who are in the middle use what was mandatory a trusted CA to act as the certificate issuer for a proxy. This already exists in enterprise, a router or proxy appliance is a mitm to inspect ssl traffic intercepting connections to a website say Google, but instead terminates that connection on itself, and creates a new connection to Google from itself. Since the Google certificate on the client side would be trusted from the proxy, all data would be decrypted on the proxy. to proxy data back to clients without a browser certificate trust issue, they use that already mandated CA that they control to create new certificates for the sites they’re proxying the proxy reencrypts it back to the client with a trusted certificate and browsers accept them.
It’s actually less than theoretical, it’s literally been proposed in Europe. This method is robust and is already what happens in practice in enterprise organisations on company devices with the organisations CA certificate (installed onto organisation computers by policy or at build time). I’ve deployed and maintained this setup on barracuda firewalls, Fortigate firewalls and now Palo alto firewalls.
https://www.itnews.com.au/news/eu-row-over-certificate-authority-mandates-continues-ahead-of-rule-change-602062
Wow, I wonder why Russia and China haven’t done this yet.
I mean, the US, people have guns, so implementing this might cause people to just start rioting.
But Russia and China has strict gun controls, its totally feasible to implement this.
I think this is a very short-sighted, surface level take that shows of a very naive understanding of how societies become more totalitarian.
They could be, but I assume say like an apple device won’t install a ccp root authority unconditionally. Huawei and xiamoi probably could be forced, but the browser too, like Chrome, Firefox and safari need to also accept the device certificates as trusted.
But the pressure in Europe would likely be to trade within Europe, you must comply.
It fundamentally destroys the whole trust of PKI if this did go ahead. We just need to hope it does not.
They already removed VPN apps from the Mainland China version of the Apple App Store. In capitalism, profits are above everything else. China is a very large market with 1.4 Billion people, I doubt Apple is gonna be willing to lose access to this market.