First thing first,
FBI Warns iPhone, Android Users—We Want ‘Lawful Access’ To All Your Encrypted Data.
Forbes.com Feb 24, 2025, 06:48am EST
and second thing:
Apple’s recent decision to kill E2EE in the UK is just the tip of the iceberg. According to many privacy and security experts, agencies like the FBI are looking for ways to follow suit:
That won’t stop the FBI from infiltrating anything any where.
How does this affect PureOS and L5, or does it, or will it?
What’s the American saying about eating the cake and having it too? It was just recently that encryption was good and encouraged, according to FBI: Why the U.S. government is saying all citizens should use end-to-end encrypted messaging Sure, the point probably is “encryption + a back door”, but those are competing goals undermining each other. Same repeating conversation has/is been had here at EU side under the banner of “save the children”/CSAM more than national security, but basically the same.
At the higher levels, it’s about power and control (which have negatives that are being marketed with the few positives), and in the lower levels it’s practicalities (peace, order, civility, safety etc. - but whose and how, and who gets to set limits on those). It’s a balancing act of a complex global socio-technical system.
For similar conversations with good points already made on this, remember some of these threads:
For a start, this is a statement of intent from the FBI. It’s what they want, not what they have. It’s “wishlist”. So in the short term, it doesn’t affect anything.
Where it goes from there depends on how the political and legal debate plays out in the US - and that could take a period of time measured in years.
If the FBI wins that debate, you can expect that any information that you store with a US company and any information that you send through a US company, assuming that encryption is involved and the encryption is arranged through that US company, … should be assumed to be compromised … you should assume that the encryption is security theatre and that it can be compromised by the US company (and thereby by the US government).
If we reach that point, it would be appropriate to analyse the services that Purism provides, in order to see how those services are affected.
However to see the limits of what this means:
To illustrate the second bullet point, even though sending text messages is laughably insecure, if two parties agree a pre-shared key and encrypt all messages using that key (details omitted) before sending as a text message then text message is adequately secure and no new legislation will really change that (other than perhaps the provider could be forced to block all messages that it thinks might be encrypted, and then we get into steganography).
Or to illustrate that second bullet point differently, I could send you a private message via this forum - but that is not private at all. Purism can read it and therefore we can assume that, worst case, the US government can read it. But if you and I share a pre-shared key via another mechanism and I encrypt what I send you before sending it via this forum, that is adequately secure.
In the Apple world, governments are mainly concerned about iMessage and iCloud, where iMessage is a messaging service that works only between two Apple devices and bypasses the mobile service provider’s text message service, and where iCloud is a storage service where you can back up or store content from your phone to the service.
As always, the devil is in the details. The legislation that ends up being passed in the US may be much broader, presenting much greater security threats, or there may never be a change, or things may get done behind closed doors.
In addition, some services might start disappearing. Apple did previously say that they would rather shut down iMessage in the UK than compromise it. However Apple’s bluff was called and they collapsed like a wet paper bag. Other providers may be made of sterner stuff.
Post was:
“In addition, some services might start disappearing. Apple did previously say that they would rather shut down iMessage in the UK than compromise it. However Apple’s bluff was called and they collapsed like a wet paper bag. Other providers may be made of sterner stuff.”
Not being aware of what the precise situation is now. I searched, and I see Apple is going to do what the UK government says. or perhaps, it would be more accurate to say. Apple corporate has warned customers in the UK they are losing the Apple Encryption that is available in other countries. Therefore letting each Apple customer to make their own decision as to whether they will continue to use their Apple device.
I would guess, that if I was the government, and could break the encryption, I would be constantly complaining I could not break it, and would advise those who passed the laws, not to create a law mandating backdoors. Perhaps the encryption is breakable, but it is too resource - time consuming to break all the ones they want.
Then again, to a certain degree, I am a bit surprised that authorities are trying to create a law, instead of pressing Apple Employees to create a back door on the sly.
Someone suggested we could trust Snail Mail. I don’t believe that. but I can’t prove that you might or might not have problems with your mail.
Actually, how much, in my personal life, does it matter if I send information encrypted or not? Meaning it is more important, to me, that the information I sent is getting to the correct recipient in the proper time frame. Perhaps email to a specific person be associated with an independent journal that records particulars of communications between myself and another individual.
It depends on your threat model.
In the U.S., I think the USPS scans the exterior of every piece of mail, so they would have the metadata at least. But for content, they would need a government court order and/or warrant, I’m sure… which means the physical envelope is still better than the unencrypted digital messages, I guess.
I’m one of those that mentioned Snail Mail i.e. paper delivered to street address 
My suggestion was made in jest.
Govt would have to know it was mailed/received, and intercept it, then surreptitiously open, scan it in, reseal it and send it on. If everyone did that - just once, well…
I remember when for some reason, can’t remember why, but it was a hit on the post office wanting more money I think, and it was suggested that everyone mail a brick to their Member of Parliament (MP) with a letter to complain about - what ever it was we were complaining about. It’s free to mail ones MP.
Side note about Canada Post. In the early days of email, they wanted to charge sender/receiver 5 cents for each email. That would be they took control of all ISP emails or require ISP to collect it form them.
The idea of Canada Post charging for email service was a proposal made by the previous CEO, Michel D’Amour, as a way to help balance the corporation’s budget.
~s
You could encrypt your snail mail. 
I don’t know whether there are any laws against that and in any case the answer depends on the jurisdiction.
If your device is compromised then it certainly doesn’t matter whether you send the information encrypted - because the plaintext original is available to interested parties anyway (with the understanding that we are talking in this topic specifically about a threat model where the primary threat is the government).
Snail Mail, as in the kind we use to use before email or webmail. The kind we wright or type on a piece of paper, fold and tuck it in to a envelope.
So maybe I’ll switch “snail mail” to Carrier Pigeons instead. We encrypt the SSD we slip in to it’s pouch.
Snail mail was meant in jest.
Fine,. Then I’ll type it up, staple it to a turtles back and kick in the direction it needs to go. Or I’ll saddle up and play Pony Express.
Yes, that kind. Retro, I know.
As a purely hypothetical exercise, you could
The recipient OCRs the received piece of paper and reverses the other steps.
Details of key exchange are left as an exercise for the reader.