It basically does what memespeech is doing, except much better. Both parties would need to agree on a cover text (let's say, a chapter from the NIV Bible). It then generates some text via GPT-2 trained on this cover text, with your hidden message encoded in it.
You'd then send this generated text to the recipient (which actually looks like a normal message written in the style of your cover text). They'd enter the same chapter of the NIV Bible along with your generated text, which then lets it recover your hidden message.
Basically, memespeech looks like you're hiding something, both to the human eye and to machine learning models. NeuralSteganography solves both of these issues, as it looks like regular human-readable texts to both humans _and_ ML models (Harvard's paper goes into more detail on this https://arxiv.org/abs/1909.01496 ).
I agree that encryption is "unbannable" in the same way you can't really ban a word or basic math. However, that won't stop the government from passing laws that make it hard for businesses to operate legally using things the government doesn't like. For example, there are certain arrangements of letters which are considered illegal[1], and if you operate a TV station you can't use those arrangements of letters without getting fined by the FCC.
There's also the famous illegal number from AACS[2].
This isn't so much about businesses that allow message exchange. Memespeech allows users to add their own encryption on top of whatever messages that a particular email provider, chat app or social network already allows. So even with laws like EARN IT, there would be no way for a company like Facebook to prevent people from bringing their own encryption.
There are more robust solutions like GPG, but Memespeech was designed to be easy for people who already have established trust with the party they're communicating with (and could exchange a decryption password off-channel).
Encryption doesn't matter if we eventually get to the point that Apple can be forced to run a key-logger on a user's iPhone (warrant or not). People are lazy and won't use an extra app to "encrypt" something before copy/pasting it into FB and then the other uses has to copy/paste back to the Memespeech app; all just to send :D. Additionally, let's say encryption is banned and this is the "workaround". They just ban this app in the AppStore. No way users are building github repos and side-loading.
IANAL, but I know some and have seen them give talks on this kind of topic.
This might be entertaining, but it definately doesn't fix the problem it tries to solve. Any jury in the land would still convict you if this was used to pass messages which would otherwise be illegal. If this is serious it is as stupid as saying "let's agree wearing Yellow socks means 'kill that guy', they can't arrest me for the colour of my socks!"
But you'll also have a real hard time convincing a court you have a free speech right to uppercasing and lowercasing letters in certain ways - the speech is in the words, not the presentation. That is, if there's a law banning encryption as a whole (and not simply certain messages, encrypted or encrypted), I think this still doesn't save you.
I think the courts have generally held that you can't simply throw speech onto some otherwise prohibited activity to gain First Amendment protections. For instance, see the case about the man who tweeted a GIF at Kurt Eichenwald with the intention of provoking a seizure - the fact that the GIF also contained words (... which were "you deserve a seizure for your posts") seems unlikely to say that the act of sending the GIF itself was protected speech.
Good: if the courts don't identify the decoding bible chapter, you get plausible deniability of "I didn't communicate a message for Illegal Activity X, I was just sharing some abstract ideas on theology with a friend".
Bad: Courts might begin issuing surveillance warrants (or worse) to TLAs based on the most innocuous personal communications, because "we're pretty sure that happy birthday e-card contains an encrypted message".
In either case, I completely agree if the message is deciphered by authorities, they've got you dead to rights, whether it's done by PGP, GPT bible verses, or yellow socks on Tuesday.
EDIT: I was commenting primarily on the GPT technique, but now having read the Memespeech page, totally agreed that it wouldn't even slightly stand up to scrutiny in court, as one needs no prior knowledge to decode the message and demonstrate that there is no other legitimate explanation for the communication.
With Memespeech, the encryption tech is wrapped into the transmission format, and the transmission format is Free Speech.
Even if this software were banned, a couple of points remain:
- It's unprovable that any block of Memespeech text has something encrypted in it unless you know the password
- It's easy for a developer to write their own Memespeech implementation based on the documented specification.
Not saying that anyone would violate a hypothetical (and probably unconstitutional) law, but it would be hard to enforce.
I think there are multiple senses of "banned" here. There's "made illegal" and there's "disallowed by a third-party platform." Something can be illegal but easy to do, e.g., driving without a seat belt. Something can be blocked by a platform but still quite legal, e.g., proselytizing your religion on HN.
It's pretty easy (relatively speaking) to run your own transport that doesn't go through a third party, at which point you can just use OTR or whatever. Then you're immune from banned-in-the-sense-of-blocked, and you can make your own risk decisions about banned-in-the-sense-of-illegal. (Also, depending on the details of the law, this might be perfectly legal too, e.g., "big tech must give us backdoors" doesn't need to imply "everyone who runs encryption must give us backdoors.")
It does seem like Memespeech has an advantage if you're using a third-party platform as a channel and you don't want to be blocked, i.e., you want to exchange encrypted-and-not-backdoored messages over Facebook Messenger because you can no longer trust its own encryption. I agree that this seems less likely to be blocked than literally sending base64 over the channel. But it still can get blocked - Facebook is under no obligation to transport all "Free Speech" (whatever that means) from user to user. If Facebook says, on our platform we disallow text with >20% uppercase letters, they can do that legally and constitutionally. The government could force them to do it, but they could also do it on their own (e.g. a spam detector might do it, honestly).
So you basically end up in a steganography arms race: you want to send messages that look to Facebook like actual genuine messages so they don't block you, but they contain coded information that is end-to-end encrypted using modern cryptography. I suppose it depends on a number of external factors as to whether that's easier than setting up your own transport.
For instance, if your goal is just successfully sending messages and you don't care about legality, another easy (relatively speaking) thing is to run Noise Protocol over your favorite shortwave digital mode. Then you don't have to worry about being blocked at all.
The thought experiment is:
Banning text message that are clearly readable (with or without message hidden inside, every message could hide something, even not on purpose, so everyone is 'guilty' when chatting) means you're banning freespeech (all chat message).
It basically does what memespeech is doing, except much better. Both parties would need to agree on a cover text (let's say, a chapter from the NIV Bible). It then generates some text via GPT-2 trained on this cover text, with your hidden message encoded in it.
You'd then send this generated text to the recipient (which actually looks like a normal message written in the style of your cover text). They'd enter the same chapter of the NIV Bible along with your generated text, which then lets it recover your hidden message.
Basically, memespeech looks like you're hiding something, both to the human eye and to machine learning models. NeuralSteganography solves both of these issues, as it looks like regular human-readable texts to both humans _and_ ML models (Harvard's paper goes into more detail on this https://arxiv.org/abs/1909.01496 ).