He seems to be confusing “freeware”, which is basically a license for copyrighted work, with “public domain”, which is the absence of a copyright.

This part:

a desperate attempt to keep young people from discussing Joes pet genocide where they can’t be censored by the us govt.

suggests that users are being censored by the US government. Doesn’t it?

What do you mean?

I’ve seen that too. But they’re mistaken. “Censoring the internet” is not what this law does. That’s hyperbole not based on any reasonable interpretation of the actual law.

Don’t misunderstand me; this is not a good law. Nobody should be happy about it. But it is prudent, wise and perhaps even necessary. Refusing to acknowledge this while ignoring that actual 1st amendment concerns that this law will be challenged on does not help your argument.

Which Tittok users has the US government censored?

“If lawmakers want to rein in the harms of social-media platforms, targeting just one under the guise of national security ignores an entire industry predicated on surveillance capitalism. Like all popular platforms — including those that Meta and Google own — TikTok collects far too much user data. But banning a single platform will not address the privacy problem that’s rotting the core of the entire tech industry.

If domestic social media is collecting dangerous amounts of personal info about Americans, then foreign social media under who are subject to the laws of adversarial nation-states should be seriously concerning.

The matter of domestic social media will have to be addressed by a completely different law because it cannot be addressed by a law similar to this new one. People who bring up domestic social media in discussions of this law are completely missing the point.

SSL/TLS, the “S” in HTTPS, and other network encryption protocols such as SSH, use a technique called a Diffie-Hellman key exchange. This is a mode of cryptography where each side generates two keys: a public half and a private half. Anything encrypted with the public half is only decryptable by the associated private half (and vice versa).

You and Youtube only ever exchange the public halves of your respective key pairs. If someone snoops on the key exchange all they can do is insert spoofed messages, not decrypt real ones.

Moreover, the keypairs are generated on the fly for each new session rather than reused. This means that even a future compromise of youtube won’t unlock old sessions. This is a concept called forward secrecy.

Message spoofing is prevented by digital signatures. These also use the Diffie-Hellman principle of pairs of public/private keys, but use separate longer-term key pairs than those used with encryption. The public half of youtube’s signing key, as presented by the server when you connect to it, has to be digitally signed by a well-known public authority whose public signing key was shipped with your web browser.

many advertising companies have argued it would undermine their industry.

Yes.

“Absent this data, smaller enterprises will lose a critical path to reach and attract new customers

They seemed to get along just fine for centuries without it.

"[…] and consumers overall will have less exposure to new products and services that may interest them,” a group of ad trade bodies wrote in a letter first reported by Adweek.

They say that like it’s a bad thing.

I will be availing myself of this law just as soon as the website is up.