slaacaa@lemmy.world
on 07 Feb 2025 11:58
nextcollapse
Politicians still don’t know how E2E encryption works (and/or they don’t care)
Quill7513@slrpnk.net
on 07 Feb 2025 12:05
nextcollapse
they don’t think they’ll ever encounter consequences themselves
bassomitron@lemmy.world
on 07 Feb 2025 13:04
nextcollapse
I had thought that 5+ years ago, Google, Apple, Meta, etc. all created “master” private keys that would allow them to unencrypt users’ data. At the time, the argument used was to combat CSA material/trafficking. I could be wrong, though. I’ll try looking it up later.
Edit:
I did a quick search while on break at work.
Apple claims they have no master key and do not allow governments direct access to their servers. They only provide data when legally required to;
So it seems that Meta is likely scanning content before the encryption takes place. So they can still claim that messages are indeed E2EE, but that’s useless when their AI tools are still scanning the content beforehand.
In spite of these processes, Meta has concerns. The blog post said, “Without ownership of both clients (endpoints) we cannot guarantee what a third-party provider does with sent or received messages” and thus cannot assure that messages are safely encrypted and protected. Further they said that with interoperability they would “lose connection level signals that are important for keeping users safe from spam and scams such as TCP fingerprints.”
Finally, Meta said that having a intermediary between third party provider and a Meta server could expose the “chat metadata to the proxy server, which increases the likelihood that this data could be accidentally or intentionally leaked.”
Tldr; I wouldn’t trust Meta’s E2EE.
homesweethomeMrL@lemmy.world
on 07 Feb 2025 15:21
nextcollapse
Would like to know that!
pivot_root@lemmy.world
on 07 Feb 2025 16:48
collapse
I think trusting Meta’s (or Google’s) E2EE at any point would have been a bad decision. Facebook thrived on collecting user data, and end-to-end encryption of private conversations spits in the face of that. If it’s antithetical to their profits, there’s incentive to bypass the intent but still technically be implementing it (on-device keyword scanning, maybe?).
schizo@forum.uncomfortable.business
on 07 Feb 2025 14:07
collapse
Oh, I’m pretty sure they fully understand how it works.
They simply expect tech to roll over when commanded, and in this case, it does indeed look like Apple is going to do exactly that.
fuzzzerd@programming.dev
on 07 Feb 2025 15:43
collapse
The article says Apple is opposed. Additionally, they’ve already offered E2E backups, but you had to opt in. Well know they’ve capitulated if/when they remove that option.
Infernal_pizza@lemm.ee
on 07 Feb 2025 12:39
nextcollapse
God I fucking hate our government
TORFdot0@lemmy.world
on 07 Feb 2025 13:44
collapse
Sad how in 2025 this applies to pretty much every country
Infernal_pizza@lemm.ee
on 07 Feb 2025 22:05
collapse
Maybe if we all collectively vote for fascists our situation will somehow improve?
autonomoususer@lemmy.world
on 07 Feb 2025 12:57
nextcollapse
Only possible as iOS fails to include a libre software license text file. We do not control it, anti-libre software.
otto@sh.itjust.works
on 08 Feb 2025 05:55
collapse
lol
dance_ninja@lemmy.world
on 07 Feb 2025 13:24
nextcollapse
In response to the order, Apple is expected to simply stop offering Advanced Data Protection in the UK. This wouldn’t meet the UK’s demand for access to files shared by global users, however.
homesweethomeMrL@lemmy.world
on 07 Feb 2025 15:23
nextcollapse
“EU orders Apple to let anything in to the AppStore”
Androiders: Yeah! Open that shit up! Stupid Apple!
“EU orders encryption back door”
Androiders: . . . Not like that!
tortina_original@lemmy.world
on 07 Feb 2025 15:36
nextcollapse
Are you mentally challenged?
Edit: this was harsh and you don’t seem like a bot, apologies to you.
homesweethomeMrL@lemmy.world
on 07 Feb 2025 15:44
collapse
Apparently yes.
Apologies. Withdrawn.
Kaiserschmarrn@feddit.org
on 07 Feb 2025 15:39
collapse
UK isn’t part of the European Union.
homesweethomeMrL@lemmy.world
on 07 Feb 2025 15:46
collapse
I . . . I knew that. I was just . . testing everyone.
Uh, congratulations, . . y- you all did very well.
noughtnaut@lemmy.world
on 07 Feb 2025 16:25
collapse
I’m happy to see that these posts of yours are a net positive, because this is a beautiful comeback.
KoalaUnknown@lemmy.world
on 07 Feb 2025 15:41
collapse
E2E encryption is still available in the US for now, but I wouldn’t be surprised if the government forces that to change soon.
threaded - newest
Politicians still don’t know how E2E encryption works (and/or they don’t care)
they don’t think they’ll ever encounter consequences themselves
I had thought that 5+ years ago, Google, Apple, Meta, etc. all created “master” private keys that would allow them to unencrypt users’ data. At the time, the argument used was to combat CSA material/trafficking. I could be wrong, though. I’ll try looking it up later.
Edit:
I did a quick search while on break at work.
Apple claims they have no master key and do not allow governments direct access to their servers. They only provide data when legally required to;
www.apple.com/…/government-information-requests/
Google claims the same thing.
As for Meta, I could only find anecdotal Reddit posts that seem to somewhat contradict the E2EE claims from Meta, as an example:
reddit.com/…/meta_ai_scanning_private_conversatio…
reddit.com/…/messenger_has_access_to_the_endtoend…
So it seems that Meta is likely scanning content before the encryption takes place. So they can still claim that messages are indeed E2EE, but that’s useless when their AI tools are still scanning the content beforehand.
There’s also this recent development:
medianama.com/…/223-meta-end-to-end-encryption-eu…
Tldr; I wouldn’t trust Meta’s E2EE.
Would like to know that!
I think trusting Meta’s (or Google’s) E2EE at any point would have been a bad decision. Facebook thrived on collecting user data, and end-to-end encryption of private conversations spits in the face of that. If it’s antithetical to their profits, there’s incentive to bypass the intent but still technically be implementing it (on-device keyword scanning, maybe?).
Oh, I’m pretty sure they fully understand how it works.
They simply expect tech to roll over when commanded, and in this case, it does indeed look like Apple is going to do exactly that.
The article says Apple is opposed. Additionally, they’ve already offered E2E backups, but you had to opt in. Well know they’ve capitulated if/when they remove that option.
God I fucking hate our government
Sad how in 2025 this applies to pretty much every country
Maybe if we all collectively vote for fascists our situation will somehow improve?
Only possible as iOS fails to include a libre software license text file. We do not control it, anti-libre software.
lol
“EU orders Apple to let anything in to the AppStore”Androiders: Yeah! Open that shit up! Stupid Apple!“EU orders encryption back door”Androiders: . . . Not like that!Are you mentally challenged?Edit: this was harsh and you don’t seem like a bot, apologies to you.
Apparently yes.
Apologies. Withdrawn.
UK isn’t part of the European Union.
I . . . I knew that. I was just . . testing everyone.
Uh, congratulations, . . y- you all did very well.
I’m happy to see that these posts of yours are a net positive, because this is a beautiful comeback.
E2E encryption is still available in the US for now, but I wouldn’t be surprised if the government forces that to change soon.
<img alt="" src="https://lemmy.world/pictrs/image/738a143e-8012-44f4-b318-4a08a9b7b9a0.jpeg">