The combination of hardware attestation and walled garden "app stores" is the end goal of most policymakers in this area, and it happens to suit the monopolists in Google and Apple and Facebook down to the ground.
Perhaps a timely reminder that things do not always get better over time, and that we may have lived past the high point of secure communications in our lifetime.
Both parties exchange public keys through the central service. Only the possessor of the respective (on device, Secure Enclave ideally) private keys can decrypt the messages encrypted to the public key. The process can also work in reverse, encrypting with the private key so only holders of the public key can decrypt: this is called “signing”.
If the answer is blind trust in a third party that runs the messaging service then I suspect that you can guess what the people asking those questions are really asking.
I find the end to end encryption on Facebook to be detrimental to ease of use, because you always have to use a pin code, etc for the web interface.
If you don't trust meta with your chats, you probably shouldn't be using their application to begin with.
The authority holds Meta responsible anyway; they don't care about the implementation detail. They want to catch a pedo, and Meta is unable to produce evidence that helps them. Everyone else will yell at Meta for helping pedos.
You can substitute "pedo" with any other heinous crime e.g. terrorism.
And this is how we arrive at the current situation.
What form of accountability are you suggesting is even being leveraged, here? No law could force Meta to backdoor its encryption, afaik. Public pressure would be unlikely to work.
Is Meta afraid of anything real, or is this just blame shifting via ungrounded speculation?
Australia already has this law in place where a company must hand over user's conversation. A company cannot make an excuse that they themselves implement e2e to prevent themselves from reading user's messages. Source: https://www.bbc.com/news/world-australia-46463029
UK has a proposal to ban encryption this year. It is still being discussed.
> Public pressure would be unlikely to work
Public pressure works to a certain degree. Do you think a product manager at Meta would want to be labeled as "protecting pedos"?
In addition from a practical POV it's if anything the reverse is the case. Email encryption is larp security because plain text is the default, leaks metadata and its interfaces make it trivial for people to leak entire conversations. If there's one technology where you should just assume your messages are public, it's email before someone copy pastes or wrongly forwards your encrypted communication to fifty other people.
Private message encryption makes sense because it's now a default, information exchanged is usually personal, and the problem isn't just Meta but law enforcement extorting your data out of their hands, which encryption in the real world has prevented a few times now already.
The executives don't want anyone else to be able to use the messages in a malicious way, so they decide to cut it at the sources of the messages i.e. e2e encryption.
This is like: corporate emails being deleted after 6 months. When an authority asks for emails from the last year, they can say they don't have it.
Now the authority can ask for the emails not to be deleted at all but then that will be a different battle the authority has to fight.
Corporate emails often don't involve pedos/terrorism, so there's much less push to retain corporate emails forever.
If you don't want Mark Zuckerberg to upload your private messages into his own chat AI, then stop using Instagram immediately.
No. It protects your chats from Meta and all governments of the countries where Meta operates.
In fact, I expect Instagram to be more reachable globally now because these relaxed communication standards would be welcomed by oppressive governments as they can now retrieve messages as they please for whatever purpose they deem.
I’ve talked to Apple engineers.
Siri fell behind due to how good Apple’s privacy is.
Everyone made fun of them for protecting them.
This is exactly the opposite of that, where Mark is throwing you and your children under the bus again because he’s unoriginal and doesn’t know how to make money any other way than by getting all up in your business, statistically.
I’m sure this will not be a popular take on HN however.
They stay rather secure because of all these measures. But they’ll get dismantled, too. Because idiots push idiots in power to weaken Apple’s stance. Useful idiots is the right term.
Besides, we just need to set verbal timers and control music. We don't need a full-blown verbal Oracle.
Don't fool yourself into believing Apple cares about your privacy. They care about money.
[1] https://www.bbc.com/news/articles/cgj54eq4vejo
[2] https://www.reuters.com/article/technology/apple-moves-to-st...
"Apple hasn't come up with anything new in 20 years"
Very likely in response to Apple's granularity. Poor Zuck can't steal people's credentials
While they ALREADY probably only have Messenger for nefarious reasons https://news.ycombinator.com/item?id=4151433
He's a bit of a... something. That might get a 'low effort comment' moniker attached to it. Rhymes with ociopath
aucisson_masque•1h ago
TikTok about why they won’t put e2e for private messages.
I guess it’s reasonable to give up privacy to save the children, TikTok cares so much about our kids safety and wellbeing !
2ndorderthought•1h ago
chadgpt2•59m ago
airstrike•3m ago