Privacy

35037 readers

654 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

Why does Big Tech's "End to End" encryption matter if they are compromised anyways? (lemmy.dbzer0.com)

submitted 3 days ago by [email protected] to c/[email protected]

17 comments fedilink hide all child comments

Like, there's a lot of people freaking out about Apple ending End to End encryption in iCloud in UK. I'm just like: So What? It was probably backdoored from the beginning

So is Big Tech's E2E actually not backdoored? Or is that just a PR stunt to trick people into trusting iCloud, and this is a secret honeypot? 🤔

What are your thoughts?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 61 points 3 days ago (2 children)

There is a difference between probably backdored, and we're not event trying to look secure anymore.

[–] [email protected] 15 points 3 days ago* (last edited 3 days ago)

There's also a big difference between published specifications and threat models for the encryption which professionals can investigate in the code delivered to users, versus no published security information at all with pure reverse engineering as the only option

Apple at least has public specifications. Experts can dig into it and compare against the specs, which is far easier than digging into that kind of code blindly. The spec describes what it does when and why, so you don't have to figure that out through reverse engineering, instead you can focus on looking for discrepancies

Proper open source with deterministic builds would be even better, but we aren't getting that out of Apple. Specs is the next best thing.

BTW, plugging our cryptography community: [email protected]

[–] [email protected] 4 points 3 days ago (1 children)

I'd say the difference is minimal though.

[–] [email protected] 10 points 3 days ago

the difference is closer to maximal. only way to be worse is not just on purpose, but expertly on purpose.