1235
Meta found liable in child exploitation case (www.theguardian.com)
submitted 2 months ago* (last edited 2 months ago) by staircase@programming.dev to c/technology@lemmy.world
161 comments fedilink hide all child comments

... while they feign child protection to avoid costs

you are viewing a single comment's thread
view the rest of the comments
[-] bitjunkie@lemmy.world 17 points 2 months ago

If you're still using Meta spyware in 2026 and think you're getting true E2E without a backdoor, I've got a bridge to sell you.

[-] Puddinghelmet@lemmy.world -4 points 2 months ago* (last edited 2 months ago)

How do they get the key? Isn't that stored on me and my chatpartners literal phone? You can only get is by physically unlocking it? Show me technical proof? Meta says they only collect metadata, but the actual data is encrypted... ofc that guy lies but then we can drag him in front of a judge. And you're right ruzzia also hacked meta recently by their linked devices or support bots... U got proof or just a hunch

[-] borari@lemmy.dbzer0.com 13 points 2 months ago

Did you run gpg yourself to generate the key pair, then exchange pub keys with your chat partner? Or did Facebook generate the keys for you from within a closed source application?

[-] Puddinghelmet@lemmy.world -3 points 2 months ago* (last edited 2 months ago)

if it has a backdoor it's literally not end-to-end encryption at least, and they say it is so... idk so they are literally breaking the law and we can fine them again?

[-] borari@lemmy.dbzer0.com 12 points 2 months ago* (last edited 2 months ago)

You’re misunderstanding what end-to-end encryption is. If they have a copy of your private key, it’s still end to end encrypted. The alternative would be akin to a TLS termination proxy, where your device would encrypt a message using Facebooks public key, they decrypt message, store it, and then Facebook uses your chat partners public key to encrypt and send to them. You cannot send an encrypted message straight through to your chat partner.

What I’m insinuating is that there’s no way to know if Facebook has a copy of your private key. The message is still end-to-end encrypted, it is encrypted by you using your chat partners public key, and passes through all of Facebooks infrastructure encrypted, until your chat partner receives and decrypts it. If Facebook stores the message, it’s stored encrypted. They can just decrypt it when subpoenaed or whenever they want bc they have the required private key.

[-] Puddinghelmet@lemmy.world 4 points 2 months ago* (last edited 2 months ago)

Ooo mb you're right yeah, also when you use backups I read... ok something to look into for myself to understand better fr, thanks for this comment btw

[-] Puddinghelmet@lemmy.world 1 points 3 weeks ago* (last edited 3 weeks ago)

Did you run gpg yourself to generate the key pair, then exchange pub keys with your chat partner? Or did Facebook generate the keys for you from within a closed source application?

Huh but WhatsApp’s server only stores public keys (to route messages). The server cannot decrypt the message because it lacks the private key which is stored locally on your phone? WhatsApp uses the Signal Protocol (developed by Signal Messenger), which is considered the gold standard for E2EE. This protocol ensures that keys are temporary and regularly refreshed.

Each user (and each device) has a unique key pair (public and private key). The recipient’s public key is used to encrypt messages. Only the recipient’s private key can decrypt them. The private keys (required to decrypt messages) remain locally on your device. WhatsApp’s servers do not have access to your private key. However, public keys (which are not sensitive) are stored on the server to route messages.

Only you and the recipient can read the messages. WhatsApp (and Meta/Facebook) cannot read the content of your messages if they are properly encrypted. This applies to text, images, videos, voice messages, and calls (including group chats).

[-] borari@lemmy.dbzer0.com 1 points 3 weeks ago

WhatsApp’s code is not public. The app generates the private keys. The app has to have access to the private keys to decrypt your messages. Because the code is not public, no one has any idea if meta has ad hoc on demand access to the private key, or if they upload the private key to their servers.

If WhatsApp was open-source like signal, we wouldn’t be having this conversation. Until then, and based on metas know business practices, it’s safe to assume they have access to WhatsApp private keys.

[-] locahosr443@lemmy.world 6 points 2 months ago

'Show me proof meta is a bad actor or I'll just take their word they aren't'

I guess that's an opinion to have...

[-] Puddinghelmet@lemmy.world 2 points 2 months ago

truth lmao

this post was submitted on 25 Mar 2026
1235 points (99.0% liked)

Technology

84998 readers
2962 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws