rpg.pbem.online

The Encryption Debate Is Over - Dead At The Hands Of Facebook who will control the Whatsapp end-to-end encryption on your device


If either user’s device is compromised, unbreakable encryption is of little relevance. This is why surveillance operations typically focus on compromising end devices, bypassing the encryption debate entirely. If a user’s cleartext keystrokes and screen captures can be streamed off their device in real-time, it matters little that they are eventually encrypted for transmission elsewhere. Facebook announced earlier this year preliminary results from its efforts to move a global mass surveillance infrastructure directly onto users’ devices where it can bypass the protections of end-to-end encryption.

In Facebook’s vision, the actual end-to-end encryption client itself such as WhatsApp will include embedded content moderation and blacklist filtering algorithms. These algorithms will be continually updated from a central cloud service, but will run locally on the user’s device, scanning each cleartext message before it is sent and each encrypted message after it is decrypted.

The company even noted that when it detects violations it will need to quietly stream a copy of the formerly encrypted content back to its central servers to analyze further, even if the user objects, acting as true wiretapping service. This allows them to intercept your messages and pass them on to any 3rd party without you knowing.

So be very wary when you hear a vendor touting end-to-end encryption. What you want to ask is two questions:
1. Am I the only one who has the encryption/decryption key, can I use my own key?
2. If I lose my password can the vendor reset it for me so I can see my messages? If the answer is yes then the veendor has a decryption key.

You either have true user-owned end-to-end encryption or you do not. There is no half-security. You're secure or you are not secure.

See https://www.forbes.com/sites/kalevleetaru/2019/07/26/the-encryption-debate-is-over-dead-at-the-hands-of-facebook/

#security #facebook #encryption
The Encryption Debate Is Over - Dead At The Hands Of Facebook

Image/Photo
The sad reality of the encryption debate is that after 30 years it is finally over: dead at the hands of Facebook.
Image/Photo- - - - - -

https://gadgeteer.co.za/node/3403
I assume WhatsApp isn't encrypted, given that it's owned by Facebook. I'm sure Facebook is reading the content for keywords to sell to advertisers.
Having encryption on a phone is not end2end, Period
Who cares, what FB consumers accept to be imposed upon them.
Encryption is a method in IT, use your own IT, install a trustworthy implementation and encrypt end to end. And if you ever use something like Whatsapp, remember, that this is not yours and it never was. Same for Apple, MS, Google and all other corporate consumer services.
The key is, to pay for it. Fuckin rent your own bare metal, install the OS of your choice and implement encryption, if you really want encryption.
And yes: to actually own it, does make a difference.
Broken encryption/pseudo encryption/pseudo privacy is in the contracts you accept for using "free" services. Its not in the contracts for renting a computer in a datacenter. The law allows to intercept your traffic but it still does not allow to own your OS on a rented computer.

So fuckin stop complaining, rent a computer in a datacenter, install the OS of your choice and learn, how to administrate and use it. Its no rocket science and to pay about 10 Euros per month to have a cloud service running on free software under your command should be worth it, no?
/moi agrees
footnote: do not encrypt in the cloud :-)
@Hans WUnless its your "cloud" ;-)
Sicherheit außerhalb von Open Source existiert eh nicht wirklich. Alle Werkzeuge sind vorhanden, aber die wenigsten nutzen es, oder wissen überhaupt wie man es nutzen könnte. Manche wissen vermutlich nicht mal das sie existieren.
Sicherheit außerhalb von Open Source existiert eh nicht wirklich. Alle Werkzeuge sind vorhanden, aber die wenigsten nutzen es, oder wissen überhaupt wie man es nutzen könnte. Manche wissen vermutlich nicht mal das sie existieren.
Irgendwie erinnert mich das irgendwie gerade an Verhütungsmittel und Kondome ..
@Passagier 451 I launched my own Nextcloud server over a year ago because of these type issues. It's not that hard, and it can be done on a very tight budget.

P.S. the #Briar messaging app is really kick-ass if people are serious about messaging in private.