Messenger already has end-to-end encryption on messages, but now it's looking to back up your Messenger data more securely. Full story from the iMore Blog...
-
- iPhone 15 : The iPhone 15 makes up for a disappointing iPhone 14. Here's all the details.
- iPhone 15 Pro: Going beyond the Dynamic Island, Apple's pro smartphone goes big on gaming.
- iPhone 15 Pro Max: That periscope camera makes its debut on Apple's most-premium handset.
- Apple Watch Series 9: With a new chip teased, it proves just an iterative year for Apple's long-standing wearable.
- Apple Watch Ultra 2: Another modest update for Apple's top-tier rugged wearable sequel.
- iOS 17: Our favorite new iPhone software improvements, all in one place.
- watchOS 10: A significant upgrade for Apple's Watch software makes even older Apple Watches feel new again.
Meta wants you to trust Messenger, testing end-to-end encrypted backups.
- Thread starter iMore.com
- Start date
Annie_M
Moderator
vimagreg
Well-known member
Up_And_Away
Well-known member
E2EE can be a beautiful thing. Provided Skynet level computational power doesn’t become reality anytime soon, E2EE effectively means a disassociated third party obtaining that data has obtained nothing. Without the private key, they have, in effect, a pile of permanent gibberish. However here’s the catch: that’s a disassociated third party. Who or what puts/changes that data into a pile of gibberish and generates the key is not a disassociated third party. For a simplistic example, let’s say a backup app uses E2EE. Let’s say that app is from Meta and the app is running on the underlying Google OS.
No, I’m not saying Meta app or Google OS would have code (and a hilarious EULA) that first scans that backup data for important personal purchasing and prediction information, but I am saying they’d be enthusiastically inclined to
No, I’m not saying Meta app or Google OS would have code (and a hilarious EULA) that first scans that backup data for important personal purchasing and prediction information, but I am saying they’d be enthusiastically inclined to
Ledsteplin
Ambassador
E2EE can be a beautiful thing. Provided Skynet level computational power doesn’t become reality anytime soon, E2EE effectively means a disassociated third party obtaining that data has obtained nothing. Without the private key, they have, in effect, a pile of permanent gibberish. However here’s the catch: that’s a disassociated third party. Who or what puts/changes that data into a pile of gibberish and generates the key is not a disassociated third party. For a simplistic example, let’s say a backup app uses E2EE. Let’s say that app is from Meta and the app is running on the underlying Google OS.
No, I’m not saying Meta app or Google OS would have code (and a hilarious EULA) that first scans that backup data for important personal purchasing and prediction information, but I am saying they’d be enthusiastically inclined to
I have no idea what you just said.
Ed7789
Ambassador
I trust Meta as much as I trust the Québec government with doing the right thing… In other words, trust level 0!
Huh? You lost me at Skynet.
E2EE can be a beautiful thing. Provided Skynet level computational power doesn’t become reality anytime soon, E2EE effectively means a disassociated third party obtaining that data has obtained nothing. Without the private key, they have, in effect, a pile of permanent gibberish. However here’s the catch: that’s a disassociated third party. Who or what puts/changes that data into a pile of gibberish and generates the key is not a disassociated third party. For a simplistic example, let’s say a backup app uses E2EE. Let’s say that app is from Meta and the app is running on the underlying Google OS.
No, I’m not saying Meta app or Google OS would have code (and a hilarious EULA) that first scans that backup data for important personal purchasing and prediction information, but I am saying they’d be enthusiastically inclined to
Huh? You lost me at Skynet.
Up_And_Away
Well-known member
Lol, it was a bit all over the place. Apologies for that.
Let me try a different explanation: E2EE communications are private, absolutely. Which is to say E2EE communication on the wire/in the wireless wave can’t be captured & decrypted with today’s computational ability (computational ability would have to jump up to Skynet level). However, the OS and app are the potential weak spot. The App or OS says let me scan your data before it is encrypted and sent on the wire/in the Wi-Fi air.
Based on Meta and Google being massive prolific recorders of individual data, their E2EE privacy guarantee is automatically suspect (not based on it being insecure on the wire, it is secure, but based on what they do before encrypting and sending out on the wire).
That’s the best I got, hopefully it was less all over the place.
Let me try a different explanation: E2EE communications are private, absolutely. Which is to say E2EE communication on the wire/in the wireless wave can’t be captured & decrypted with today’s computational ability (computational ability would have to jump up to Skynet level). However, the OS and app are the potential weak spot. The App or OS says let me scan your data before it is encrypted and sent on the wire/in the Wi-Fi air.
Based on Meta and Google being massive prolific recorders of individual data, their E2EE privacy guarantee is automatically suspect (not based on it being insecure on the wire, it is secure, but based on what they do before encrypting and sending out on the wire).
That’s the best I got, hopefully it was less all over the place.
Up_And_Away
Well-known member
I think I lost everyone at Skynet.
Skynet from The Terminator movie series? The chip recovered from inside the Terminator radically advancing our computational power. It makes what was not possible to compute/decrypt now easily done. But it gives rise to “Skynet”: computational power that is so off the charts that it actually thinks for itself, it has effectively become “alive”. It’s computational power is able to decrypt/get through network security everywhere (shockingly! government/military don’t know just how dangerous it is for Skynet to be thinking for itself).
Hence the reference to Skynet regarding E2EE. Without “skynet” a supercomputer of today would take centuries to decrypt E2EE (and is why governments hate the idea of users using E2EE for their data).
Any better? Even slightly?
Skynet from The Terminator movie series? The chip recovered from inside the Terminator radically advancing our computational power. It makes what was not possible to compute/decrypt now easily done. But it gives rise to “Skynet”: computational power that is so off the charts that it actually thinks for itself, it has effectively become “alive”. It’s computational power is able to decrypt/get through network security everywhere (shockingly! government/military don’t know just how dangerous it is for Skynet to be thinking for itself).
Hence the reference to Skynet regarding E2EE. Without “skynet” a supercomputer of today would take centuries to decrypt E2EE (and is why governments hate the idea of users using E2EE for their data).
Any better? Even slightly
?
Ed7789
Ambassador
Lol, it was a bit all over the place. Apologies for that.
Let me try a different explanation: E2EE communications are private, absolutely. Which is to say E2EE communication on the wire/in the wireless wave can’t be captured & decrypted with today’s computational ability (computational ability would have to jump up to Skynet level). However, the OS and app are the potential weak spot. The App or OS says let me scan your data before it is encrypted and sent on the wire/in the Wi-Fi air.
Based on Meta and Google being massive prolific recorders of individual data, their E2EE privacy guarantee is automatically suspect (not based on it being insecure on the wire, it is secure, but based on what they do before encrypting and sending out on the wire).
That’s the best I got, hopefully it was less all over the place.
This is much more clear for me
Travons
Well-known member
Why are they really taking that long to activate that ?
Well, that tells everything about their shady activities in the past
Well, that tells everything about their shady activities in the past
Up_And_Away
Well-known member
To be fair to Meta and Google(though they deserve little in regards to private data), governments around the world (all governments including the US) are actively trying to keep companies from employing E2EE. E2EE files/data can’t be viewed by anyone without the private key. Your smartphone, as a simplified example, would hold that private key, likely the only place that key exists. Governments obtaining a cloud backup is super easy as compared to getting into your smartphone.
So as much as Meta and Google and Apple and many others would like to say your data is E2EE protected, they have to tread carefully else bring down government regulators who will exert pressure on them in different ways.
So as much as Meta and Google and Apple and many others would like to say your data is E2EE protected, they have to tread carefully else bring down government regulators who will exert pressure on them in different ways.
Similar threads
Trending Posts
-
-
The iMore 20K / 50K Post Challenge - Are you up for it?- Started by Jaguarr40
- Replies: 31K
-
-
-
Facebook
Twitter
Instagram