Meta wants you to trust Messenger, testing end-to-end encrypted backups.

Up_And_Away

Well-known member
Aug 27, 2021
1,215
49
48
Visit site
E2EE can be a beautiful thing. Provided Skynet level computational power doesn’t become reality anytime soon, E2EE effectively means a disassociated third party obtaining that data has obtained nothing. Without the private key, they have, in effect, a pile of permanent gibberish. However here’s the catch: that’s a disassociated third party. Who or what puts/changes that data into a pile of gibberish and generates the key is not a disassociated third party. For a simplistic example, let’s say a backup app uses E2EE. Let’s say that app is from Meta and the app is running on the underlying Google OS.
No, I’m not saying Meta app or Google OS would have code (and a hilarious EULA) that first scans that backup data for important personal purchasing and prediction information, but I am saying they’d be enthusiastically inclined to :)
 

Ledsteplin

Ambassador
Oct 2, 2013
50,466
727
108
Visit site
E2EE can be a beautiful thing. Provided Skynet level computational power doesn’t become reality anytime soon, E2EE effectively means a disassociated third party obtaining that data has obtained nothing. Without the private key, they have, in effect, a pile of permanent gibberish. However here’s the catch: that’s a disassociated third party. Who or what puts/changes that data into a pile of gibberish and generates the key is not a disassociated third party. For a simplistic example, let’s say a backup app uses E2EE. Let’s say that app is from Meta and the app is running on the underlying Google OS.
No, I’m not saying Meta app or Google OS would have code (and a hilarious EULA) that first scans that backup data for important personal purchasing and prediction information, but I am saying they’d be enthusiastically inclined to :)

I have no idea what you just said.
 

EdwinG

Ambassador
Mar 10, 2012
4,157
698
113
Visit site
I trust Meta as much as I trust the Québec government with doing the right thing… In other words, trust level 0!

E2EE can be a beautiful thing. Provided Skynet level computational power doesn’t become reality anytime soon, E2EE effectively means a disassociated third party obtaining that data has obtained nothing. Without the private key, they have, in effect, a pile of permanent gibberish. However here’s the catch: that’s a disassociated third party. Who or what puts/changes that data into a pile of gibberish and generates the key is not a disassociated third party. For a simplistic example, let’s say a backup app uses E2EE. Let’s say that app is from Meta and the app is running on the underlying Google OS.
No, I’m not saying Meta app or Google OS would have code (and a hilarious EULA) that first scans that backup data for important personal purchasing and prediction information, but I am saying they’d be enthusiastically inclined to :)

Huh? You lost me at Skynet.
 

Up_And_Away

Well-known member
Aug 27, 2021
1,215
49
48
Visit site
Lol, it was a bit all over the place. Apologies for that.
Let me try a different explanation: E2EE communications are private, absolutely. Which is to say E2EE communication on the wire/in the wireless wave can’t be captured & decrypted with today’s computational ability (computational ability would have to jump up to Skynet level). However, the OS and app are the potential weak spot. The App or OS says let me scan your data before it is encrypted and sent on the wire/in the Wi-Fi air.
Based on Meta and Google being massive prolific recorders of individual data, their E2EE privacy guarantee is automatically suspect (not based on it being insecure on the wire, it is secure, but based on what they do before encrypting and sending out on the wire).
That’s the best I got, hopefully it was less all over the place. :)
 

Up_And_Away

Well-known member
Aug 27, 2021
1,215
49
48
Visit site
I think I lost everyone at Skynet. :)
Skynet from The Terminator movie series? The chip recovered from inside the Terminator radically advancing our computational power. It makes what was not possible to compute/decrypt now easily done. But it gives rise to “Skynet”: computational power that is so off the charts that it actually thinks for itself, it has effectively become “alive”. It’s computational power is able to decrypt/get through network security everywhere (shockingly! government/military don’t know just how dangerous it is for Skynet to be thinking for itself).

Hence the reference to Skynet regarding E2EE. Without “skynet” a supercomputer of today would take centuries to decrypt E2EE (and is why governments hate the idea of users using E2EE for their data).

Any better? Even slightly :)?
 

EdwinG

Ambassador
Mar 10, 2012
4,157
698
113
Visit site
Lol, it was a bit all over the place. Apologies for that.
Let me try a different explanation: E2EE communications are private, absolutely. Which is to say E2EE communication on the wire/in the wireless wave can’t be captured & decrypted with today’s computational ability (computational ability would have to jump up to Skynet level). However, the OS and app are the potential weak spot. The App or OS says let me scan your data before it is encrypted and sent on the wire/in the Wi-Fi air.
Based on Meta and Google being massive prolific recorders of individual data, their E2EE privacy guarantee is automatically suspect (not based on it being insecure on the wire, it is secure, but based on what they do before encrypting and sending out on the wire).
That’s the best I got, hopefully it was less all over the place. :)

This is much more clear for me :)
 

Travons

Well-known member
Aug 4, 2022
149
6
18
Visit site
Why are they really taking that long to activate that ?

Well, that tells everything about their shady activities in the past
 

Up_And_Away

Well-known member
Aug 27, 2021
1,215
49
48
Visit site
To be fair to Meta and Google(though they deserve little in regards to private data), governments around the world (all governments including the US) are actively trying to keep companies from employing E2EE. E2EE files/data can’t be viewed by anyone without the private key. Your smartphone, as a simplified example, would hold that private key, likely the only place that key exists. Governments obtaining a cloud backup is super easy as compared to getting into your smartphone.
So as much as Meta and Google and Apple and many others would like to say your data is E2EE protected, they have to tread carefully else bring down government regulators who will exert pressure on them in different ways.
 

Trending Posts

Members online

Forum statistics

Threads
260,760
Messages
1,768,192
Members
441,265
Latest member
vber