this post was submitted on 04 Dec 2024
630 points (99.4% liked)

Technology

60085 readers
4517 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
630
U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack (www.nbcnews.com)
submitted 3 weeks ago by WhatsHerBucket@lemmy.world to c/technology@lemmy.world
198 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] circuitfarmer@lemmy.sdf.org 115 points 3 weeks ago (58 children)

It's probably also good practice to assume that not all encrypted apps are created equal, too. Google's RCS messaging, for example, says "end-to-end encrypted", which sounds like it would be a direct and equal competitor to something like Signal. But Google regularly makes money off of your personal data. It does not behoove a company like Google to protect your data.

Start assuming every corporation is evil. At worst you lose some time getting educated on options.

[–] mosiacmango@lemm.ee 34 points 3 weeks ago (52 children)

End to end is end to end. Its either "the devices sign the messages with keys that never leave the the device so no 3rd party can ever compromise them" or it's not.

Signal is a more trustworthy org, but google isn't going to fuck around with this service to make money. They make their money off you by keeping you in the google ecosystem and data harvesting elsewhere.

[–] jagged_circle@feddit.nl 1 points 3 weeks ago (2 children)

They do encrypt it and they likely dont send the messages unencrypted.

Likely what's happening is they're extracting keywords to determine what you're talking about (namely what products you might buy) on the device itself, and then uploading those categories (again, encrypted) up to their servers for storing and selling.

This doesn't invalidate their claim of e2ee and still lets them profit off of your data. If you want to avoid this, only install apps with open source clients.

[–] mosiacmango@lemm.ee 0 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

E2EE means a 3rd party cant extract anything in the messages at all, by definition.

If they are doing the above, it's not E2EE, and they are liable for massive legal damages.

[–] jagged_circle@feddit.nl 0 points 3 weeks ago

Thats not what it means. It means that a third party cannot decrypt it on their servers.

Of course if the "third party" is actually decrypting it on your device, then they can read the messages. I dont know why this is not clear to you.

load more comments (49 replies)
load more comments (54 replies)