this post was submitted on 04 Dec 2024
630 points (99.4% liked)

Technology

60085 readers
2974 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
630
U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack (www.nbcnews.com)
submitted 3 weeks ago by WhatsHerBucket@lemmy.world to c/technology@lemmy.world
198 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] circuitfarmer@lemmy.sdf.org 115 points 3 weeks ago (58 children)

It's probably also good practice to assume that not all encrypted apps are created equal, too. Google's RCS messaging, for example, says "end-to-end encrypted", which sounds like it would be a direct and equal competitor to something like Signal. But Google regularly makes money off of your personal data. It does not behoove a company like Google to protect your data.

Start assuming every corporation is evil. At worst you lose some time getting educated on options.

[–] mosiacmango@lemm.ee 34 points 3 weeks ago (52 children)

End to end is end to end. Its either "the devices sign the messages with keys that never leave the the device so no 3rd party can ever compromise them" or it's not.

Signal is a more trustworthy org, but google isn't going to fuck around with this service to make money. They make their money off you by keeping you in the google ecosystem and data harvesting elsewhere.

[–] MonkderVierte@lemmy.ml 4 points 3 weeks ago* (last edited 3 weeks ago) (4 children)

End to end matters, who has the key; you or the provider. And Google could still read your messages before they are encrypted.

[–] mosiacmango@lemm.ee 2 points 3 weeks ago (2 children)

You have the key, not the provider. They are explicit about this in the implementation.

They can only read the messages before encryption if they are backdooring all android phones in an act of global sabotage. Pretty high consequences for soke low stakes data.

[–] MonkderVierte@lemmy.ml 1 points 3 weeks ago

I mean, Google does, with Play Services.

[–] ITGuyLevi@programming.dev 1 points 2 weeks ago

I'm pretty sure the key is stored on the device, which is backed up to Google. I cannot say for sure if they do or don't backup your keyring, but I feel better not using it.

load more comments (1 replies)
load more comments (48 replies)
load more comments (53 replies)