| ▲ | g-b-r 7 hours ago | ||||||||||||||||||||||
> It was only a decade or so ago that "End-To-End Encryption" began to mean something other than "encrypted in transit". No, before that it was simply not a term, except in some obscure radio protocol (and even there someone competent in cryptography would probably not have chosen that term) > E2EE now means something wildly different in the context of messaging applications and the like (since like 2014) so this is more of an outdated way of saying "no one is getting your poop pictures between your toilet and us". The outdated way was saying "Military-grade 128-bit encryption", no one really used the E2EE term before it got the current meaning > I wonder if they encrypt it and then send it over TLS or if they're just relying on TLS as the client->server encryption. Restated, I wonder how deep in their stack the encrypted blob goes before it's decrypted. Some homemade encryption added on top of TLS is very unlikely to increase the security of the system | |||||||||||||||||||||||
| ▲ | calebio 5 hours ago | parent [-] | ||||||||||||||||||||||
> No, before that it was simply not a term, except in some obscure radio protocol > no one really used the E2EE term before it got the current meaning It most certainly was a term and no it wasn't simply limited to "some obscure radio protocol". 1994: https://ieeexplore.ieee.org/abstract/document/363791 1984: https://dl.acm.org/doi/pdf/10.1145/357401.357402 1978: https://apps.dtic.mil/sti/tr/pdf/ADA059221.pdf > Some homemade encryption added on top of TLS is very unlikely to increase the security of the system "Some homemade encryption" is not what I was suggesting at all. E.g. encrypted-at-the-source (client side) AWS files are still sent over TLS as an encrypted blob within an encrypted blob but remain encrypted past the TLS boundary. | |||||||||||||||||||||||
| |||||||||||||||||||||||