| ▲ | chadgpt2 3 hours ago |
| Do people expect that Instagram can't read their Instagram private messages? I don't think people expect that. And E2EE is not nearly as cheap as the HN crowd likes to pretend—how do those devices get those keys if not through a central service? Especially if one of them is a web browser? |
|
| ▲ | torben-friis 2 hours ago | parent | next [-] |
| >Do people expect that Instagram can't read their Instagram private messages? I don't think people expect that. A deeper question is why we reached a point where people can't reasonably expect their communication to not be spied on. |
| |
|
| ▲ | ryandrake 3 hours ago | parent | prev | next [-] |
| I would expect any message facilitated by a company's software, and going through that same company's servers to be compromised. |
|
| ▲ | mrexcess 3 hours ago | parent | prev | next [-] |
| The answer to most everyone question you’re asking is just, “public key cryptography”. It’s kind of disheartening to me that such basic 1990s tech as implemented by Phil Zimmerman is now obscure enough to merit questions like this. Both parties exchange public keys through the central service. Only the possessor of the respective (on device, Secure Enclave ideally) private keys can decrypt the messages encrypted to the public key. The process can also work in reverse, encrypting with the private key so only holders of the public key can decrypt: this is called “signing”. |
| |
| ▲ | feurio 3 hours ago | parent | next [-] | | And how does one verify that the public key received belongs to the intended party, rather than a mitm? If the answer is blind trust in a third party that runs the messaging service then I suspect that you can guess what the people asking those questions are really asking. | | |
| ▲ | danparsonson 2 hours ago | parent | next [-] | | https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exc... If Meta are turning it off then I guess it's reasonable to assume that there is something to turn off. | | |
| ▲ | LPisGood 2 hours ago | parent | next [-] | | Diffe-Hellman-Merkel key exchange is vulnerable to attacker-in-the-middle attacks. Eave could just do key negotiation with Alice and separately do key negotiation with Bob. You have to use a slightly more complicated cryptographic protocol to avoid this issue. | |
| ▲ | tardedmeme 2 hours ago | parent | prev [-] | | How would the keys get stored in the user's private browsing window? Do they lose all chat history when they log in on a private browsing window and then close it? | | |
| ▲ | danparsonson 2 hours ago | parent [-] | | I don't know the technical details of that for sure, but I think the answer is that keys and chat history are stored on-device only; for example you lose your WhatsApp history if you don't restore a backup when moving to a new phone. If a messaging app is showing you message history in a private browsing window then perhaps the encryption key for that history is derived from your password or something like that; that can be done locally so that all the server ever sees is encrypted data. | | |
| ▲ | tardedmeme 2 hours ago | parent [-] | | If you log in to the app on one phone and then in a web browser should you still be able to see your messages in the web browser? | | |
| ▲ | danparsonson 2 hours ago | parent [-] | | Sorry do you mean, that's how it works now, or, that's how you think it should work? Are you talking about Instagram or WA or something else? edit: misread your message; if you have two sessions active at the same time, then yes I would expect both sessions to receive the same messages. | | |
| ▲ | tardedmeme an hour ago | parent [-] | | What if you log into the app and then log out of the app and then log into the app again? Should you be able to see your messages? E2EE is a fail-secure design. In case of any doubt it deletes your private messages. When applied to this case I don't think the downside of constantly losing all your messages outweighs the upside of Facebook pretending they don't have a copy of all of them. | | |
| ▲ | danparsonson an hour ago | parent [-] | | Are you asking for technical details about E2EE in messaging apps, or simply making the point that you don't like it? If you don't like it, then fine, you do you, however I would point out that we all accept some inconvenience in our lives as a trade off for improved security; the lock on my front door is inconvenient but I'd rather have it than not. As to whether or not Meta have been lying about it, then that would be on-brand for them, but then what are they turning off if so? Or maybe the whole thing is theatre, and I should better disconnect from the internet altogether? I don't see the value in speculating about that. | | |
|
|
|
|
|
| |
| ▲ | mrexcess 2 hours ago | parent | prev [-] | | > And how does one verify that the public key received belongs to the intended party, rather than a mitm? Fingerprints. Again, this is like Crypto 101. Not saying that as a personal attack of any kind, I just remain incredulous that what used to be entry level knowledge in “our thing” has evidently become so obscure. |
| |
| ▲ | rileymat2 3 hours ago | parent | prev [-] | | The fly in the ointment is that they control the software and updates to that closed software so can short circuit that with appropriate pressure. | | |
| ▲ | Terr_ 2 hours ago | parent | next [-] | | Throwing this on the "brainstorm if we had an ideal legislative world" pile: Stealing a user's private key should be a felony, even if it hasn't (yet) been abused for anything. The tricky part is keeping it from being "permitted" by a crappy contract of adhesion. Banning it entirely would make it very difficult to buy/sell backup services... | |
| ▲ | mrexcess 2 hours ago | parent | prev [-] | | That would seem to constitute Honest Services Fraud under federal law, if they promised E2E then sabotaged it intentionally… | | |
|
|
|
| ▲ | onemoresoop 3 hours ago | parent | prev [-] |
| Ok, so drop all pretense then and blatantly scavenge through private conversations? Then take whatever from there and maybe sell it to highest bidder? |
