Remix.run Logo
prmph 4 days ago

End-to-end encryption is about protecting data at rest on the vendor's servers. TLS only secures data in transit.

The article's argument is a bit like saying TLS protects plain-text passwords in transit, so there is no need to store them in hashed form in the database.

Sure, the article makes good arguments about the trust that is still implicit in E2EE, but it goes too far in its dismissal of it.

akimbostrawman a day ago | parent [-]

>End-to-end encryption is about protecting data at rest on the vendor's servers

No its literally in the name. It's about encryption between the end points of data communication. In most cases between two clients with the middle man server exchanging and hosting the encrypted data between them.

Its about protecting live data which in practice also results in at rest data protection because all data is encrypted which only the end points can decrypt. FDE for example only protects at rest data but does nothing to prevent live data extraction.