Replying to Avatar Strypey

First, let's talk a bit about end-to-encryption (E2EE).

The reason for using E2EE is that you don't trust the people operating the servers you're using. In a centralised service (eg WhatSapp, TellMeGram, Wire, Signal), you have the trust the operators to roll out the E2EE competently, and to *not* backdoor it. So unless there's some way to independently confirm that the server operators have done that, using E2EE on a centralised service is pure privacy theatre:

https://archive.is/ShLiH

(2/?)

Avatar
Strypey 2y ago

The same things that's true of End-to-End Encryption (E2EE) on a centralised service is also true of Vanishing Messages. You have to trust the service operators to honour the promises made by the app. But if you trust the service operators , why do you need E2EE or Vanishing Messages? So again, adding these features to centralised services is just privacy theatre. Nothing more.

So what about decentralised networks?

(3/3)

Reply to this note

Please Login to reply.

Discussion

Avatar
Strypey 2y ago

In a decentralised network, unlike a centralised service, it is possible to confirm that End-to-End Encryption (E2EE) is working.

Because if two servers aren't both implementing the E2EE protocol properly, it just won't work. The messages won't sent, or they won't be delivered, or they won't be decrypted, or whatever. The need to communicate between two servers keeps the operators of both honest.

So what about Vanishing Messages then?

(4/?)