zlacker

[return to "Signal app downloads spike as US protesters seek message encryption"]
1. matheu+X2[view] [source] 2020-06-05 02:30:43
>>pera+(OP)
I hope one day apps like Signal will be the default for everyone, not just protesters in a time of crisis.
◧◩
2. senect+a3[view] [source] 2020-06-05 02:33:45
>>matheu+X2
will only happen if phone manufactures ship them by default rather than the unsecure by default ones they ship atm.

Sounds crazy when I say it outloud...

◧◩◪
3. RL_Qui+36[view] [source] 2020-06-05 03:01:16
>>senect+a3
iMessage is end to end encrypted by default. Perhaps not as strongly, but it's a good default to begin with.
◧◩◪◨
4. Nextgr+j6[view] [source] 2020-06-05 03:03:14
>>RL_Qui+36
Key management is still centralized and controlled by Apple, so they can still MITM communications by messing with the key exchange.

iCloud backups (enabled by default) are not end-to-end encrypted.

So while it's technically E2E, in practice you get very little protection from it because it's broken by design.

I still use iMessage because of the user experience, but let's not be fooled by their misleading E2E claims; it's all just marketing BS.

◧◩◪◨⬒
5. ciaran+G6[view] [source] 2020-06-05 03:06:04
>>Nextgr+j6
If both parties disable iCloud on their phones, does Apple have any way to read messages sent via iMessage?
◧◩◪◨⬒⬓
6. Nextgr+vc[view] [source] 2020-06-05 04:16:55
>>ciaran+G6
They can still pull off an MITM attack by sending the MITM’s keys (pretending to be the other user’s keys) because they control they key exchange.

It’s an active attack and can’t apply retroactively but within these constraints they can still do it.

[go to top]