If I go to a website and ask for a web page over https, isn't the request and response between my device and the web server, an end-to-end encrypted message? Because the endpoints are my device and the web server.
If I can't send my credit card details to a payment provider over an end-to-end encrypted channel, doesn't all commerce on the web just fall apart?
How can a ban on end-to-end encrypted communication even fucking work?
When you have a centralized system like ICANN DNS, the governments know which IP addresses the domain points to. They can go and serve them National Security Letters or shake them down to install secret backdoors.
WhatsApp and Facebook can lie to you that they’re end-to-end encrypted. There is nothing stopping them from shipping custom updates. In facg they’ve been caught red-handed spying on both your video and audio. The only way you can be SURE an app isnt lying to you is with open source software, then you only have to trust the OS and browser (the Trusted Computing Base).
(That is why I am a big fan of blockchain-based smart contaracts. But blockchains are slow, so the next best thing is hosting your business logic using open source software on servers you control.)
Why do so many people trust Big Tech? Simple. We have no other choice!
Where are the VIABLE AND USER FRIENDLY open source alternatives to Facebook, Twitter, Telegram backends?
No one seems to have built anything better or more efficient than, say, Mastodon.
Except us. It was a labor of love and cost me a million dollars to date: https://github.com/Qbix/Platform
PS: If you play with it for a afternoon, post your experience or email me. I would be thrilled to hear about your experience, good or bad. And of course use it for anything you want.
I would be very happy to be proven wrong and see some more competitors being mentioned here, but if you do, make an honest assessment of how they compare! People need alternatives to the closed walled gardens, but having all these features working and up-to-date with browser tech is extremely hard: https://qbix.com/features.pdf
I'm not well versed for encryption, but isn't this a matter of perspective? If you're downloading a .midi file from a server, the other "end" is that server, isn't it? Will the forces pushing this make any nuanced distinction, outside of this?
Servers are online 24/7 listening and can be found and raided and/or hacked by various forces.
Clients are harder to locate. Especially if all you need to authenticate is a public/private keypair you generated.
That is why governments are so frustrated with crypto.
Why not? Are servers not communication endpoints?
I realize your point, that in most circumstances https is not being used as end to end encryption. But it can be, so wouldn't it also be attacked in this war?
But as I said, our definitions need to be useful. If the goal is for individuals to safeguard their conversations from prying eyes, then HTTPS is not the way to do it. Hence the government is likely to start with end to end encryption of the sort I have been emphasizing. With servers, they already have the tools… they can even IMPERSONATE YOU in Australia now and post as you.