[Update: corrected link #1]
Ed Snowden wrote an opinion piece at the Guardian[3]. Since unfortunately a lot of people still take his technical half-knowledge seriously, here are a few comments:
"End-to-end encrypted communication systems are designed so that messages can be read only by the sender and their intended recipients, even if the encrypted – meaning locked – messages themselves are stored by an untrusted third party"
This still is simply not true. Facebook, WhatsApp & Co are not just "untrusted third parties". Not only that they make money from this services -- they own everything:
They own the servers and the network infrastructure. They engineer the protocols and implementations. The keys are generated by their proprietary client software. They code the bugs. :) And so on.
It is simply not true that they cannot read the messages. They could, if they only wanted, as I explained 3 years ago[1].
WhatsApp & Co could, if they only wanted, implement a trigger with which they could "silently" switch certain clients from client-side to server-side encryption. They could use it eg to perform random sample scans for child porn. Or they could fight virus outbreaks. And of course they could respond to lawful requests.
And this wouldn't make any ordinary user less secure. Quite the opposite.
They own the servers and the network infrastructure. They engineer the protocols and implementations. The keys are generated by their proprietary client software. They code the bugs. :) And so on.
It is simply not true that they cannot read the messages. They could, if they only wanted, as I explained 3 years ago[1].
WhatsApp & Co could, if they only wanted, implement a trigger with which they could "silently" switch certain clients from client-side to server-side encryption. They could use it eg to perform random sample scans for child porn. Or they could fight virus outbreaks. And of course they could respond to lawful requests.
And this wouldn't make any ordinary user less secure. Quite the opposite.
"Without total access to the complete history of every person’s activity on Facebook, the government claims it would be unable to investigate terrorists, drug dealers money launderers and the perpetrators of child abuse"
This is a plain lie. The government doesn't want a "total access", neither it is necessary. The government just wants that companies are able to respond to lawful requests, which means that they are able to break their own encryption.
I explained above that this is possible.
This is a plain lie. The government doesn't want a "total access", neither it is necessary. The government just wants that companies are able to respond to lawful requests, which means that they are able to break their own encryption.
I explained above that this is possible.
"bad actors who, in reality, prefer not to plan their crimes on public platforms, especially not on US-based ones that employ some of the most sophisticated automatic filters and reporting methods available."
Huh? Ed? Really?
First you said that thanks to end-to-end encryption, even the messaging providers themselves could not read messages, and now they are suddenly able to "most sophisticated automatic filters"???
What you claim here what the companies would do is only possible with access to the content. But if they already read the messages -- be at with the way I explained above, be it on the clients before the encryption, or be it somehow else -- then they could already comply with lawful requests. Why do you cry wolf then, Ed?
But no again, the reality is not like Snowden wants to make us believe. Pedophiles are very well aware that WhatsApp's end-to-end encryption works, that they are pretty safe from criminal investigations[2].
[1] https://rolfweber.blogspot.com/2019/10/how-service-providers-of-messengers.html
Keine Kommentare:
Kommentar veröffentlichen