• rdri@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    4 months ago

    is not any different from just having TLS for transport

    Yes, in simple terms, all encrypted transfer protocols are similarly protected from mitm attacks.

    That just means that they store both your data in some encrypted way and the key. They can still read it trivially.

    They can and they said the decryption keys are always kept separately (there are probably more layers than I can describe) from the data to make sure the servers are not used to decrypt the data locally. They can be lying for all I care. The bigger problem is that people somehow assume this a huge threat, while all previous cases didn’t involve anything like that. People are getting into trouble for their public content - protected by some encryption but visible to anyone interested (who then report it to oppressive authorities).

    While some go extra mile to explain to you how you should use e2e for your family group chats, real criminals do their stuff everywhere (especially on telegram) for years, staying safe. Problem is not how weak or strong the encryption is, but that once you are under oppression and do opposition activities, you’re going to learn by yourself how to deal with it. Signal will not save you from people in your group chats if they are there to report on you.

    • balsoft@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      4 months ago

      Problem is not how weak or strong the encryption is

      Here it’s definitely part of discussion. The context was

      It’s encrypted anonymous communication capabilities.

      It’s barely anonymous, and poorly encrypted. The latter is the reason Durov is in custody while Signal devs are scott free. He could easily turn illegal stuff over to French authorities, but doesn’t.

      The bigger problem is that people somehow assume this a huge threat, while all previous cases didn’t involve anything like that.

      There have absolutely been cases where a backdoor/weakness/lack of encryption used to catch criminals before: https://en.wikipedia.org/wiki/Operation_Trojan_Shield https://en.wikipedia.org/wiki/Ennetcom https://en.wikipedia.org/wiki/EncroChat . I distinctly remember that there were also arrests of opposition activists in Russia based on personal messages in VKontakte, but can’t find the news right now.

      real criminals do their stuff everywhere (especially on telegram) for years, staying safe.

      Some are staying safe, others are being caught precisely because of this.

      Problem is not how weak or strong the encryption is, but that once you are under oppression and do opposition activities, you’re going to learn by yourself how to deal with it.

      Using better encryption schemes is definitely part of that.

      • rdri@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        It’s barely anonymous, and poorly encrypted. The latter is the reason Durov is in custody

        There is no logic here. If it was poor it would be very easy to track anyone including criminals. You can check the news to find the reasons.

        There have absolutely been cases where a backdoor/weakness/lack of encryption used to catch criminals before

        I meant telegram related cases.

        Some are staying safe, others are being caught precisely because of this.

        I didn’t see any proofs of that.

        Using better encryption schemes is definitely part of that.

        Part of what? I don’t get the point here.