• Azzy@beehaw.org
    link
    fedilink
    English
    arrow-up
    21
    ·
    1 year ago

    What’s stopping someone from just sending public keys or something through Signal and encrypting their messages that way? There’s no way to enforce this with such simple loopholes present. We shouldn’t be focusing on breaking privacy and instead invest in helping existing victims in ways that actually matter.

    • Norah - She/They
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Whilst I agree with your sentiment, this isn’t how end-to-end encrypted chats work. Otherwise, it would be impossible to know the messages you’re receiving are coming from the person you think they are.

      • Azzy@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I suppose you’re right, but forging that kind of thing would be difficult, also considering the PKI already in place. If someone has their own email server and they sign/encrypt their email, and host their public key on a key server somewhere, it’s highly unlikely that all three would be compromised. and even if that fails, you could just meet up with them and exchange flash drives with keys.