Comment by Drew_
2 years ago
No, his question makes perfect sense and your response doesn't really make any. End-to-end encryption doesn't imply encryption from one end of the universe to the other. It is what it says on the tin: encryption from one end to another. Your message is insecure beyond the the other end.
That is true both for PGP encrypted messages as well as iMessage messages. There's nothing on iPhones or Macs actually protecting your decrypted messages. Most of the on device security is optional and your messages, photos and files can be copied and shared anywhere in plain text.
PGP makes no claims of being an "end-to-end encrypted service", because it's not a service. It's an end-user product. It doesn't have to "solve this" problem, because that's not what it's for.
You keep saying "service" when no one asked anything about services.
The question in this thread is whether iMessage can offer secure interop. The answer is yes. They just need to use an open protocol and that protocol can use tools like PGP to encrypt messages end-to-end.
Your claim that both the sending and receiving application need to be "controlled" by some entity for it to have "real" end-to-end security is non-sense.
The statement, from macintux, was "End to end encryption can only be guaranteed if you control both ends.".
The question, from tomrod, was "How does PGP solve this?"
Nothing to do with iMessage. I was answering a specific question on a tangent thread. If you want to argue with me about iMessage, go to one of the posts I've made about that on this article. This thread is about PGP.
2 replies →