Comment by gzread

1 month ago

Is it illegal or is it just illegal on general purpose platforms whose focus isn't extreme security?

We all know Meta can still read E2EE chats (otherwise they wouldn't do it) and they're using E2EE as an excuse to avoid liability for the things their platform encourages. Contrast this with something like Signal where the entire point is to be secure.

16 comments

gzread

cristoperb 1 month ago

> We all know Meta can still read E2EE chats

That can't be true, otherwise in what sense is it E2EE?

gzread 1 month ago
In the sense that calling it E2EE gives people a warm fuzzy feeling and makes people send more sensitive information over the platform.
Has anyone actually audited it?
- babelfish 1 month ago
  
  Probably their auditors? Lying about this would be tantamount to (very serious) securities fraud. Not sure what you're basing on your allegations on besides "trust me bro"
  
  6 replies →
duskdozer 1 month ago

Well, I've seen services describe having "E2EE" where one end is your computer and the other end is their server, so...
vaylian 1 month ago

The metadata is still unencrypted. That also reveals quite a bit.
interestpiqued 1 month ago
I mean you can read it in your app and they're not just stored on your phone. E2E just means in transport from what I understand.
- SAI_Peregrinus 1 month ago
  
  E2EE means end-to-end, where the ends are the participants in the chat. They can read it on your phone, but not on their servers. They need their app to separately transmit the plaintext to their servers to read it.
  
  2 replies →

markdown 1 month ago

The first two E's in E2EE stand for end. From one end to the other. So no, Meta can't. Or put another way... if they can read those messages, then it's not E2EE.