@sneak I agree that both apps' security and privacy promises cannot be trusted but to say their e2ee is backdoored doesn't seem to be quite what the FBI document says, does it?

Follow

@ilumium if the device running imessage escrows the e2e keys to the same org as runs the imessage relay servers, using keys that are known to that org (i.e. icloud backup is not e2e, and backs up the imessage keys), then that's an e2e backdoor.

in an actual e2e system, you can't get message content without getting the endpoint keys from the endpoints. apple escrows the keys to icloud.

@sneak and @ilumium, I believe it’s also possible to have client-side back doors. That’s just an alternative theory, I don’t know what actually happens.

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!