this post was submitted on 11 Apr 2024
137 points (94.8% liked)
Technology
59377 readers
4059 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
lots of comments about e2e encryption (or the potential lack thereof)
even if it is e2e encrypted (and I mostly believe it is), once its decrypted on your device (in their app) its in the clear. there is nothing technical preventing the app from then inspecting the data or forwardiing the data to another party for analysis - thats a "terms and conditions" issue.
the article claims they are doing some on-device recognition - thats likely computationally non-trivial, with variable accuracy (false positives/negatives, anyone) and probably at least partially circumventable and perhaps even exploitable (more app surface area to attack).
so, ok... its a lead-in to classifying content on your device. I have no idea what comes next, but I am pretty sure there will be a next and this is why I don't intentially use any meta products.
Which is a end-game around E2E. Saying 'the message is encrypted', but yes, I look at all messages before and/or after violates the expectation of E2E.
I've said this from the start, and people called me names, or "prove it". Sigh.
If the capability is there, that's a problem.