ArcherBoy27 t1_ja2h05o wrote on February 26, 2023 at 9:59 AM

Reply to comment by Prestigious_Push_947 in Signal CEO: We “1,000% won’t participate” in UK law to weaken encryption by ActivePersona

Yes I know. I was just stating "just" encryption in transit isn't E2EE (I.e. https).

E2ee is encrypted from end to end. From when it is written and saved on the source to when it is received and read on the destination. Anything except you that can read messages before you do, without your permission, and potentially send it off somewhere breaks E2EE, which is what they are proposing.

> It does not provide other types of encryption (i.e. encryption at rest) for your messages.

Going to need a source on that, no encryption at rest. Nothing I can find suggests that. I have found some claim it can be broken with physical device access but if the device itself is encrypted then it doesn't matter.

Prestigious_Push_947 t1_ja4max0 wrote on February 26, 2023 at 8:26 PM

You're just speaking nonsense. You don't understand these concepts at all. I'm not sourcing anything for some high school kid who's taken one IT class and thinks they're hot shit b/c they know CIA. There are loads of people reporting "vulnerabilities" in Signal because the on-device data is trivially accessed. Signal's response is consistently and repeatedly that their intent is not to provide on-device security and that you should use FDE. This is a very easy Google search away for you.

ArcherBoy27 t1_ja4uvhh wrote on February 26, 2023 at 9:23 PM

Great source, everywhere I could find didn't mention anything like that. You are giving me no reason to believe you.

No need to be aggressive, I asked for a source since I couldn't find one to match what you are saying.

Besides this has nothing to do with client side scanning, the reason signal said what they said, at all.

Forget it, I'm not spending time with someone that can't be civil.