129
submitted 1 year ago by Kidplayer_666@lemm.ee to c/privacy@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] DivergentHarmonics@sopuli.xyz 3 points 1 year ago

This is true for practically every online service ever.

Sorry i have to correct this statement. Unless all encryption can be broken one day (which is a different discussion), end-to-end encryption can be seen as private ... if both parties can trust each other to keep it so.
One can see if a service/app does e2ee if they (best) ask you to enter your public key (and only that) which will be shared to others to enable them to encrypt messages to you (such PMs can only get decrypted with your private key which is stored nowhere but on your own devices), and verify signatures done using your privkey. In the second-best case, an application will generate a key pair on your device and instruct you to store away the private key it just generated somewhere safe and protected by a long passphrase because if you lose it your PMs can not be recovered.

Interestingly, the ActivityPub protocol and IIRC also the Lemmy database have a "public key" field which could be used for e2ee purposes but the functionality is just not implemented.

this post was submitted on 20 Aug 2023
129 points (97.8% liked)

Privacy

32103 readers
551 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS