345
submitted 1 year ago by L4s@lemmy.world to c/technology@lemmy.world

Facebook messages, obtained via valid warrant, help make case against women

you are viewing a single comment's thread
view the rest of the comments
[-] db2@lemmy.one 72 points 1 year ago

Also never trust a message is private unless you've at minimum encrypted it. Facebook, Twitter, reddit, even here.

[-] fubo@lemmy.world 74 points 1 year ago

Nothing here is private. At the very least, your messages are stored unencrypted on both the sending and receiving servers, and are completely readable to instance admins.

[-] Earthwormjim91@lemmy.world 22 points 1 year ago

Yup. If it isn’t E2EE, don’t trust it.

If you’re on Apple, use iMessage or a reputable dedicated encrypted messaging app (not WhatsApp). If you’re on Android, likewise use a dedicated encrypted messaging app or make sure that you and your recipient are both using the same Google Jibe RCS implementation and have it on.

[-] pineapplelover@lemm.ee 20 points 1 year ago

I don't fully trust Apple's claims because I feel they might have backdoors. I would trust only FOSS apps like Signal, Session, or Matrix.

[-] Earthwormjim91@lemmy.world 21 points 1 year ago

Understandable to not trust a big corp. Apple does have a solid track record on encryption though and actively fighting against backdoors.

FOSS is generally the best choice though.

[-] pineapplelover@lemm.ee 9 points 1 year ago

I'll trust them more if they are more transparent like Signal

https://signal.org/bigbrother/

[-] Earthwormjim91@lemmy.world 12 points 1 year ago

They do have a transparency report they publish twice a year. The first one for 2022 should be out soon.

https://www.apple.com/legal/transparency/us.html

They also publish one for almost if not all countries they operate in.

It’s not as detailed as Signals but does detail all government requests they get.

As far as the encryption goes, keys are generated by the devices themselves and not Apple servers.

They also detail where the keys are stored for iCloud based on what protection you choose. https://support.apple.com/en-us/HT202303

And they’re fairly transparent on all the privacy features.

I wouldn’t trust them entirely if you’re a very high risk for breach like a journalist in hostile countries, but I also wouldn’t trust any off the shelf solution for that and would be running a heavily locked down privacy focused Android fork in that case.

The cross OS compatibility is an issue though and I use Signal for anyone on Android that I talk to.

[-] Tanoh@lemmy.world 4 points 1 year ago

Also if you don't trust either of the ends, it doesn't matter much if it is E2E.

[-] pineapplelover@lemm.ee 9 points 1 year ago

Never trust a message is private unless you've at minimum end to end encrypted it and make sure both devices are not compromised.

[-] Bucket_of_Truth@lemmy.world 3 points 1 year ago

Emphasis on "you've encrypted." If you don't have the keys its not safe. Imessage has great encryption but Apple will just hand over the keys if asked so its useless.

[-] Earthwormjim91@lemmy.world 3 points 1 year ago

Apple doesn’t have the keys to it. That’s one of the major points of iMessage. Your keys are generated on device only. Apple can’t give what they don’t have. With the newer keychain stuff they’ve also made iCloud end to end encrypted as well, using keys generated on device, if you use advanced data security.

And if they would, they wouldn’t have gone to court over it when it was literal terrorists, the San Bernardino shooters a decade ago. They couldn’t turn over the keys to their iMessages because they didn’t have them and they went to court after they refused to put a back door in for the US government.

There’s a LOT to hate about Apple, but privacy so far hasn’t really been one of them. They’re pretty transparent about privacy features and how data is handled.

[-] Cyyy@lemmy.world 2 points 1 year ago

even if it's encrypted. if you don't want someone to find out about it.. don't talk about it online. you never know if the encryption really safes your ass in the worst case. there are cases where the police has deactivated or bypassed them without the user knowing about it.. or where they found the password.

here in germany the police hacked a server of a darknet drug market and deactivated the encryption and collected all the user passwords when you logged in. they collected data for almost a year and then screwed everyone over who used the service at that time.

never trust anyone or anything. if you want to keep a secret... don't post it online. even if it's encrypted.

this post was submitted on 13 Jul 2023
345 points (96.2% liked)

Technology

59623 readers
1514 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS