[royka118]

Is it technically feasible to have a back door and still be `end to end` encrypted ?

[ktta]

The definition of end-to-end encryption is that the decryption keys are only available to the client. Now your question asks the question of where the backdoor should be.

It is feasible. The backdoor should be at a very low level (not say a sandboxed application) from which basically nothing can hide on the device.

[joshvm]

Yes, this was revealed by the recent agency leaks. Cracking end to end encryption is still extremely difficult (currently impossible?). It's much easier to get root on a target's phone and run a keylogger or break into the app. The messages are still end-end encrypted, but you can sniff them before they're sent and after they're received since they're shown to the user in plaintext.

[Neliquat]

But then the side channel (pre enc info) is also sent, using different encryption? Otherwise, just as broken.

[drcross]

The recent wikileaks documents from the CIA say that yes it is possibly but instead of blanket backdoor they have to be specifically targeted. Whether that's the current state of affairs of not, I dont know.

[pestaa]

Yes, but the back door must be placed on either `end`, so an eavesdropper needs to intercept communication before encryption or after decryption.

[sergior]

Yes, you can encrypt messages by yourself and that way it doesn't matter if the mean of communication is insecure.