[bad_user]

End-to-end encryption is hard to implement, might cost more processing or bandwidth or storage (depending on the product) and does not yield benefits for companies interested in processing user data.

If it's not clearly advertised on the front page, _emphasized_ and not a foot note, then it's NOT e2e encrypted.

Example: https://signal.org

[pthatcherg]

There are 2 different kinds of video calls: 1:1 and group calls. For 1:1 calls, e2e encryption incurs negligible processing and bandwidth. Do you worry about the processing and bandwidth increase when using HTTPS/SSL? Probably not. Same goes for 1:1 calls.

For group calls, it depends on how it's implemented, but many group calls are implemented using what's called a Selective Forwarding Unit (SFU). One benefit of SFUs is that they take much less processing for the server than the other kinds (where the video is re-encoded by the server). For those types of group calls, e2e encryption can be implemented with negligible increases to processing and bandwidth.

However, you are correct that it is harder to implement correctly. And it does prevent certain features to be added to the product, such as recording and server-based processing of information (for example, meeting transcriptions).

(I used to work at Google on WebRTC, Duo, and Hangouts, but now work on video calling at Signal).

[ska]

Recording will work fine locally, no (albeit perhaps more fiddly)? It does push some things off the server obviously, but arguably none of those things should be happening on the server in a situation when E2E is mandated, anyway.

[pthatcherg]

Yeah, I was just trying to point out that there is a feature vs. privacy/security tradeoff. Although I think e2e encryption is usually much more valuable.

[ska]

fair enough

[krageon]

Given that Signal doesn't have reproducible builds and may therefore have absolutely anything inside of it's distributed binaries, I'm not sure if this is meant to be a good or a bad example.

[lorenzhs]

Signal for Android has had reproducible builds since 2016: https://signal.org/blog/reproducible-android/

[krageon]

It says it does not right on that page.

[tantalor]

> hard to implement

https://en.wikipedia.org/wiki/One-time_pad

[mjlee]

It's not clear from the context if you mean to say that's simple or hard with that link.

A OTP might be mathematically simple, but logistically it's very hard - you have to safely distribute the key and that key must be at least as long as the message you're passing.