Hacker News new | ask | show | jobs
by geofft 2264 days ago
I'm not sure what to do with systems like iMessage/FaceTime under this definition, where the server doesn't hold the private keys but also the client provides no means to check fingerprints out-of-band. In these systems, the server could MITM the clients to each other and thereby snoop on client communications with the same effective result as Zoom/Jitsi. (These systems also generally support changing the peer's fingerprint without notification.) But we still call those "end-to-end encrypted," right?

Is there a meaningful end-user difference between a design where you have to ask the server for your peer's public key and the server promises to be honest, and a design where the server generates a shared secret and then promises not to use it?

(Note that this question is completely orthogonal to whether the client or server are source-available - unless you can modify the client to display peer fingerprints, merely knowing that you're going to have to trust the server doesn't really change anything.)
2 comments
pbhjpbhj 2264 days ago
You appear to also realise that if it's a closed source client then the server could be fine, the client could do all the snooping and pass data in a side channel. It's worth spelling that out IMO.
link
wilg 2264 days ago
Even worse, the same could happen if it's an open source client!
link
geofft 2264 days ago
Right,

- if it's an open-source client but it doesn't display fingerprints and you haven't modified it, you're stuck. (At least you know you're stuck, but you knew that already.)

- if it's an open-source client but you're trusting someone else's binary, they can attack you.

- if it's an open-source client but you're not trusting someone else's binary, you're not on the embargo list and so responsibly-disclosed bugs are effectively zero-days for you.

- if it's an open-source client but it's written in C, you have no practical way of auditing it against intentionally-malicious source code (i.e., for almost everyone, the cost of auditing it is higher than the cost of visiting your conversation partner in person).

link
cpeterso 2264 days ago
How do iMessage and FaceTime provide end-to-end encryption? Is there a public key associated with Apple account? How does my private key get on different Apple devices without my help?
link
gruez 2264 days ago
>Is there a public key associated with Apple account

with each device

https://manuals.info.apple.com/MANUALS/1000/MA1902/en_US/app...

link