|
|
|
|
|
|
by afiori
1921 days ago
|
|
|
I personally follow a different reasoning: I assume that using a precompiled app from X mean that you trust X. Personally I do not particularly care that whatsapp is e2e, I do not trust Facebook not to have side channels in their apps. Something like Matrix are likely the best you can go (a federated network where bad actors are likely to get called out, I have high expectations for its future), but apart from this I consider e2e a red herring* as e2e would also need to include source code, compilation, installation, and platform. it is not a magic incantation that fixes privacy (not to talk about metadata) we find reasonable to have not e2e emails, not e2e file sharing, not e2e phone calls. personally I care more about the long term commitment telegram has publically and repeatedly made (and the my assumption that they do not expect to be able to come out unscathed from obvious leaks) I understand that others might want more, no problem with that, but there is so much more than just e2e encryption. *telegram should still offer secret groups |
|
|
That's where we disagree: I don't find those to be reasonable but I have to make do with them because that's where the current status is. That doesn't refrain me from using e2ee file sharing by default, or doing e2ee phone calls by default, only resorting to the not encrypted when I can't do otherwise.
I'm not saying that e2ee must be the target for everyone and is the solution to all problems. I'm saying that there are very few situations where e2ee blocks features, so for most use cases if it works transparently for the user, why not use it ? It's the next step after point-to-point encryption like TLS: if you can have it on at all times without inconveniences, why not use it ? Both of those make the overall situation better with no discernable downsides.