[soziawa]

> Terrible advice. If you want e2e you can choose to enable it. It is not enabled because many users choose to receive their messages across multiple personal devices simultaneously. This is not possible with e2e, which is why it is an option.

Signal, WhatsApp, iMessage and Threema seem to do just fine.

[sgjohnson]

> iMessage

Unrelated to this, but for all intents and purposes, iMessage cannot be considered e2e encrypted if either party has iCloud backups enabled. Apple has access to your iCloud backups, and they contain the iMessage keys.

[arwineap]

IIRC With the keys they can technically decrypt in line, backups are not required.

[dmix]

Yes they can choose to decrypt messages going forward (by injecting a third key controlled by the gov/Apple in a multi person message and silently copying messages) but they can't retroactively decrpyt them in that case.

[vetinari]

"Just fine" by conveniently managing the keys for you. You have no idea what they really do with them.

Well, except Threema. Last time I used it, it was not possible to receive their messages across multiple devices simultaneously.

[pkulak]

You have no idea what any software does with your keys unless you audit it, then compile and install it on your device yourself. Oh, and audit your compiler. And its compiler...

[vetinari]

If you have a piece of software, that can read supposedly encrypted messages on several devices, it is obvious that it does something with the keys. You don't have to audit the compiler and argument into ad-absurdum.

[prophesi]

The Sesame protocol lets the linked device generate its own keypair, the only thing in common is your user id. Each private key never leaves the respective device.

A talk on the technicals can be found here: https://www.youtube.com/watch?v=7WnwSovjYMs&t=1762s

[orangepurple]

Guess who conveniently holds your "secret key" in escrow just like AWS KMS does by default? The provider.