|
|
|
|
|
|
by oneplane
1342 days ago
|
|
|
How good it is depends on the actor/threat model. I'd say that server-side encryption is always a good thing when you include someone trying to steal disks from a SAN array to see if there's tasty data on it. On the other hand, if your adversary wants to get your stuff, they will find a way. The whole cryptography thing is just imposing cost on a potential attacker, not a universal warranty against any possible attack. Someone can still locate you and beat you with XKCD's $5 wrench for your password. Ideally we'd have end-to-end encryption on everything without adding complexity for end-users. But a lot of that stuff seems to be hard to build and at least just as hard to retroactively bolt on to a system. iMessage (iChat) goes back a long time and supports many platforms (yes, within the apple ecosystem, that is) which means they can't easily nuke every legacy API at once. |
|
|
This is true, and to add to it: for state level actors, “wanting to get your stuff” expands to passive collection of data as well as well trodden paths to more targeted surveillance. End to end at least throws up a few more barriers.