Hacker News new | ask | show | jobs
by robryk 1159 days ago
> Look, if people want to encrypt their chats on Telegram, they start a secret chat. That’s how it should be. Why should it be the default? Because you think people are idiots?

Because everyone is an idiot once in a while (just after waking up, when drunk, when stressed, when sick, ...). Also, because the very presence of a secret chat is something that can be observed and can be enough to raise suspicion.
1 comments
EGreg 1159 days ago
I know this is a bit of a cop-out but even writing in a non-secret chat and having Telegram know, then totally deleting a message on Telegram with no visual trace to the counterpart, is less worrying for me than doing the same on the “e2e encrypted” WhatsApp which shows “Message deleted” and if I failed to do it, prevents me from deleting the message after a while. Telegram lets me delete everyone’s messages and even the entire chat anytime. That shows where their head is at.

That said, you are right that not-on-by-default-for-everyone makes the encrypted chats more suspicious.

I have to say that I have a nuanced view on encryption, which isn’t matching the orthodoxy on HN:

https://community.qbix.com/t/balancing-privacy-and-accountab...

link
robryk 1158 days ago
If I understand your proposed world correctly (I understand it as morally equivalent to the escrow of ~all keys with k-of-n split across some well-chosen entities/people), I expect a person holding that view to support encryption-by-default even more strongly, because in a world that looks that way (and that way actually works as described) there is no apparent downside to that. I'm curious whether you disagree with any part of this.

OT: Do you have anything more concrete written on the choice of holders of escrow shares (so that they can be trusted to actually follow the audit rules)?

link
EGreg 1158 days ago
Thanks for reading through what I wrote and grokking it! It means a lot to me. Now we can discuss it.

Yes, for all private interactions / conversations I support encryption, provided it can be decrypted in the way I said. Obviously there is room for innovation to make it harder and harder to do bulk decryption without a proper reason and audit trail. And make sure somehow that the cameras can prove they aren’t sending unencrypted video or that encryption keys are secure. It’s hard to prove a negative, but possible if verifiers can search the entire signal. Those innovations are part technological and part societal… but the underlying technology (like blockchain) has to exist first. Has anyone built it yet?

Now having said that, I don’t think encryption keys should be that hard to get for conversations within a corporation, and probably should be nonexistent for public servants on duty. Today we have the opposite … NATO promises to Gorbachev are secret, Normandy format talks were closed for years, Ukraine-Russia negotiations were behind closed doors, we don’t know why they all failed. And regular people have to go to war because of their failure. I think if the government wants to know where my $600 goes I should be able to know where trillions go.

link