[salil999]

I am curious why it was very difficult for messenger to implement E2EE by default. iMessage has been doing it* (with a giant asterisk because there are flaws in the way Apple markets its E2E on iMessage but in general it has something there). The implementation they're describing on the blog seems very similar to iMessage (keys stored on a server so that syncing is possible

Asides from iMessage, they pretty much have most of this working for WhatsApp from the perspective of the user. The challenges they've mentioned seem like they've mostly been solved in WhatsApp? I could be totally naive here though.

[contact9879]

Enabling E2EE has historically required usability tradeoffs (no multi-device, no backups, chat transcripts are stored on device only, etc). It took them this long to make it seamless.

[salil999]

But WhatsApp has had it for a while, no? Or at least I think it's a solved problem looking at both WhatsApp and iMessage

[evbogue]

Yah, I'm constantly amazed by software that can restore my message history after I lose my private key.

[contact9879]

Maybe read the papers then?

[evbogue]

I promise, tomorrow when I have a little time, I will venture into the labyrinth and see what is to be learned.

[evbogue]

If the keys are stored on the server, how is that a private message?

[zer0zzz]

Protonmail holds your key encrypted on the server. The key could be encrypted+decrypted by pin or by password.

[Dah00n]

Does Proton (or Meta) see that Pin or password, or is it client-side only (as far as we know)?

[pferde]

Client side. The client downloads the encrypted key backup and decrypts it using user-entered pin/password.