[thmsths]

The message can't be intercepted in transit, since we are talking about spyware, I assume they get it from the device, hard to defend against that if they have access to your process' memory space.

[Hamuko]

Surprising that end-to-end encryption doesn't really matter when you get into one of the ends.

[ASalazarMX]

Even if you had to input your private key every time you wanted to read or send a message, having malware in your phone voids practically any form of encryption, because it has to be decrypted eventually to be used.

[akimbostrawman]

not at all. there is no encryption that can save you when one of the legitimate participants is somehow compromised. doesn't even need to be a sophisticated device compromise, literal shoulder surfing does that too.

[lmm]

Certainly very hard to defend against that when the messenger you're using won't let you use a device you control.

[moralestapia]

>The message can't be intercepted in transit

Lol, so like ... all encryption schemes since the 70s?

[sowbug]

They do have stronger schemes, which are called hash functions.

[moralestapia]

What?

Hashing is not encrypting.

You can learn more about the topic here, https://www.okta.com/identity-101/hashing-vs-encryption/

[coldtea]

It's a joke, because hashing loses information, and thus the original is not retrievable, woosh

[moralestapia]

Lol, good one, then :)

[sowbug]

> What?

> Hashing is not encrypting.

> You can learn more about the topic here, https://www.okta.com/identity-101/hashing-vs-encryption/

Thank you for that link. Your original comment implied that Signal's threat model should have included an attacker-controlled end. The only way to do that is to make decryption impossible by anyone, including the intended recipient. A labyrinthine way to do that would be to substitute the symmetric-encryption algorithm with a hash algorithm, which of course destroys the plaintext, but does accomplish the goal of obfuscating it in transit, at rest, and forever.

[p-o]

Hashing is a part of encryption, maybe you are the one who needs to shore up on the topic?

[aipatselarom]

Nice try. However, hashing and encryption are two different operations.

Load this page, https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Ctrl-F "hash". No mention of it.

Before being pedantic at least check out the url in that comment to get the basics going.

[sowbug]

This entire thread should be annihilated, but since you mentioned being pedantic...

You're correct that a pure encryption algorithm doesn't use hashing. But real-world encryption systems will include an HMAC to detect whether messages were altered in transit. HMACs do use hash functions.

[AlotOfReading]

A good hash function is surjective. Encryption is bijective. They're very different things.