[jezzamon]

People here like it, but end-to-end encryption is an objectively worse user experience for people that don't care about that feature

[myaccountonhn]

To me part of using E2EE is not because I have something to hide but because I have friends who work in human rights that do have something to hide.

I think of it not as a consumer feature but rather quite foundational for a working democracy.

[jezzamon]

FWIW I totally understand the reasons for e2ee and think it's good that options exist for that. Just saying that if you're a user that doesn't care about that, then there are usability trade-offs you're dealing with

[iamcalledrob]

I would argue that WhatsApp's e2ee user experience is pretty decent, and didn't get worse when they introduced encryption.

But then again, their technical model has always been "fat client, dumb server" from the start.

[CodeCompost]

How is it a worse experience? It's ridiculously simple: The app sends a public key to the person you're talking to. The end user doesn't even need to notice it. What am I missing here?

[nosioptar]

On Facebook, I cannot receive messages. It only shows me a bit saying it's encrypted.

I used to help a nonprofit with their facebook account, made it a real pain in the ass for everyone involved.

Of course facebook has no customer service and their slop docs were of no use.

[Valodim]

I honestly can't tell if this is sarcasm

[CodeCompost]

Okay fair enough, Signal's end-to-end encryption is a lot more complex than that but really how is it a terrible end user experience?

[traderj0e]

Signal isn't nice to use on multiple devices. I'd lose my chats if I lost my phone without backing up the keys. Actually WhatsApp somehow deleted my chats even though I restored my phone from backup, idk. Signal also stops notifying you if it goes out of date.

It's fine for the use case they're meant for. Unlike Instagram, they had these usability limitations from the start, and they delegated auth completely to the phone providers.

[jezzamon]

It's not terrible. It's just worse in some areas. Which is of course a worthwhile trade-off for many people. Just... Some people don't really care about the privacy part

[jesterson]

How is it "objectively worse"?

[samizdette]

I guess because it is harder to back up and recover and harder to sync between devices. Signal has made a lot of progress on those though.

[jezzamon]

Main thing that comes to mind is things like this:

- If you lose you phone you lose your messages

- If you forget your password you lose your messages

- If you switch phone you often lose messages

- If you get added to a group you can't see the previous messages

[jesterson]

> - If you forget your password you lose your messages

This shouldn't be the case right? As password isn't related to the key messages are encrypted with.

[traderj0e]

It should be, otherwise where is that key coming from?

[dehrmann]

My issue with app-style E2E encryption is the app can still see your message in plaintext, and there's no way to verify it isn't doing anything with it.

[traderj0e]

Well except for the people here who love IRC. They must not like e2ee.