Ancestors

Written by morrowind@lemmy.ml on 2024-09-17 at 19:40

Meet DAVE: Discord’s New End-to-End Encryption for Audio & Video

https://lemmy.ml/post/20406991

=> More informations about this toot | More toots from morrowind@lemmy.ml

Written by Quail4789@lemmy.ml on 2024-09-17 at 23:29

Am I too harsh in believing that if you claim to have E2EE but I can’t verify a) your source code b) my client was built from that source code (i.e. reproducible builds) then you don’t have E2EE? The whole point of encrypting my traffic on the client is I don’t trust you. Why would I believe you aren’t sending the encryption keys off to your server if I didn’t trust you before?

=> More informations about this toot | More toots from Quail4789@lemmy.ml

Written by Chais@sh.itjust.works on 2024-09-18 at 05:15

Am I too harsh […]?

No. If there’s no way to verify anything then all we have to go on is their word.

The word of a company generally isn’t worth a whole lot. Same with Telegram.

=> More informations about this toot | More toots from Chais@sh.itjust.works

Toot

Written by jeffhykin@lemm.ee on 2024-09-18 at 05:25

The clients are source available for telegram though

=> More informations about this toot | More toots from jeffhykin@lemm.ee

Descendants

Written by Quail4789@lemmy.ml on 2024-09-18 at 09:45

Which is how we know their self-rolled encryption is shit.

There’s a reason why Telegram CEO can be arrested when Signal’s can’t. Because Telegram has information they can give but refuse to whereas Signal give everything they’ve got, which is basically nothing.

=> More informations about this toot | More toots from Quail4789@lemmy.ml