I did a talk at #hackmas on "Secure Messaging (and attacks against it)" and the great organization team has already put the video recording online at
https://media.ccc.de/v/26cd6d27-247f-5cf3-8adb-54c87bc372b2. Many thanks to the audience for so many insightful questions and discussions - it is rare that the audience is so engaged and aware of nuance! Slides are available at https://www.mayrhofer.eu.org/talk/secure-messaging-and-attacks-against-it/
Abstract: Secure messaging apps are one of the most-used app categories on current mobile devices, and a significant subset of human communication is handled through them. This makes them an interesting target for forensics, surveillance, and general information collection for intelligence services and police institutions. In this talk, we will discuss various options for such surveillance and their respective difficulties, pointing out which options do not seem realistic given all the practical considerations.
TL;DR: There is no good option for surveiling E2EE messenger apps; all of them are broken or practically unrealistic in various ways. I don't see an option to do that without real, significant problems that make all of us less safe. Please stop claiming that it is possible without these nasty issues.
[#]ChatControl #E2EE #SecureMessaging #Signal #ClientSideScanning #Staatstrojaner
=> More informations about this toot | View the thread | More toots from rene_mobile@infosec.exchange
=> View hackmas tag | View chatcontrol tag | View e2ee tag | View securemessaging tag | View signal tag | View ClientSideScanning tag | View staatstrojaner tag This content has been proxied by September (3851b).Proxy Information
text/gemini