Meta is using Signal for the encryption, so I don't agree.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Facebook Messenger Rolls Out End-to-End Encryption by Default
- Thread starter MacRumors
- Start date
- Sort by reaction score
Meta is using Signal for the encryption, so I don't agree.
And? Then that person won’t get any texts at all. SMS on or off, an Apple person will still get iMessages.
I’m curious how this will work on web. I’m not sure how encryption works entirely, but it seems like this is a E2E solution similar to iMessage pre-advanced-data-protection and yeah the messages themselves are encrypted when firing off but the chat log sitting on the server is wide open for fb and the government and hackers to read.
I’m very curious for more details on the technical aspects behind this new encryption by default!
I’m very curious for more details on the technical aspects behind this new encryption by default!
Here is the white paper from fb:
My post was in response to a poster chiding Apple for the SMS lacking E2E and praising Meta. Since Meta products don’t support any messaging at all off their platforms it isn’t a valid comparison.
Disabling SMS fallback would make the comparison equal. So Apple is just as secure is my point.
Does disabling SMS make sense? That’s a separate discussion altogether.
End-to-end…..when its sent, what about on device, can they read them then? Hmmm
I did take a look and I wonder (a) where Messenger stores the private, on-device, keys and (b) if there is a hidden backdoor due to things like this. Obviously we don't know but given the push notification stuff from yesterday, there is plenty going on out there. https://www.computerweekly.com/news...pted-messages-for-child-abuse-may-be-unlawful )
I know Apple stores private keys in the secure enclave and some Android phones have similar areas, but can apps write to it? I don't know the answer and google quickly wasn't much help.
Suspect that if a user opts in to advertising tokens and tracking, possibly gives a green light for utilizing any other data around the message being sent. Content of the message is only a part of the package that is available. Context of messages can often shed a lot of tracking info light. Pretty sure non of the companies advocating for end-to-end is wanting to give up such a valuable cash cow, nor accept the responsibility of a malicious action hidden within their messaging platform. Always going to be options to view. Always has and always will be. No win situation. Fully hide info and open the door for bad things. Create back door access and someone will exploit for their own purposes.
Meta is rolling out "end-to-end encryption" for personal messages and calls on Messenger and Facebook, finally delivering on a pledge it committed to some time ago.
Fixed that for you. You're welcome.
Fixed that for you. You're welcome.
Will the encryption be as bad as the one of WhatsApp, where text are encrypted, but all images are saved in folder that is accessible to all other Apps that have gallery access? At least that problem exists at Android phones.
And will that encryption also work in a browser? I will never install the Facebook Messenger on my smartphone. It actually came with the smartphone and even reinstalled itself when I deleted it. It took me a while to figure out how to get rid of it.
And will that encryption also work in a browser? I will never install the Facebook Messenger on my smartphone. It actually came with the smartphone and even reinstalled itself when I deleted it. It took me a while to figure out how to get rid of it.
I believe them. The messages are end to end encrypted. Does that mean Facebook can't extract essential information (including the raw message content)? Of course not.
This is the problem with representing a general desire via a singular technological checkbox. We don't want "end to end encryption", we want our conversations and digital lives to be private and for us to have ultimate control over our data and how it's used. End to end encryption is simply one slice of that whole pie. E2EE has become a marketing symbol to give users peace of mind but in isolation it solves nothing. If Facebook and Google are implementing it then it means nothing because they've found a trivial workaround to get what they want whilst ticking the "end to end" box.
This is the problem with representing a general desire via a singular technological checkbox. We don't want "end to end encryption", we want our conversations and digital lives to be private and for us to have ultimate control over our data and how it's used. End to end encryption is simply one slice of that whole pie. E2EE has become a marketing symbol to give users peace of mind but in isolation it solves nothing. If Facebook and Google are implementing it then it means nothing because they've found a trivial workaround to get what they want whilst ticking the "end to end" box.
I have WhatsApp installed because a lot of people I know use it. But I do not give the app access to my contacts list. Unfortunately most do.
Facebook messenger might use encryption now and MIGHT not crawl what you talk about but you bet they know who you talk to and who your contacts are, including businesses around your area.
Signal is the best app that respect your privacy. But most people use WhatsApp or iMessage (in the States).
Facebook messenger might use encryption now and MIGHT not crawl what you talk about but you bet they know who you talk to and who your contacts are, including businesses around your area.
Signal is the best app that respect your privacy. But most people use WhatsApp or iMessage (in the States).
Anyone know if this extends to the Kids version of Messenger? My kids want it on their tablets, but I have been holding off because of privacy concerns. E2EE would maybe make it less concerning.
Not just apps, but what about web browsers? Can’t you log into FB messenger and chat from any browser, how will that work?I did take a look and I wonder (a) where Messenger stores the private, on-device, keys and (b) if there is a hidden backdoor due to things like this. Obviously we don't know but given the push notification stuff from yesterday, there is plenty going on out there. https://www.computerweekly.com/news...pted-messages-for-child-abuse-may-be-unlawful )
I know Apple stores private keys in the secure enclave and some Android phones have similar areas, but can apps write to it? I don't know the answer and google quickly wasn't much help.