[messaging] EFF Secure Messaging Scorecard

Mike Hearn mike at plan99.net
Thu Nov 6 03:47:50 PST 2014

I believe no existing application would meet your extremely strong
definition of end to end crypto, as even with an open source app, the
provider is always capable of simply pushing an innocent sounding update
that changes its behaviour and makes the app upload its keys to the

It may be worth coming up with new terminology here because we have two
types of end-to-end:

1) Can the provider read messages you sent in the past if they decide they
want to today
2) Can the provider read messages you will send in the future, if they
decide they want to today

iMessages, according to all public knowledge, meets (1). If Apple wants to
know what you were talking about with your friends yesterday due to court
order, bad insider, or whatever, they cannot do that no matter what because
the crypto stops them. It does not meet (2) but in practice no existing
reasonably user friendly platform meets (2), so I find it hard to fault
Apple for that.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141106/fa620b30/attachment.html>

More information about the Messaging mailing list