[messaging] EFF Secure Messaging Scorecard
Mike Hearn
mike at plan99.net
Thu Nov 6 03:47:50 PST 2014
I believe no existing application would meet your extremely strong
definition of end to end crypto, as even with an open source app, the
provider is always capable of simply pushing an innocent sounding update
that changes its behaviour and makes the app upload its keys to the
developers.
It may be worth coming up with new terminology here because we have two
types of end-to-end:
1) Can the provider read messages you sent in the past if they decide they
want to today
2) Can the provider read messages you will send in the future, if they
decide they want to today
iMessages, according to all public knowledge, meets (1). If Apple wants to
know what you were talking about with your friends yesterday due to court
order, bad insider, or whatever, they cannot do that no matter what because
the crypto stops them. It does not meet (2) but in practice no existing
reasonably user friendly platform meets (2), so I find it hard to fault
Apple for that.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141106/fa620b30/attachment.html>
More information about the Messaging
mailing list