Comment on An analysis of X(Twitter)'s new XChat features shows that X can probably decrypt users' messages, as it holds users' private keys on its servers

Sciaphobia@sh.itjust.works ⁨9⁩ ⁨months⁩ ago

• EncryptKeeper@lemmy.world ⁨9⁩ ⁨months⁩ ago

  I mean they’re encrypted in transit. They’re just not end to end encrypted.

  source

  • elvith@feddit.org ⁨9⁩ ⁨months⁩ ago

    Do not look at all those (proprietary) E2EE definitions to closely - you might find several that define TLS as end to end…

    source

    • EncryptKeeper@lemmy.world ⁨9⁩ ⁨months⁩ ago

      I mean TLS is also encryption in transit, it’s in the name.

      source

      • elvith@feddit.org ⁨9⁩ ⁨months⁩ ago

        Thats the problem. Say, I’m offering you a cloud drive and tell you “your data is end to end encrypted”. You sync data from your PC to my server and from my server to your mobile phone. Would that mean

        1. That everything between your devices is encrypted (=I can’t see what you’re saving, neither can “the state”, hackers,…)or
        2. That your data is encrypted in transit, but is saved unencrypted on my server (which means everyone with access to my server can see your data) or
        3. It’s encrypted in transit and also on my server, but the keys are also ony server, so that everyone with access to my server can in theory decrypt everything and access everything?

        1 is what you want, 2 and 3 are often what you get…

        source

        • -> View More Comments
• athairmor@lemmy.world ⁨9⁩ ⁨months⁩ ago

  It also effectively means they are reading those messages.

  source