I mean they’re encrypted in transit. They’re just not end to end encrypted.
Sciaphobia@sh.itjust.works 3 weeks ago
Which effectively means the messages aren’t encrypted. Cool.
EncryptKeeper@lemmy.world 3 weeks ago
elvith@feddit.org 3 weeks ago
Do not look at all those (proprietary) E2EE definitions to closely - you might find several that define TLS as end to end…
EncryptKeeper@lemmy.world 3 weeks ago
I mean TLS is also encryption in transit, it’s in the name.
elvith@feddit.org 3 weeks ago
Thats the problem. Say, I’m offering you a cloud drive and tell you “your data is end to end encrypted”. You sync data from your PC to my server and from my server to your mobile phone. Would that mean
- That everything between your devices is encrypted (=I can’t see what you’re saving, neither can “the state”, hackers,…)or
- That your data is encrypted in transit, but is saved unencrypted on my server (which means everyone with access to my server can see your data) or
- It’s encrypted in transit and also on my server, but the keys are also ony server, so that everyone with access to my server can in theory decrypt everything and access everything?
1 is what you want, 2 and 3 are often what you get…
athairmor@lemmy.world 3 weeks ago
It also effectively means they are reading those messages.