Comment on Google Messages just flicked the switch on end-to-end encryption for all RCS and group chats

<- View Parent
Carighan@lemmy.world ⁨1⁩ ⁨year⁩ ago

But that’s kinda my point, you rely inherently on someone else doing what open source allows you to do. So in the end you can be tricked just the same.

I mean of course, Signal is a pretty clearcut case, but even with that one you - and I’m guessing here but tell me it ain’t true 😅 - probably do not actively verify things. You did not check the source code. You did not build your own APK to install it. I don’t think you can build the desktop version yourself but I ain’t entirely sure, granted. You probably did not probe the network data to see whether the built APK actually does what the source code promises it’ll do or has been swapped out for one that allows the server they’re running to log all messages sent.

And so on.

My point was entirely that even in the easiest of cases where we could do all of that, we do not actually do it. Hence the point of being able to do that is usually extremely moot.

And I say this as someone who, at work, checks external libraries we’re using, which is an insanely time-consuming job that entirely explains why no one in their right mind does this without being paid for it, that is, in their spare time for private use.

source
Sort:hotnewtop