(C) Alec Muffett's DropSafe blog.
Author Name: Alec Muffett
This story was originally published on allecmuffett.com. [1]
License: CC-BY-SA 3.0.[2]


QUESTION: What crimes are easier to commit when there is no end-to-end encryption of messenger systems; and what opportunities are lost?

2021-11-20 00:47:32+00:00

I was asked this question, and it’s a good one, speaking clearly to “what is the value proposition of robust end-to-end encryption that is worthy of the name?”

I have written on an abstract level on this topic before, but my questioner is looking for a concrete checklist so I am hastily thrashing out some thoughts before bedtime, and will come back / update this later, with suggestions from Twitter and Facebook (if any).

Some thoughts and simple bullet points follow; I welcome comments and suggestions either below, or on the related Twitter thread.

What is End-to-End Security?

The value of end-to-end encryption is that only entities which can, are, and are visible as part of a group, have access to data shared with the group that is contemporaneous with their membership.

Therefore the baseline for any crimes which are enabled by lack of robust end-to-end security, are crimes which break this model; there certainly are more, but these are the low-hanging fruit.

In all instances we will use PLATFORM — rather than Facebook, Twitter, WhatsApp, Google, E-mail, Parler, Yahoo, AOL, etc, — as our hypothetical messaging platform, because it’s less emotionally charged to speak generically. In all scenarios, imagine what would happen / how much worse the situation would be, if the hypothetical PLATFORM was not end-to-end encrypted.

Data-Access Hacks

Data-Value Hacks

Opportunity-Cost Hacks

Wouldn’t it be nice if banks had the option of replacing insecure SMS with secure E2EE chats for transactions and/or didn’t have to rely upon custom-app chats?

Are you aware that Apple basically stitches together all of a users’ devices in a tiny cloud of end-to-end encryption, and uses that to (e.g.) synchronise payment details and browser bookmarks between all devices?

OMG SMS
[END]

[1] URL: https://alecmuffett.com/article/15511#comment-232648
[2] URL: https://creativecommons.org/licenses/by-sa/3.0/

DropSafe Blog via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/alecmuffett/

You are viewing proxied material from magical.fish. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.