Facebook messages, obtained via valid warrant, help make case against women

  • db2
    link
    fedilink
    English
    arrow-up
    74
    ·
    1 year ago

    Also never trust a message is private unless you’ve at minimum encrypted it. Facebook, Twitter, reddit, even here.

    • fubo@lemmy.world
      link
      fedilink
      English
      arrow-up
      76
      ·
      1 year ago

      Nothing here is private. At the very least, your messages are stored unencrypted on both the sending and receiving servers, and are completely readable to instance admins.

    • Earthwormjim91@lemmy.world
      link
      fedilink
      English
      arrow-up
      22
      ·
      1 year ago

      Yup. If it isn’t E2EE, don’t trust it.

      If you’re on Apple, use iMessage or a reputable dedicated encrypted messaging app (not WhatsApp). If you’re on Android, likewise use a dedicated encrypted messaging app or make sure that you and your recipient are both using the same Google Jibe RCS implementation and have it on.

      • /home/pineapplelover@lemm.ee
        link
        fedilink
        English
        arrow-up
        21
        ·
        1 year ago

        I don’t fully trust Apple’s claims because I feel they might have backdoors. I would trust only FOSS apps like Signal, Session, or Matrix.

        • Earthwormjim91@lemmy.world
          link
          fedilink
          English
          arrow-up
          22
          ·
          1 year ago

          Understandable to not trust a big corp. Apple does have a solid track record on encryption though and actively fighting against backdoors.

          FOSS is generally the best choice though.

            • Earthwormjim91@lemmy.world
              link
              fedilink
              English
              arrow-up
              13
              ·
              1 year ago

              They do have a transparency report they publish twice a year. The first one for 2022 should be out soon.

              https://www.apple.com/legal/transparency/us.html

              They also publish one for almost if not all countries they operate in.

              It’s not as detailed as Signals but does detail all government requests they get.

              As far as the encryption goes, keys are generated by the devices themselves and not Apple servers.

              They also detail where the keys are stored for iCloud based on what protection you choose. https://support.apple.com/en-us/HT202303

              And they’re fairly transparent on all the privacy features.

              I wouldn’t trust them entirely if you’re a very high risk for breach like a journalist in hostile countries, but I also wouldn’t trust any off the shelf solution for that and would be running a heavily locked down privacy focused Android fork in that case.

              The cross OS compatibility is an issue though and I use Signal for anyone on Android that I talk to.

      • Tanoh@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        Also if you don’t trust either of the ends, it doesn’t matter much if it is E2E.

    • /home/pineapplelover@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      Never trust a message is private unless you’ve at minimum end to end encrypted it and make sure both devices are not compromised.

    • Bucket_of_Truth@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      Emphasis on “you’ve encrypted.” If you don’t have the keys its not safe. Imessage has great encryption but Apple will just hand over the keys if asked so its useless.

      • Earthwormjim91@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        Apple doesn’t have the keys to it. That’s one of the major points of iMessage. Your keys are generated on device only. Apple can’t give what they don’t have. With the newer keychain stuff they’ve also made iCloud end to end encrypted as well, using keys generated on device, if you use advanced data security.

        And if they would, they wouldn’t have gone to court over it when it was literal terrorists, the San Bernardino shooters a decade ago. They couldn’t turn over the keys to their iMessages because they didn’t have them and they went to court after they refused to put a back door in for the US government.

        There’s a LOT to hate about Apple, but privacy so far hasn’t really been one of them. They’re pretty transparent about privacy features and how data is handled.

    • Cyyy@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      even if it’s encrypted. if you don’t want someone to find out about it… don’t talk about it online. you never know if the encryption really safes your ass in the worst case. there are cases where the police has deactivated or bypassed them without the user knowing about it… or where they found the password.

      here in germany the police hacked a server of a darknet drug market and deactivated the encryption and collected all the user passwords when you logged in. they collected data for almost a year and then screwed everyone over who used the service at that time.

      never trust anyone or anything. if you want to keep a secret… don’t post it online. even if it’s encrypted.