• Treczoks@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    2
    ·
    1 month ago

    As long as the keys are handled via a closed source app and server system, e2ee is potentially broken.

    Even if you generated the key, keep the private part locally and submitted only the public part to your communication partner, you can never be sure that the intransparent app does keep your private key private.

    With WhatsApp I’m quite sure that they somehow can retrieve the private key. Certain events point to that. But I see no reason to consider signal or telegram any more trustworthy - they are all prone to governmental influence.

    And as open source and closed app infrastructure are incompatible, I would not handle anything important on an Android or Apple device.

    • DeckPacker@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 month ago

      Why would you not trust Signal?

      You don’t have to trust their server infrastructure, because the end to end encryption has been verified by countless experts (and all their client side code can be looked at by anyone).