Facebook Messenger To Get End-To-End Encryption

Reader wiredmikey writes: Facebook announced Friday it would roll out optional "end to end encryption" for its Messenger application, following a trend aimed at stronger security and protection against snooping. The new feature will be known as "secret conversations" which can be read only by the sender and recipient. Facebook shared technical details about its implementation of the security in a technical white paper (PDF). Facebook earlier this year began implementing this end-to-end encryption on its WhatsApp messaging service.ZDNet's Zack Whittaker, however, warns about a catch in Facebook's effort. He writes: But already the company has faced some criticism for not encrypting messages by default, instead making the service opt-in, like Apple's iMessage, or even Facebook's other chat app, WhatsApp, which recently switched on default end-to-end encryption earlier this year. Cryptographer and Johns Hopkins professor Matthew Green, who reviewed an early version of the system, said in a tweet that though you "have to turn on encryption per thread," he added that providing encryption to almost a billion people makes it hard to "put that genie back in the bottle."

To my knowledge messenger unlike whatsapp

[MarkH]

Keeps a copy on fb servers. So this change is cosmetic

Re:To my knowledge messenger unlike whatsapp

[nightfire-unique]

Keeps a copy on fb servers. So this change is cosmetic

What does it matter if they keep a copy of your conversations encrypted against a key only you possess?

Re:To my knowledge messenger unlike whatsapp

How do you plan on getting the key to person B? Perhaps can&string?

Re:To my knowledge messenger unlike whatsapp

[cmseagle]

Diffie-Hellman key exchange. Exchanging keys over a public channel is a solvable problem. Presumably Facebook will follow basic crypto protocol if they're at all serious about end-to-end encryption.

Re:To my knowledge messenger unlike whatsapp

[cryptizard]

It's called key exchange. https://en.wikipedia.org/wiki/...

Re:To my knowledge messenger unlike whatsapp

[Sax+Russell+5449D29A]

If someone gets a hold of your private key (physical phone), they can access all the historical conversation data if they can mandate Facebook to hand it over. This is probably not a concern for most of its users, though, and a capability only few government agencies would have. But even this threat is mostly thwarted if your phone is properly encrypted.

Re:To my knowledge messenger unlike whatsapp

[cryptizard]

This is actually not strictly true. Their protocol will likely be based on WhatsApp (since they developed that as well), and it currently uses rotating keys for each conversation and key exchange that provides perfect forward secrecy. If you delete the conversation from your phone it cannot be recovered even if someone recorded it over the wire and later obtains your master private key.

Re:To my knowledge messenger unlike whatsapp

[x_t0ken_407]

...Presumably Facebook will follow basic crypto protocol if they're at all serious about end-to-end encryption.

And there-in lies the conundrum, sadly. One can only hope...though I've also not read the provided whitepaper which probably answers this for us so...

Re:To my knowledge messenger unlike whatsapp

[DogDude]

... and what evidence do you have that "whatsapp" doesn't keep a copy on their servers? Who pays "whatsapp" for whatever services they provide? I'm guessing it's not the people writing the messages.

Re:To my knowledge messenger unlike whatsapp

[Krojack]

Remember, Facebook owns Whatsapp.....

Re:To my knowledge messenger unlike whatsapp

[DogDude]

Oh, I didn't know that. I'd be willing to bet a large amount of money that there are certainly copies saved by them, then.

Re:To my knowledge messenger unlike whatsapp

[Sax+Russell+5449D29A]

Ah, that changes things, and an interesting detail too.

Re:To my knowledge messenger unlike whatsapp

[Threni]

Copies...of encrypted data? Why would they want to keep that? It would be no use to them.

Why opt-in?

How does Facebook gain from making it an opt-in feature? What's the business rationale?

Re:Why opt-in?

[bytestorm]

It breaks fewer people's shit at once if there's a bug they didn't catch. It's like beta testing a new feature with a small group before deploying it to everyone. It's prudent.

Re: Why opt-in?

My guess? No option in china. Facebook has been trying to get popular there. Making it opt-in means not everyone will use it. Making govts suspicious of those that do.

Wrong apk version? Suspicious.

Source? Wild guess flying out of my ass.

Re:Why opt-in?

[friedmud]

My guess: advertising.

Facebook probably mines the unencrypted messages to help form an "advertising profile" for you so they can better target ads at you when you're on Facebook.

Re:Why opt-in?

[ShaunC]

More provably than probably. For awhile, anytime you mentioned a company's name in a private message (like "man it's hot out today, just drank 3 Cokes after cutting the grass"), Facebook would automatically like that company's profile page on your behalf. They were sued over this practice.

Oh thank god

FB has upgraded service to use the Little Orphan Annie secret decoder ring.

This would imply

[JustAnotherOldGuy]

This would imply that there is information of value being exchanged on Facebook; a proposition I find difficult to believe.

Re:This would imply

[Opportunist]

If only important messages were encrypted, every bad person would instantly know which ones he should decrypt.

Re:This would imply

[gsslay]

You are absolutely right. What you put on Facebook is of no value whatsoever. You have nothing to regret giving it to us. We just like collecting meaningless chatter and none of our client advertisers have the slightest interest in it. Nothing to worry your little heads over, nothing to see here.

- Mark Zuckerberg

Re:This would imply

[friedmud]

Actually, this move makes sense considering Facebook is currently trying to get people to use Messenger to interact with other parts of their life including _banking_:

http://www.theverge.com/2016/7...

Re:This would imply

[Sir_Eptishous]

This would imply that there is information of value being exchanged on Facebook; a proposition I find difficult to believe.

You nailed it.

Re:This would imply

[JustAnotherOldGuy]

You are absolutely right. What you put on Facebook is of no value whatsoever. You have nothing to regret giving it to us. We just like collecting meaningless chatter and none of our client advertisers have the slightest interest in it.
- Mark Zuckerberg

I rest my case.

Re:This would imply

[JustAnotherOldGuy]

Actually, this move makes sense considering Facebook is currently trying to get people to use Messenger to interact with other parts of their life including _banking_:

Lol, if I had a facebook page, the last thing I'd ever do is let it "interact" with my bank account in any way, shape, or form.

Re:This would imply

[friedmud]

Completely agree! But they're trying to push it for some odd reason...

Re:This would imply

[JustAnotherOldGuy]

Completely agree! But they're trying to push it for some odd reason...

Ye$, and I can't po$$ibly imagine what that rea$on could be.

Messenger being...

...that crappy App that Facebook pulled out of their existing App and which I refuse to install because I shouldn't need a separate app or still another chat client.

In other news, when did people become so lazy that everyone uses chat because clicking on an email app is just too big a hassle?

Re:Messenger being...

[gsslay]

Actually it's that crappy App they pulled out of their existing App which I refuse to install because it insists on permissions to rifle through everything on your phone and upload it to Facebook.

Re:Messenger being...

[Krojack]

...that crappy App that Facebook pulled out of their existing App and which I refuse to install because I shouldn't need a separate app or still another chat client.

In other news, when did people become so lazy that everyone uses chat because clicking on an email app is just too big a hassle?

I'm pretty sure you can use the FB messenger app without having a FB account now. They want you to use it as a standard SMS and phone callinging app. This is why it's a standalone app.

Re:Messenger being...

[Krojack]

It's a good thing you can disable those.

Re:Messenger being...

[negRo_slim]

You can get Swipe on Android and it restores the FB+Messaging by repacking the webpage version of Facebook into something nice for use on mobile. You might have to fiddle with an option in the settings and the author feels that eventually there will be no more workarounds for FB+Messaging functionality but so far it's a great piece of software if you need to access your messages from a phone.

Translation:

[Penguinisto]

"Only *we* get to keep all that sweet, sweet, saleable data on you, dammit!"

Re:Translation:

[cryptizard]

End-to-end specifically means that Facebook can't read it, if it is implemented as they say. The ends in question are both users.

Re:Translation:

[Penguinisto]

Pretty sure they stretched the definition to allow themselves a view into that conversation...

Re:Translation:

[cryptizard]

No they haven't, read the description of their implementation.

Re:Translation:

[JustAnotherOldGuy]

End-to-end specifically means that Facebook can't read it, if it is implemented as they say.

Lol, yes, if it's "as they say", and goodness gracious, Facebook would never tell a fib, not with hundreds of millions of dollars of ad revenue at stake!

Re:Translation:

[Fnord666]

No they haven't, read the description of their implementation.

No thanks, I would rather read their actual implementation (ie open source). The only way you can even begin to trust such a communications system is if it is open source and you can build the client from the provided source. Insert oblig reference to Ken Thompson's "Reflections on Trusting Trust" here. At any rate, the description of the implementation is not the implementation itself.

Re:Translation:

[cryptizard]

If they did lie, someone would figure it out eventually and it would be devastating in terms of PR. It's not worth it for them. Just like researchers have torn apart iMessage and know exactly how it works, the same will happen to this.

Re:Translation:

[JustAnotherOldGuy]

If they did lie, someone would figure it out eventually and it would be devastating in terms of PR.

You mean just like all the other times that Facebook has been caught lying and was exposed, and basically nothing happened? Because they've weathered PR storms that would wash away some of the smaller continents, and yet they're still around.

-

It's not worth it for them. Just like researchers have torn apart iMessage and know exactly how it works, the same will happen to this.

Oh, trust me, hundreds of million of dollars in ad revenue is "worth it" for them. It's been worth it for them in the past. They'll just chalk it up to some sort of "technical glitch" or "misconfiguration" or some other such bullshit (just like they always do) and nothing will happen. A week later no one will even remember anything happened because OH MY GOD, A NEW AVENGERS MOVIE!! KIM KARDASHIAN HAS A NEW BRA!! THE NEW IPHONE HAS A NEW COLOR!!

Re:Translation:

[cryptizard]

Do you think they will get hundreds of millions of dollars in ad revenue from mining your instant messages, compared with what they already get mining your profile, news feed, likes, etc.? Unlikely. I think they probably would get very little money from your messages and so they decided to add this encryption as a feature to entice people to use their platform.

Re:Translation:

[JustAnotherOldGuy]

Do you think they will get hundreds of millions of dollars in ad revenue from mining your instant messages, compared with what they already get mining your profile, news feed, likes, etc.?

I think it's all part of the big picture, and if they can make an extra nickel by sending you messages about things relevant to your personal conversations, you bet I think they would.

A better question is this: if they think they could make money by mining you your instant messages, why wouldn't they?

Guess who gets front row center seats?

That's right.

Re:Guess who gets front row center seats?

Guess who gets front row center seats

The people who logged onto Ticketmaster before you

Re:Why use we keep secrets?

evil is done in the shadows and in darkness, but bringing it can't operate in the open when light is shined upon it

I love shit like this. So if I march into a daycare center with a visible machine gun, it's ok because it's not hidden... and all will be well with the world. Good intentions and all. Right?

And if I mow down the kiddies, we just chalk it up to the will of God and say they had it coming.

The good news, after all the carnage, I haven't encrypted anything.... so I'm safe with God. But those fuckers who use HTTPS while reading about the news story online should burn in hell for their sins.

Re:Why use we keep secrets?

Terrorists are killing in the name of their religion and you are using your religion to argue against them?

https://www.youtube.com/watch?...

Breaks reading messages on phone and desktop

If you have end-to-end encryption, and you have a conversation on your desktop computer with someone, then that means you won't be able to read that same conversation back using the Messenger app on your mobile. Unless Facebook create some sort of syncing app to allow your conversation to be copied between your devices, of course.

Re:Breaks reading messages on phone and desktop

[amRadioHed]

How can you have an encrypted message on the desktop web chat without Facebook having the encryption key and defeating the whole point?

Re:Breaks reading messages on phone and desktop

[cryptizard]

The same way WhatsApp currently does it, your phone has the key and the web app creates an encrypted communication channel between your phone and browser. The phone is actually sending and receiving the messages, then forwarding them to your browser.

Re:Breaks reading messages on phone and desktop

[amRadioHed]

That seems to be of limited utility if you don't have access to your phone.

Re:Breaks reading messages on phone and desktop

[cryptizard]

That's true, but you do need some "anchor" device for this to work or else there is nothing to bind together the many browser you may have across many devices. Without of course just giving Facebook the key like you said. In practice, most people have the phone's on and connected to cellular internet most of the time. I have used WhatsApp a lot and it really isn't an issue.

no way it is secure

people are crazy if they really think fb will not be watching encrypted conversations.

Re:no way it is secure

All it will do is ensure that no one besides fb, and the gov organizations they allow, to be able to see it.

Re:no way it is secure

[cryptizard]

It is pretty easy to make a protocol that is tamper evident, and it has already been done with other messaging platforms. https://www.whatsapp.com/faq/e...

Re:no way it is secure

[DogDude]

That's cute that some people believe that a service that makes money from harvesting your information keeps your data private. That's very cute.

Re:no way it is secure

[JustAnotherOldGuy]

That's cute that some people believe that a service that makes money from harvesting your information keeps your data private. That's very cute.

It's adorably naive. It makes me want to print out cryptizard's post and put it in a pink frame with lots of little hearts and kittens and stuff.

Re:no way it is secure

[cryptizard]

You don't have to trust anything, it is cryptographically verifiable. But whatever, just keep posting your memes. Very constructive to the conversation.

Re:no way it is secure

[DogDude]

I'm not a cryptographer, so I just have to use common sense. Common sense says that for-profit companies exist to generate income.

Re:no way it is secure

[cryptizard]

Sure but that is not mutually exclusive with providing an end-to-end encrypted messaging service. Do you really think they are mining your instant messages for data anyway? They get what they want from your profile/news feed. It was an easy place they could provide security to entice people to use their platform, without losing them anything.

Zack mistyped iMessage & WhatsApp auto-encrypt

[sasparillascott]

Just to point out, Zack Whittacker who wrote the ZDNet article mis-typed, as iMessage and WhatsApp are encrypted by default. His following sentence appears to show he actually meant they were automatically encrypted. The opt-in encryption that Facebook and Google are providing will also be the preferred option of the govts / 3 letter agencies that want to keep everything for future use. Its crazy to have Facebook's app on your smartphone anyways...and tracking bracelet with a microphone and camera.

Re:Why use we keep secrets?

[Opportunist]

...said the AC.

Re:Why use we keep secrets?

[OzPeter]

Why do we need encryption to keep secrets? The Bible teaches us that evil is done in the shadows and in darkness, but bringing it can't operate in the open when light is shined upon it.

- Pastor Mitch

Ok .. whats your full name, DOB, address, SSN and bank account details?

Shine some light on them and you can be sure nothing bad will happen.

Why should I trust it?

[Opportunist]

I might use your channel, but I'll do my own end-to-end encryption over it, thank you.

Re:Why should I trust it?

[The-Ixian]

Even if you rolled your own e2e encryption, you still have to trust hundreds or even thousands of strangers who built the hardware or are somewhere in the distribution chain.

In addition, you would also need to get the other side of the conversation to use your encryption scheme which implies, among other things, sending them a key.

It is really impossible to "trust no one"

Re:Why should I trust it?

[friedmud]

You could definitely hand-build a small computer (think Raspberry PI) that is offline that you input the encrypted stream into (either via a camera that looks at your monitor or audio from your speakers or other means) that has a small printout on it that shows the decrypted conversation and allows you to answer back...

There would definitely still be thousands of people involved in making the chips you select... but it would be pretty incredibly difficult to get a backdoor into that system!

Re:Why should I trust it?

[mlts]

This is why you use endpoint encryption like an OpenPGP utility (gpg, openpgp, apg, Symantec's SED, etc.) Then, the transport encryption doesn't matter as much. Ideally, the computer with the keys is offline and some means like a SD card is used to transfer data back and forth.

At the minimum, having endpoint encryption separate means that a bad guy has to compromise two completely different utilities that function in completely different ways.

This isn't a 100% secure method, as OpenPGP doesn't offer PFS, but it does ensure that data is protected with more than just "trust us, we encrypt stuff" promises.

Re:Why should I trust it?

You're assuming there isn't already a "standard" back door built in to the chip(s) you select, something I'd certainly be pushing for if I were running an intelligence agency with a sufficient budget.

And you're not going to hand-build anything like the Broadcom SoC that the Raspberry Pi uses, or any other CPU either, unless you're willing to design and handbuild something that uses a couple of racks' worth of discrete transistors. As soon as you go with ICs, you have to trust that there's no hidden functionality on one of those ICs tapping your data flow. (Theoretically that could be done with a transistor package too -- you can make sure there are only 3 leads going to the package but how do you know something isn't overlaying a subtle carrier signal on one, or using RF to send data?)

Real security (or counter-intelligence) pros don't worry about if they're being paranoid, they worry about if they're paranoid enough.

Re:Why should I trust it?

[Opportunist]

You don't even remotely need to trust the hardware you use as much as you'd have to trust Facebook in this scenario. They have FULL control over your message. You are using their channel AND their encryption. You can at no point verify that they do not decrypt the message, you can at no point verify that they do not alter the message and you will only be able to discover after the fact whether they actually delivered your message (if your partner does not reply or replies in a way that is inconsistent with the message he should have received). You can NEITHER assure confidentiality, nor integrity, nor availability.

EVERYTHING else in the communication is less dramatic as a single point of failure in the trust chain. At every other point you can successfully audit and verify. Because you have various different parts that work together, and one of them failing the trust will show. Of course it is possible that EVERYONE, every single bit of hardware that you use, is out there to "get you". In that case, though, whether your communication is encrypted is the least of your concerns.

Re:Why should I trust it?

[The-Ixian]

A keylogger on the system will bypass any amount of encryption.

So, again, you need to trust that the chip maker(s), operating system vendor and app creators to not do anything bad.

On the software side, open source helps (in theory) because you can personally audit the code. However, in practice, nobody audits the code.

Still, that leaves the hardware manufacturers as well as all of the people the hardware passes by. This includes shipping companies and even retailers.

Sort of an unrelated story but a friend of mine used to work for Regis (the hair and beauty product company). At one point, management was going crazy trying to track down how their products were getting into the hands of retailers like Target and Walmart. They exclusively sell their product to salons and so it was a mystery how large amounts of their product were ending up on the shelves of major retailers. It turned out to be bad actors in the distribution chain. The point is, there are people with selfish or bad intentions in every industry. You cannot assume that the product you bought off the shelf is not stolen or altered goods.

Re:Why should I trust it?

[mlts]

The key is narrowing the avenues of attack. An offline laptop that is used with a SD card narrows down the avenues of attack to Stuxnet/black bag attacks, especially if the RF antenna is physically removed. Yes, someone can hit my computer with a keylogger, but that is a direct attack. Someone cornholing an app that does its own encryption and compromising it is a lot easier and done on a far wider scale than someone who is able to attack a program that only runs on endpoints as well as the transport system.

Biggest technical flaw: MITM checks are manual?

[xxxJonBoyxxx]

The biggest technical flaw I think I see is that man-in-the-middle attacks can occur unless both sides manually check a 256-bit hex value - probably above the technical capabilities of most users. (This is unlike SSL/TLS/HTTPS where clients usually automatically verify the ID of the server, and servers often automatically verify the ID of the client.) From TFA:

>> For every secret conversation Messenger exposes in its interface both participants' identity keys (i.e. IKpk). Users may optionally verify these keys in order to ensure no man-in-the-middle attack is compromising their secret conversations. Messenger displays the 256-bit IKpk values in hexadecimal format.

Re:Biggest technical flaw: MITM checks are manual?

[cryptizard]

The difference is that your average Facebook user doesn't have a TLS certificate signed by a trusted CA. Without PKI infrastructure, which frankly would not work in this scenario, manual verification is the best you can do. The point of this type of system is that you don't need every user to do the check, you only need a few people to do it to keep them honest. If anyone catches a MitM attack, even once, it will be a huge PR nightmare for Facebook.

Re:Biggest technical flaw: MITM checks are manual?

[Solandri]

(This is unlike SSL/TLS/HTTPS where clients usually automatically verify the ID of the server, and servers often automatically verify the ID of the client.)

SSL et al don't verify the ID of the server/client. They ask a certificate authority (CA) to verify those IDs. That's why those protocols are vulnerable to MitM attack due to a bad or compromised certificate authority (which for example is exactly what Lenovo did - inserting their own CA into the list of trusted CAs).

You can think of CAs as a repository of public keys in the public/private key system. They link a claimed identity to a public key. You want to connect to the citibank.com website, you ask a CA what their website's public key is, the CA tells you, and use it to encrypt your traffic to the bank. But if you happen to accidentally type cifibank.com as the URL, and you have a compromised CA in your trusted list who gives you the public key for that bad website, that website can see everything you think you're sending to the real bank, and forward everything you're sending to the real citibank.com website and forward the response back to you to keep up the charade, while they're eavesdropping in on everything.

If you have some other way to validate the public key of the individual you are messaging with, doing so without a CA is actually more secure. It just can't be done automagically - the end user has to do the work of validating it him or herself. (Although the whole thing remains dodgy as long as we're storing our private keys on the communication device itself, which could be hacked over the network and the private key copied. Ideally the private key would be stored in a separate self-contained processor. The device would send ciphertext to this processor, which would do the decrypting and return plaintext. Vice versa for encryption.)

tl;dr - They're both vulnerable, just in different ways. CAs are more convenient for random encounters where you have no other secure means to communicate with a person, directly verified keys are more secure when you also have another secure channel with the person you are communicating with - like a one-time face to face meeting.

So it can drain even more battery?

[xfizik]

Good try FB, but no, thank you. Maybe if you convinced smartphone makers to use bigger batterries, I'd think about, but not the way things work right now.

More bloat!

[ilsaloving]

How many more hundred megabytes will this feature add?

Honestly, I've stopped using messenger cause it's the single most inefficient POS I've seen in ages. People used to complain that Microsoft Office was bloated. How about a simple mobile messenger application that consumes hundreds of megabytes?
I'm still having trouble understanding the level of incompetence required to do that to a simple messaging application.

The most laughable thing of all is that Facebook actually wants people to trust them with financial transactions. Yeah, no.

Re:More bloat!

[The-Ixian]

You don't have to use the FB messenger client software.

FB is one of the few remaining messaging platforms that allows 3rd party integration.

I have been running Trillian for years and I used to have MSN, Yahoo, AIM, Google and FB accounts in it.

The only 2 that are left that still allow this are FB and Google. (Yahoo is going away in August).

I will continue to use Trillian until 0 clients are left.

Re:More bloat!

[ilsaloving]

Except that Facebook has already discontinued XMPP integration. It was discontinued in... April I think? I'm not sure what's happened since then however. There was a whole lot of complaining about Facebook stopping working, and then trillian started working again, so I'm thinking Trillian has cheated somehow to get around Facebook discontinuing XMPP. Probably interpreting facebook's webclient or something.

I've been using Trillian for years too. Even had a Pro subscription at one point, but it really feels like Trillian's dropped the ball lately. They chronically allow their non-windows clients to fall behind, and they still haven't added support for other major systems, despite these systems being hugely popular and having publicly accessible APIs (ie: WhatsApp, Telegram, etc)

I'm not sure what Cerulean is doing, but at this rate they won't be around much longer.

Re:More bloat!

It needs all that memory so it can store all your message traffic between opportunities to upload to the mother ship, or retrieved from the phone.

Just think about how much it could be storing with middle-out compression! ;)

"Oh look, a puppy!"

I fail to see how any 'ecryption' matters when Facebook is spying on everything you do, both on an off Facebook.

Re:"Oh look, a puppy!"

[niftymitch]

I fail to see how any 'ecryption' matters when Facebook is spying on everything you do, both on an off Facebook.

If it is Facebook (singular) you are in a better perhaps more secure space.
Unencrypted anyone near or far that can tap into the stream could read it.

Even if FB archived messages and kept them behind a "legal" wall there
should be an audit trail to show abuse when abuse happened.

I fear the naive structures put in place today by honest well intentioned
individuals. Should that individual retire, change companies or be promoted
there is no mechanism to guarantee another honest replacement.

To pick on one chain of authority.
Google reminded me and would let you find my source:
"While it's true that no one is perfect, the seven corrupt popes below were exceptionally unholy:
"Pope Clement VII (Pope from 1523 to 1534) ...
"Pope Leo X (1513 to 1521) ...
"Pope Julius II (1503 to 1513) ...
"Pope Alexander VI (1492 to 1503)
"Pope Benedict IX (1032 and 1048) ...
"Pope John XII (955 to 964) ...
"Pope Stephen VI (896 to 897)"

FB is the KGB of our times

Does the encryption now work between the product (==user) and the customer (==advertisement company who buys the user information)? What is the threat scenario in here? Some company gets to steal the user information FB sells?

Re:FB is the KGB of our times

[cryptizard]

End-to-end means user-to-user. Even Facebook will not be able to read the messages.

Re:FB is the KGB of our times

Aww, how cute.

They don't enable it by default because...

[tlambert]

They don't enable it by default because it absolves them of legal responsibility where the users are not legally allowed to turn it on, and do so anyway.

Re:Why use we keep secrets?

[The-Ixian]

Do you close the door to the bathroom stall when you take a dump?

Do you have passwords on any of your accounts?

Do you make your SS or CC numbers known to the world?

Privacy is a protection.

Re:Why use we keep secrets?

[kheldan]

I'm going to give the AC in this case the benefit of the doubt, and assume he's posting this ironically or sarcastically and actually doesn't believe that drivel.

Next, there is no 'god', but of course no two people will ever agree on that point, so I'll let it go for now.

Now, if this 'Pastor Mitch' character really believes this crap, how about he posts his credit card numbers, bank account numbers, PIN numbers drivers license and social security numbers, and all his other identity-related information on the Internet for anyone to use. Then how about he installs cameras and microphones in every room of his house, including the bathroom, connected to the Internet 24/7/365, never turned off ever, so we can witness what a clean, pious, sanctified, honest life he's living, with nothing to hide. If he won't do all that then I guess we have to assume he's got some Deep Dark Secrets he needs to hide from us all and is going to Hell when he dies! He must be having sex with his wife in a non-missionary position only for procreation purposes or some horrible Sin like that, LOL! These types would make me laugh if they weren't so completely and utterly idiotic -- and so full of shit and hypocritical.

Per thread encryption

[bagofbeans]

If the user really will have to enable encryption per thread, that will be a very useful flag to anybody who cares that the conversation is worth decrypting.

Trust Facebook?

[sjbe]

Facebook announced Friday it would roll out optional "end to end encryption" for its Messenger application, following a trend aimed at stronger security and protection against snooping. The new feature will be known as "secret conversations" which can be read only by the sender and recipient.

That's great except that I don't actually trust Facebook so I'm not sure what this would get me. How can I be sure the message remained secure?

Requires trusting Facebook

[sjbe]

End-to-end means user-to-user. Even Facebook will not be able to read the messages.

In principle yes but do you really trust Facebook? Seems like a HUGE opportunity for man in the middle attacks here. Unless you control the encryption keys you really have no assurance that it will be secure and doing encryption and key exchange properly is actually pretty darn hard to do right.

Re:Requires trusting Facebook

[cryptizard]

You don't have to trust them. They publish the protocol, people will audit it. There is a specific mechanism for verifying session keys to be sure that no MitM attacks are happening.

The implementation is what matters

[sjbe]

You don't have to trust them. They publish the protocol, people will audit it.

How do you propose to audit the implementation of the protocol? It's kind of like how it doesn't matter who votes - what matters is who counts the votes. I don't really see any way I could realistically trust Facebook to be a trusted intermediary. It doesn't matter what the protocol is if we can't be certain they are following it.

Re:The implementation is what matters

[cryptizard]

You can be sure that researchers will poke, prod and decompile the Facebook app searching for implementation mistakes. You don't have to trust Facebook.

What use is end to end encryption...

if "they" own *both* ends? It protects Facebook (and the others) from eavesdroppers?

Frankly, wrt. to FB (and Google, and...) I don't give a rat's ass.

Re:Why use we keep secrets?

1 - Yeah, common courtesy, nobody wants to see/smell that.

2 - All my accounts require passwords, so there's no choice. 1234 is accepted by a lot of sites, though.

3- Everyone and his brother (well, all levels of govt, anyone I've ever worked for, or anyone in the health care industry at least) knows my SS - 575-48-3141 (or is that even a valid number? No way to tell without looking it up.) SSNs are about as "private" as your name. CC numbers not so much, not for privacy as for the same reason I don't leave large stacks of cash lying around.

I have a little secret!

I don't use FB or its f-ing Mess enger.

Nope

[markdavis]

Sorry, I don't believe Facebook will store it encrypted and have no backdoors. And with closed-source apps and mysterious back-end stuff, who will ever know for sure, regardless of what they might claim.

Opt in thread encryption

So basically, we're making them even more meta data for to say "they encrypted this specifically, lets focus on storing and breaking into this". If it was default, then it wouldnt matter. Only the foolish would trust this feature, IMO.