Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.acm.org/users/nobody/statuses/113868621655477865">Else, Someone (nobody@mastodon.acm.org)'s status on Wednesday, 22-Jan-2025 15:34:23 JST</a><a href="https://mastodon.acm.org/@nobody" title="nobody@mastodon.acm.org"><img src="https://gnusocial.jp/avatar/293812-48-20241109135443.webp" width="48" height="48" alt="Else, Someone" style="position: absolute; left: 0; top: 0;">Else, Someone</a><div><a href="https://mamot.fr/@nemobis/113867942981323329" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/77066" title="evan@cosocial.ca">Evan Prodromou</a></li></ul></div></section><article><p><a href="https://mamot.fr/@nemobis">@nemobis</a> <a href="https://cosocial.ca/@evan">@evan</a> One could start the argument by just asserting that the whole point of E2EE is that trusting the clients on both ends is "enough", in the sense that it makes no difference whether the channel and the server are compromised.</p><p>With Signal one tends to trust the client because it's open-source and the releases are (claimed to be) reproducible. With Whatsapp... well maybe you could inspect its traffic with mitmproxy idk, but ultimately there's no reason to trust the client</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4419597#notice-8652461">In conversation</a><time datetime="2025-01-22T15:34:23+09:00" title="Wednesday, 22-Jan-2025 15:34:23 JST">about 4 months ago</time> <span>from <span><a href="https://mastodon.acm.org/@nobody/113868621655477865" rel="external" title="Sent from mastodon.acm.org via ActivityPub">mastodon.acm.org</a></span></span><a href="https://mastodon.acm.org/@nobody/113868621655477865">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Else, Someone (nobody@mastodon.acm.org)'s status on Wednesday, 22-Jan-2025 15:34:23 JSTElse, Someone
in reply to
- Nemo_bis 🌈
- Evan Prodromou
@nemobis @evan One could start the argument by just asserting that the whole point of E2EE is that trusting the clients on both ends is "enough", in the sense that it makes no difference whether the channel and the server are compromised.
With Signal one tends to trust the client because it's open-source and the releases are (claimed to be) reproducible. With Whatsapp... well maybe you could inspect its traffic with mitmproxy idk, but ultimately there's no reason to trust the client
In conversationabout 4 months ago from mastodon.acm.orgpermalink

Public

Embed Notice

HTML Code

Corresponding Notice