cross-posted from: https://lemmy.ml/post/1874605

A 17-year-old from Nebraska and her mother are facing criminal charges including performing an illegal abortion and concealing a dead body after police obtained the pair’s private chat history from Facebook, court documents published by Motherboard show.

  • @[email protected]
    link
    fedilink
    English
    442 years ago

    I thought messenger was end-to-end encrypted, at least according to Facebook. How were they able to hand over the chat logs? The messages should be encrypted with a key that is itself encrypted with user’s password, which Facebook doesn’t store.

    What am I missing?

      • @[email protected]
        link
        fedilink
        English
        8
        edit-2
        2 years ago

        Actually that page suggests that they can’t access it. They’d never passed the security on it if that page was lying and they don’t encrypt it. Clearly there must be some kind of mechanism they can use to decrypt it for law enforcement. The technicals of that are what I was actually interested in from my original comment.

        EDIT: Oh my God I just figured it out. It’s not enabled by default. You have to explicitly turn it on per conversation. That’s terrible

        • @[email protected]
          link
          fedilink
          English
          32 years ago

          Even if you turn it on, they control the end points, so it’s not really any more secured.

    • @adibis
      link
      English
      162 years ago

      You’re missing the fact that they lied to get users

    • @EddieTee77
      link
      English
      142 years ago

      It’s not enabled by default

      • @[email protected]
        link
        fedilink
        English
        72 years ago

        And on the official app it isn’t called end to end encryption or even a setting toggle. It’s called secret chat and clicking on it opens a chat from the original chat. The only difference I see is a little lock icon where an emoji usually is.

          • @linux_user_6967
            link
            English
            22 years ago

            wait, what ? can you elaborate, since I use telegram on daily bases

            • rhys
              link
              fedilink
              62 years ago

              @linux_user_6967 @Goun Telegram’s end-to-end encryption isn’t enabled by default. You have to specifically choose to start an encrypted chat. Assuming you trust MTProto though, there’s no indication they’re otherwise implemented poorly.

    • @[email protected]
      link
      fedilink
      English
      14
      edit-2
      2 years ago

      Presumably they maintain full access because they control both ends. The encrypted part would stop others intercepting messages. At least that’s how I’ve always read it

      Edit: I’m wrong, end to end does exclude even the app provider from seeing messages. So yeah, either not enabled or they lied

    • @[email protected]
      link
      fedilink
      English
      62 years ago

      To add to other replies, proprietary apps like messenger can also have backdoor access to your messenger app, where the messages are stored decrypted. I.e. maliciously taking the chat history from either ends of the end-to-end encryption.

    • @ghariksforge
      link
      English
      42 years ago

      End2End encryption is mostly a PR stunt. In practice it’s not hard to go around it. For example:

      • going after unencrypted backups (such as in google drive)
      • compromising or seizing your device
      • forcing the app developer to leak the private keys
      • forcing you to turn over the information by threatenening you with not cooperating.

      It reminds me of this XKCD: https://xkcd.com/538/