• sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    3 months ago

    Yes, because the “encrypted messenger” metric is about sending and receiving messages, not storing messages. On the order of things I care about, E2EE is much more important than local storage. I can do something about local storage, I can’t realistically do anything about E2EE.

    • pressanykeynow@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 months ago

      I can do something about local storage, I can’t realistically do anything about E2EE.

      You can enable secret chat. Like press the button. But that’s probably too difficult compared to encrypting you devices.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        Sure, but what happens when my contacts forget to push it and send me confidential information? I can be the most careful person in the world and always press that button, but I cannot control what others do. That’s why it needs to be E2EE for everyone.

    • woelkchen@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      3 months ago

      Yes, because the “encrypted messenger” metric is about sending and receiving messages, not storing messages.

      So whether or not the messages can be retrieved by criminals or law enforcement is not a metric. Got it!

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 months ago

        Law enforcement would require a warrant, and criminals would need to break into my device first (highly unlikely without it being a targeted attack, and that’s not in my threat model at all).

        And if they can break the encryption on my devices, they can likely break the encryption of the data at rest. Most people would probably use the same key for both anyway (biometrics or a PIN). If I need it to be more secure, I can create a special encrypted container for that service to store its data in.