Instagram to discontinue end-to-end encryption for DMs [Update: Meta's statement]

Pulling the plug on privacy?

Key disclosure law - Wikipedia

VIDEO / AUDIO / TRANSCRIPTS - Encrypt Today to Safeguard Tomorrow: The Encryption Summit - ISOC LIVE NOTICEBOARD

On October 21 2024 the Global Encryption Coalition steering committee hosted a half-day conference ‘Encrypt Today to Safeguard Tomorrow: The Encryption Summit‘. This second such encryption summit aimed to: celebrate how encryption is empowering users; investigate the regulatory challenges facing encryption; and, unite encryption supporters worldwide.. 01 Courts at the Crossroads: Defending Digital Rights Against […]

A Formal Treatment of End-to-End Encrypted Cloud Storage

Users increasingly store their data in the cloud, thereby benefiting from easy access, sharing, and redundancy. To additionally guarantee security of the outsourced data even against a server compromise, some service providers have started to offer end-to-end encrypted (E2EE) cloud storage. With this cryptographic protection, only legitimate owners can read or modify the data. However, recent attacks on the largest E2EE providers have highlighted the lack of solid foundations for this emerging type of service. In this paper, we address this shortcoming by initiating the formal study of E2EE cloud storage. We give a formal syntax to capture the core functionality of a cloud storage system, capturing the real-world complexity of such a system's constituent interactive protocols. We then define game-based security notions for confidentiality and integrity of a cloud storage system against a fully malicious server. We treat both selective and fully adaptive client compromises. Our notions are informed by recent attacks on E2EE cloud storage providers. In particular we show that our syntax is rich enough to capture the core functionality of MEGA and that recent attacks on it arise as violations of our security notions. Finally, we present an E2EE cloud storage system that provides all core functionalities and that is both efficient and provably secure with respect to our selective security notions. Along the way, we discuss challenges on the path towards bringing the security of cloud storage up to par with other end-to-end primitives, such as secure messaging and TLS.

Meta to roll out end-to-end encryption for Messenger by the end of 2023

The company used lessons learned from WhatsApp's implementation of end-to-end encryption.

How Signal Walks the Line Between Anarchism and Pragmatism

The privacy-focused messaging app arose from a fringe culture that emphasized individual autonomy and skepticism of authority. As it tries to go mainstream, can it escape its roots?