Windy cityIs this the first time a major service has removed end-to-end encryption instead of adding it? Why Instagram?
#instagram #socialmedia #privacy #infosec #technology #enshittification
Safigo
Danny Boling ☮️
shadowwwind@IAmDannyBoling @safigo @pheonix losing your private key. Or that losing your password means losing all messages. Its not the norm. And I now have heard of multiple people losing their signal message history when simply switching phones.
It does have its issues.
It does have its issues.
@IAmDannyBoling @pheonix You’re right, on a high level, it should be a transparent solution for users. However, there are some caveats with it:
* If it’s a truly E2EE solution, you can’t restore your password through email or sign in via email verification. The sign-in process must involve a secret or synchronization between devices (if there are any). The downside is losing your history, which includes the lost password and devices.
* There’s no good search functionality. All FTS solutions should be executed on the client side, which means downloading all the history of messages. If you’ve used a service for years, it could be gigabytes, which is unreasonable for many devices, especially browsers.
* The UI will be slow due to client-side decryption, especially in browsers.
* It’s also quite challenging to stream videos without fully downloading them, not everyone has 5G everywhere with unlimited traffic. Media cannot be compressed on a server. (If you have a bad internet connection, a server can compress an image from 20K to HD. Since you don’t need better quality on your mobile, keep it at 20K for your large screen on desktop).
These are just high-level considerations.