• cheesemoo@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    19 days ago

    Or the content is encrypted, but the metadata isn’t, so they can market to you based on who you talk to and what they buy, etc.

    • mosiacmango@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      18 days ago

      This part is likely, but not what we are talking about. Who you know and how you interact with them is separate from the fact that the content of the messages is not decryptable by anyone but the participants, by design. There is no “quasi” end to end. Its an either/or situation.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        18 days ago

        It doesn’t matter if the content is encrypted in transit if Google can access the content in the app after decryption. That doesn’t violate E2EE, and they could easily exfiltrate the data though Google Play Services, which is a hard requirement.

        I don’t trust them until the app is FOSS, doesn’t rely on Google Play Services, and is independently verified to not send data or metadata to their servers. Until then, I won’t use it.

    • rottingleaf@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      18 days ago

      Provided they have an open API and don’t ban alternative clients, one can make something kinda similar to TOR in this system, taking from the service provider the identities and channels between them.

      Meaning messages routed through a few hops over different users.

      Sadly for all these services to have open APIs, there needs to be force applied. And you can’t force someone far stronger than you and with the state on their side.