Mysk🇨🇦🇩🇪 on Nostr: The infamous definition of end-to-end encryption made by Zoom to justify the lack of ...
The infamous definition of end-to-end encryption made by Zoom to justify the lack of E2EE in their platform has formed a common understanding of what E2E encryption should offer.
In general, when a system is designed so that only the sender and recipient have the secret key to decrypt messages between them, the system is end-to-end decrypted.
If such a system has flaws in the implementation that would cause the secret key to leak, it is still called end-to-end encrypted, albeit weakly encrypted.
Twitter's encrypted DMs qualify to be called end-to-end encrypted because the communication is designed so that secret key is only known to the sender and recipient of an encrypted DM. The design has several flaws that Twitter detailed in the limitations section of the announcement. There's no question that Twitter's encrypted DMs are more secure than the regular DMs. It's not a useless addition.
... 1/2 🧵
#Privacy #Cybersecurity #InfoSec #Twitter #Security #E2EE
In general, when a system is designed so that only the sender and recipient have the secret key to decrypt messages between them, the system is end-to-end decrypted.
If such a system has flaws in the implementation that would cause the secret key to leak, it is still called end-to-end encrypted, albeit weakly encrypted.
Twitter's encrypted DMs qualify to be called end-to-end encrypted because the communication is designed so that secret key is only known to the sender and recipient of an encrypted DM. The design has several flaws that Twitter detailed in the limitations section of the announcement. There's no question that Twitter's encrypted DMs are more secure than the regular DMs. It's not a useless addition.
... 1/2 🧵
#Privacy #Cybersecurity #InfoSec #Twitter #Security #E2EE