alt Hacker NewsMeta Shuts Down End-to-End Encryption for Instagram Messaging
Comments
> 'Very few people were opting in to end-to-end encrypted messaging in DMs,' Meta says.
Then why didn't you make the opt-in default like Signal and WhatsApp? :-)
I'm not sure if this meets the bar for substantive and thoughtful discussion, but this kind of corporate cowardice, enforced by unelected bureaucrats standing at the bully pulpit is only going to get worse as the noose tightens on the open web.
The combination of hardware attestation and walled garden "app stores" is the end goal of most policymakers in this area, and it happens to suit the monopolists in Google and Apple and Facebook down to the ground.
Perhaps a timely reminder that things do not always get better over time, and that we may have lived past the high point of secure communications in our lifetime.
People here like it, but end-to-end encryption is an objectively worse user experience for people that don't care about that feature
> Our messaging system has long been designed to balance user privacy with the ability to respond to scams, harassment, and other safety concerns when users report them or when required by law
TikTok about why they won’t put e2e for private messages.
I guess it’s reasonable to give up privacy to save the children, TikTok cares so much about our kids safety and wellbeing !
Put simply:
I’ve talked to Apple engineers.
Siri fell behind due to how good Apple’s privacy is.
Everyone made fun of them for protecting them.
This is exactly the opposite of that, where Mark is throwing you and your children under the bus again because he’s unoriginal and doesn’t know how to make money any other way than by getting all up in your business, statistically.
Isn't this really about "protecting" minors using Instagram?
If they allow E2E encryption, they can't scan for CSAM or do other monitoring stuff effectively, so they can't provide a "safe" place for minors.
Obviously the right answer is kids shouldn't be exposed to social media at all, but more eyeballs is more important than our kids.
I'm not sure the value of end to end encryption for proprietary application chats. For emails and SMS messages, your messages are being sent between different multiple servers on the open internet and it opens you up to spying, but end to end encryption on instagram is only protecting your chats from Meta.
I find the end to end encryption on Facebook to be detrimental to ease of use, because you always have to use a pin code, etc for the web interface.
If you don't trust meta with your chats, you probably shouldn't be using their application to begin with.
It's too bad we fell so hard for centralization. In an alternate universe, messaging on the Internet could have been:
1. Alice's device has a publicly routable IP address with a domain name like alice.home.her.isp
2. Bob's device is has same qualities, using: bob.mobile.his.isp
Then Alice can just open her chat app up, add [email protected] and off they go. I mean we had UNIX's "talk" for how long but instead of evolving/securing/fixing it, we blew it! And now we have all these companies 1. coming up with their own incompatible protocols and 2. inserting their stupid centralized servers as intermediaries. And now every chat message we send over the Internet has to be received and re-sent through a handful of amoral corporations.
I worked at Instagram during this (not at the EeE, but saw enough of it, to see that it was a mess).
I think the reason for dropping it, is more of a technical issue and user experience, rather than a 'desire' issue or company will. From my understanding, Zuck wanted this. The implementation was a mess, and folks have different expectations about messages to appear at every platform. Having messages disappear between devices/web, or having to back up encryption, keys, etc... it was just a terrible user experience. Even employees, disliked this feature.
This was not something actually asked by users, but more of a feature done in order to thwart all the types of legal issues created when folks use the platform.
At some point, I counted, there were 64 'leads', just to make this happen. Each lead, had a certain area, or surface/views, which means we are talking about hundreds of folks involved to make this happen (across fb and ig).
It was a boodongle, and it was something that users didn't ask.
Ps. I know, many here at HN really care about this, but the average user was not willing to put up with the degradation of the user experience in order to make this happen. All workarounds, require weakening E2E, which made it pointless.
Ultimately, If you want a truly E2E, you will have to use a platform specifically made for it. IG/FB are just not it.
Even Telegram, doesn't have it enabled by default, unless you specifiy it.
How likely is this about collection of LLM training data?
I don't understand why they would go in this inversely-progressive direction.
Shouldn't we be aiming to increase e2e encryption for the most regularly used communication platforms?
So don’t use Meta products if you care about privacy?
I didn’t even know it was available to opt-in to! Probably why adoption wasn’t great.
Instagram should be shut down. Not using encryption for social media and places where users expect any level of privacy is insanity.
Perhaps they should phase out the encryption on WhatsApp as well?
Previously:
While encryption already ruined FB Messenger (no comment on IG encryption or lack of but people have hated Insta since Zuck took over)
While they ALREADY probably only have Messenger for nefarious reasons https://news.ycombinator.com/item?id=4151433
He's a bit of a... something. That might get a 'low effort comment' moniker attached to it. Rhymes with ociopath
[flagged]
[dead]
Centralized proprietary software on on proprietary platforms can always be opted into a special update that makes all the private keys deterministic making end to end encryption useless for anyone with knowledge of that targeted backdoor.
Only FOSS can deliver verifiable E2EE, and all centralized and proprietary solutions like Zoom, Whatsapp, Instagram, etc should end the security theater.
I applaud Meta for at least being honest about one product.