“End to End Encryption” is just marketing without having significant and deliberate tampering detection mechanism.
Examples include secretly swapping out a certificate/key for an identity to middlemen, private key leakage, changes in code to specific safety checks or tampering protection mechanisms, or changes in forward secrecy pre-generated keys, etc.
It would be nice if we had a way to better detect these types of changes and make it very obvious to the identity. As they happen and as part of updates. It would be nose to have a trusted host OS that could help validate.
wakoinc / Blake
npub1ktw…mrvj
2023-07-21 14:37:32
Author Public Key
npub1ktw5qzt7f5ztrft0kwm9lsw34tef9xknplvy936ddzuepp6yf9dsjrmrvjPublished at
2023-07-21 14:37:32Event JSON
{
"id": "d8e3d88d8fa5b725afdb3706c62fee2cfe342ed536790374158aa13741ae2baf",
"pubkey": "b2dd40097e4d04b1a56fb3b65fc1d1aaf2929ad30fd842c74d68b9908744495b",
"created_at": 1689943052,
"kind": 1,
"tags": [],
"content": "“End to End Encryption” is just marketing without having significant and deliberate tampering detection mechanism. \n\nExamples include secretly swapping out a certificate/key for an identity to middlemen, private key leakage, changes in code to specific safety checks or tampering protection mechanisms, or changes in forward secrecy pre-generated keys, etc.\n\nIt would be nice if we had a way to better detect these types of changes and make it very obvious to the identity. As they happen and as part of updates. It would be nose to have a trusted host OS that could help validate.",
"sig": "65967966a80c9a26e16cb4853865c1c6c96c7e86d7cc5b043eb9b4010d5b5df2471a39bddfed38a090aa6d3c3064266d95d65693416d5b80df0b3cdbfca6f6ab"
}