Recently my Facebook Messenger app notified me that it was now “end to end encrypted” [1]<p>This puzzled me, as in Australia there was a law passed a few years ago that requires companies like Facebook to disclose conversations if requested by the government [2]… I don’t necessarily agree with this law…<p>However, I am curious if Facebook is actually able to still meet this requirement? … or if there’s a back door to this encryption…<p>[1] https://about.fb.com/news/2023/12/default-end-to-end-encryption-on-messenger/amp/<p>[2] https://fee.org/articles/australia-s-unprecedented-encryption-law-is-a-threat-to-global-privacy/#:~:text=The%20Australian%20government%20has%20passed,though%20it's%20protected%20by%20cryptography.
I haven't actually looked into this, but I imagine it works the same way Apple's iMessage:
He who controls key exchange controls everything.
They don't need to "backdoor" the encryption if they can just add a new (invisible) device to your account that can read all your messages.<p>Alternatively they could just do it inside the app. Sure messages are e2e from user to user, but then the FB client app can package up the decrypted message and send it off to wherever they want.<p>A good rule of thumb: If it's not fully open source, it's not actually encrypted from the gov, only from your nosy neighbor.
I wonder how long before Australia will go after Signal or Matrix for being actually unreadable to them. (presumably)
Disregard the idea of end-to-end encryption (e2ee) as it is merely a pretense to maintain the illusion of privacy. The truth is, prominent technology companies all possess backdoors that enable government agencies to monitor your messages when deemed necessary. It's all a facade.