alt Hacker NewsE2E encrypted messaging on Instagram will no longer be supported after 8 May
Comments
So apparently this was opt-in, much like Telegram's OTR chat feature, and thus completely different than WhatsApp where it has always been default. Not a good look regardless, but the few who went into chat settings for a specific person to turn this on in the first place will likely just switch to WhatsApp or another app rather than continue without it.
It could be a move to have parity with TikTok, where they claim it’s for safety reasons. I’ve been seeing advertisements for Instagram touting their child/teen protection features. Seems like they’re really trying to beat the allegations that Instagram is bad for children’s health.
When Meta starting introducing E2E messaging it was a huge push. I wonder why they're doing away with it.
Is this legitimate? It's so incoherent to see this blurb at the top saying it's being retired while everything underneath is pitching the value of e2e.
On the other hand Messenger has moved to only supporting e2ee chats, wonder why the difference.
It feels like it's time to move to lemon writing over paper on normal post. Only way you can no talk freely.
Socials are caught in the innovator's dilemma.
Given the dependence our society now has on the internet, it's bonkers to me that more VCs aren't rethinking their investment strategy. Privacy is not some niche concern anymore, check out the response to Flock for example.
There's a general trend right now against privacy and in a more general sense against freedom. More and more companies are on board with it. I'm not sure if anyone in HN has any useful advice in this regard. I feel like I don't know what to do about the internet for the next 5-10 years. Does this particular measure matter very much? No, but it's another brick in the wall.
The only reason I can think of for this change is governmental pressure. I don’t see how it benefits the platform itself (nor its users).
In a sane world, removing E2E encrypted messaging would be worthy of huge fines.
the timeline for all of this is not a coincidence. meta spent millions lobbying for age verification laws that require content scanning. hard to scan content that's encrypted.
This feature has never been available to me- it just threw an error each time. Wonder how far it actually got rolled out?
Did they give a reason why are they doing this?
Never rely on a platform used by the masses to perform E2EE. It is far too easy to strip away E2EE for targeted users without their knowledge as they maintain the server and client code. This advise is to protect from corporations gobbling up and ultimately leaking sensitive data. Spooks can target the device itself via debug access for nation state level threats.
Consider instead using a code word or phrase to move sensitive conversations to something self hosted such as jabber using OMEMO XEP-0384 and XEP-0373 OpenPGP for XMPP and SASL SCRAM. OMEMO is an implementation of the Signal protocol on top of the XMPP protocol.
e.g. "_Expletive_! I stubbed my toe!" other-person: "lol geezer watch where you are walking." conversation quietly and temporarily moves to the pre-shared self-hosted Jabber server. Temporarily because going dark can draw attention. Feed the big chat platform boring garbage and misdirection.
I don't use IG although they dearly want me to, giving me a popup every time I visit, but let me talk about FB for a second (and btw FB wanted to enable cross-platform messaging on the platforms they own - Meta - which seems anti-trust-y) - when they introduced encryption on FB, they made it mandatory. They opted everyone in, and it broke Messenger. If you delete cookies you might also delete messages. Isn't that convenient?
just waiting on whatsapp to rug pull as well & then bye bye privacy & meta from my life
We all know what this means.
This could obviously tie to sending you more ads.
It could also tag people communicating about topics ig chat that it is actively suppressing.
They may be looking for an uproar to reverse the policy as so far, it's just words.
because they want to read your messages for training ai and for advertising
I wonder if this is the start of a trend or just a one-off?
Use this https://www.ricochetrefresh.net/ Chat and file transfer over tor
[dead]
Wait, people trust communication via Instagram thinking they are secure?
Isn't this actually improving safety by openly admitting how things always were in practice?
Any e2e encryption provided by the same entity who fully controls both the blackbox clients, and the server in between, is just a security theatre that they can selectively bypass anytime with very little risk of detection. Not really much better than simple client to server encryption.
Truly safe e2e requires open source client provided by a trusted entity who is as much as possible independent from the one who provides the untrusted transport layer. Eg how pgp email works.