Well... That's it, folks. We're fucked.

Or maybe it’s because google is actually stealing their traffic.

NIST is the entity heading the crypto competitions, the two I’m aware of/contributed to on are Light Weight Crypto (LWC) for small embedded IoT devices and Post Quantum Crypto (PQC) for larger devices like computers and such aimed at securing our devices from quantum attacks that can easily break RSA and cut AES times in half.

The competition sites I know of

https://csrc.nist.gov/Projects/lightweight-cryptography

https://csrc.nist.gov/projects/post-quantum-cryptography

There are links to the remaining algorithms in the finalists/round 4 respectively.

CRYSTALS-DELITHIUM for pqc digital signature is already being used in some new specialized processor among a couple others. CRYSTALS-KYBER is likely to replace RSA.

Last I looked into it I think GRAIN-128 AEAD will be the new LWC alg.

I mean pretty much anything in a cloud should be considered secure from everything but law enforcement.

The point is you still need the user context/auth. These files only work with the OS to access them. Like an iOS app or Windows Store data/settings in an app, that is specifically signature/encrypted to your user. Outside of that context it is useless. Third party ones are usually not tied to OS/browser/app for a reason.

I think most people are worried about hackers/ransomware/criminals over law enforcement so if you use the cloud that is why people are willing to make that tradeoff. The most insecure place is the local systems most likely, very easy to compromise a user compared to Apple/Google/Microsoft. It is possible but way more difficult. You almost have to be rogue state level funded for that.

> Well.. then just don’t add participants you don’t trust to your group chats…

Sure, but there is a 'ghost' user ability. In many messengers this is used to look for spam/moderation or other potentially nefarious reasons. Any chat system that has the ability to connect more than two people has the potential for you to not see the user. This is the most common use like in honeypot apps.

Encrypted messaging app used by criminals was actually an FBI honeypot

>> The encrypted messaging app in question was called ANOM, and was installed on special smartphones that couldn’t make calls or send emails. ANOM purported to be end-to-end encrypted, meaning only the sender and receiver could view messages. In reality, every single message was passed to police, who used them to make the arrests.

Ghost users is a major problem in "secure" messaging apps. There are plausible deniability reasons for them, spam detection, moderation etc, that is the rub.

> if there’s an easily available plaintext version too?

It is only plaintext in the context of the user... Taking it out of that context it is no longer. People make this claim about browser password managers but everything is tied at the system level to the user. Sure if the person gets the user context then they can get the files unencrypted, that is how it works. That would mean everything is compromised even your "secure" third party messenger like Signal.

> Signal is open source and you can run your own server if you want.

Yes. Still doesn't mean a third party that relies on messaging only is trustable.

Apple/Google/Microsoft have a vested interest in securing all your content, you don't have to worry about them stealing messages or siphon.

All of them will be open to law enforcement most likely because there are so many attack vectors in systems and especially third parties that don't have the sophistication at the cyber security level simply due to cost.

I'm in the UK and I use Signal all the time. I would be sad to see it go, but immensely happy to see Signal stand by its principles. I would miss it, but if they do scorch the earth on their way out I would hold the can of petrol for them. For once I just want to see a company do what's right before profit.

Because they think they can "double dip".

Tbh there has been research that would allow somehow for the encrpytion to work ONLY if some words / phrases are not present.

It's a stupid thing but some genuinely want to do that. And it literally makes the encryption pointless if they do do that because then some "trusted" party makes a list of words and phrases which can be any fucking thing.

Probably not on a locked down corporate laptop. Plus they often come with corporate software that specially scans for unauthorized software, so it's not worth the risk of trying to bypass.

Lots of people don't seem to realize how locked down and monitored work laptops are, you really don't want to run personal Signal accounts or anything else for that matter on these devices.

me too Bing, me too.

The backup files not being encrypted is the whole point though. What good is everything else being encrypted if you can just subpoena or get a copy of the backup where all of that stuff that was encrypted is in plaintext lol

> Phone backups also don’t have to go to iCloud

Yes, but it’s on by default, and the majority of users have it turned on. Advanced Data Protection means you’re giving up a lot of account recovery options so most users don’t have that on, plus it’s only ~3 months old.

> This all falls apart when a participant is added

Well.. then just don’t add participants you don’t trust to your group chats…

> Focusing on just encrypted backups

But it’s a big issue lol. See above and refer to the slides I linked in the earlier comment. Again, what good is the encryption if there’s an easily available plaintext version too?

> When it is bought out by private equity

Signal is open source and you can run your own server if you want.

While I like to trust what signal says, what companies say, vs what they do, often does not align.

[removed]

i just wish they didn't drop support for SMS/MMS

I'd laugh at an AI attempting to work on the codebase I work on, haha 😄

Australia managed to shake them down, but frankly I was surprised they pulled it off.

Good info. The leaked screenshot I wish someone had a good version of it, so small.

The point with iCloud is that it is always under the users security context, that is encrypted. The backup files themselves weren't but across the board the OS and cloud level access requires the user context, if you were to take those outside the system you'd still need the auth context.

For law enforcement that is more accessible on iCloud, but for others it is more difficult like cyber criminals or ransomware and other things.

Phone backups also don't have to go to iCloud, it is wise to for not losing content, but you can still backup to desktop or other.

The point is, they aren't a third party, they don't make money only from messaging and they have a very vested interest in making sure their system is secure from third parties. If you add a third party into the mix like on messaging, you better trust it because your OS/device already can see that AND the third party. Adding more attack vectors is really security by obscurity, but with more obscurity.

> Signal by default doesn’t keep its data in device backups. You’d need to build a custom client to get it to do that. There’s no way to get Signal to not end-to-end encrypt it’s chats, it’s on by default and can’t be turned off.

This all falls apart when a participant is added (ghost or actual) that gets the entire convo. This is very common in messaging apps and a known issue on WhatsApp, Telegram, many other ones and Signal also has the ability to attach users to convos. The moment you have another participant all the end to end encryption is moot.

Focusing on just encrypted backups is probably what third parties want people to focus on, because they are third parties and want you to use them, but even if you trust them, how long can they be trusted. When it is bought out by private equity later that can get bad. Now they might sift everything. It is alot like those VPNs that say "we retain no logs" but they divert them to a third party and when it is reviewed the logs surely aren't there, but they are still out there.

Interested in this space... What are the new standards we're heading into / already in / where are things going?

But get laid unlike the rest! ...Hopefully

> AI is not computationally demanding to run

ChatGPT kinda is, due to the size of the neural network. But it’s all relative, of course.

There’s a UK law to lower it? Wtf. As a world community, IEEE, NIST,etc, We are quite literally in the final and post final stages of setting new encryption standards to replace AES and others BECAUSE they’re too week and outdated.

>People in the government who say messages must be encrypted in a manner such that the government can read them doesn't seem to understand how encryption works.

Some of them absolutely do, they also know nothing will actually happen BUT it wins over votes from certain demographics

That actually made me laugh out loud!

If it’s such a great deal for newspapers why are they against it?

The AI is extremely quick to come up with the actual code but takes forever to create a single unit test. Not because it is struggling to do it, it just doesn’t want to do it or thinks it’s important at all

wait, they are considering those Indian wannabe scammers as hackers? LoL