TL;DR

Don’t use snapchat

  • lemmyreader
    link
    fedilink
    710 months ago

    TL;DR

    Don’t use snapchat

    TIL that Snapchat is an app used in 2024 without E2EE, Wikipedia article on Snapchat :

    Encryption

    In January 2018, Snapchat introduced the use of end-to-end encryption in the application but only for snaps (pictures and video), according to a Snapchat security engineer presenting at the January 2019 Real World Crypto Conference.[138][139][140] As of the January 2019 conference Snapchat had plans to introduce end-to-end encryption for text messages and group chats in the future.[141]

      • @dubyakay@lemmy.ca
        link
        fedilink
        4
        edit-2
        10 months ago

        Well, doesn’t matter if it’s proprietary. Just need to sniff packets and you’d find out if they are encrypted or not, no?

        Edit: looks like it’s not E2E truly. It might be encrypted in flight, but snapchat as an entity can read anyone’s messages. They have a policy to act on threats within thirty minutes and report it to the authorities. Dystopian.

        • Possibly linuxOP
          link
          fedilink
          English
          310 months ago

          It very much matters. When something is proprietary there is a, no alternatives that will function exactly the same and b, you don’t know what its really doing. For all you know its detecting the sniffing and changing its behavior.

          Additionally how do you know what’s being sent if its encrypted.

          • @dubyakay@lemmy.ca
            link
            fedilink
            110 months ago

            Yeah, see my edit.

            Before the edit, I just meant the technicality itself: is it actually encrypted or is it plain text? This would have mattered if the state intercepted the message somehow, spying on their citizens. But apparently they did not, because snapchat leaked the data to them in a semi-automated manner: auto-generated incident report based on filtering gets escalated to authorities.

            • Possibly linuxOP
              link
              fedilink
              English
              110 months ago

              No matter what it was this is just a reminder to use Foss encrypted chats that have been validated by at least one security audit.