Privacy

46450 readers

1531 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

710

Under British and UK Legislation anyone using or developing end-to-end encryption is now a “hostile actor” (lemmy.ml)

submitted 1 day ago by tastemyglaive@lemmy.ml to c/privacy@lemmy.ml

148 comments fedilink hide all child comments

Surveillance strategies in the UK and Israel often go global

you are viewing a single comment's thread
view the rest of the comments

[–] gtr@programming.dev 7 points 23 hours ago (2 children)

TLS is not typically considered end-to-end encryption. It's transport encryption.

[–] douglasg14b@lemmy.world 1 points 11 hours ago

Do they strictly define end to end encryption in this bill?

If not, then yes, TLS is "end to end" as the sender encrypts the message, and the receiver decrypts it. Each "end" to each "end" is encrypted, satisfying the semantics of the term.

[–] Lysergid@lemmy.ml 9 points 22 hours ago (1 children)

I don’t get it. E2ee is about encryption in transit not encryption at rest. TLS sounds exactly like e2ee

[–] iglou@programming.dev 8 points 21 hours ago* (last edited 21 hours ago) (1 children)

E2E is about the sender encrypting, and only the intended receiver decrypting, with nothing in the middle able to read the data.

TLS is not designed for that, as the server you connect to is not necessarily the intended receiver, yet it can see everything.

With E2E, you can send data to a server, which is not the intended receiver, and it won't be able to read it.

[–] douglasg14b@lemmy.world -1 points 11 hours ago* (last edited 11 hours ago) (1 children)

Your explanation assumes that scope and scale are part of the definition which it is not.

If you keep zooming in or zooming out the definition of E2E keeps changing under your statement.

If the only knowledge a system has is between a sender and a receiver (Which satisfies even your definition of "intended recipient") then TLS is E2E encrypted.

[–] iglou@programming.dev 1 points 6 hours ago

The definition of E2EE has evolved since the concept surfaced. You seem to be stuck with the original meaning.

TLS does not fit the modern definition.