Now the safest messaging app available, iMessage offers encryption so secure that even threats from the future won’t be able to crack your conversations.
Now the safest messaging app available, iMessage offers encryption so secure that even threats from the future won’t be able to crack your conversations.
I know that’s a popular saying, and there is some truth to it, but it’s not the whole story. Encryption protocols used by the intelligence services, for example, are highly secure and not open source, while open source encryption protocols have themselves become vulnerable to attack.
Enigma is a primary example of this. While at the time it was considered unbreakable (by both German and Allied intelligence), the knowledge of the physical and logical operation of the Enigma device was key in breaking the code. Codebreaking usually relies on a combination of intelligence gathering and mathematical analysis, and open sourcing it solves a big part of that picture.
I’m saying this as an old school cypherpunk - I’ve since gotten out of it in favor of math I find more interesting - and a user and advocate for technologies like PGP. I used PGP for a long time on many of my emails, and I even had the PGP in Four (later, Three) Lines of Perl as my email sig to show how stupid it was to declare encryption a weapon for export purposes. What I’m saying is that I’m an ally.
I’ve also gone long past the point in my career where I feel comfortable with categoricals like that, and I had a few minutes to type up a reply that will be read by fewer than ten people.
Thanks for your thoughtful reply to my shitpost like comment.
I highly doubt that intelligence services are not using open source encryption standards for their communications. If they didnt, they would constantly get hacked instead of sometimes.
Obscurity is not security and will never be, which goes in line with your enigma comment. It was designed so that gaining knowledge of its construction significantly weakend the encryption which further proves the importance of systems that withstand exposure to the public.
Without open encryption standards there is no internet and we wouldnt be able to write these meaningless comments.