• RobotToaster@mander.xyz
    link
    fedilink
    English
    arrow-up
    97
    arrow-down
    1
    ·
    9 months ago

    Doesn’t instagram claim messages are e2e encrypted? How can this work without them having access to all messages?

    • Star@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      32
      arrow-down
      1
      ·
      9 months ago

      They aren’t E2EE by default. You have to enable it manually.

    • catloaf@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      9 months ago

      End to end is exactly what it says. It’s decrypted at both ends.

      • dsemy@lemm.ee
        link
        fedilink
        English
        arrow-up
        28
        ·
        9 months ago

        E2E encryption means only the sender and recipient should be able to access a message.

        • RmDebArc_5
          link
          fedilink
          English
          arrow-up
          20
          ·
          9 months ago

          Yes, but it’s very hard/impossible to verify if something is e2e or just encrypted. Personally I wouldn’t be surprised if meta had access to the encryption keys

          • dsemy@lemm.ee
            link
            fedilink
            English
            arrow-up
            13
            ·
            9 months ago

            Yeah, that’s why the comment you initially replied to cast doubt on whether the chats are actually E2E encrypted.

  • RmDebArc_5
    link
    fedilink
    English
    arrow-up
    72
    arrow-down
    3
    ·
    edit-2
    9 months ago

    One question. If they know those are minors and that they know that the pictures are nudes, why the hell don’t they just ban the accounts that try to send nudes to minors? Also who the hell thinks it is a good idea to send nudes to Meta?

    • Quik@infosec.pub
      link
      fedilink
      English
      arrow-up
      43
      arrow-down
      1
      ·
      9 months ago

      I would suspect because there is probably space for errors in the detection system

    • TimeSquirrel@kbin.social
      link
      fedilink
      arrow-up
      32
      arrow-down
      1
      ·
      edit-2
      9 months ago

      Also who the hell thinks it is a good idea to send nudes to Meta?

      It was eye-opening when I realized I’m the only one in my circle who gives a shit about online privacy. You and me and most of the Fediverse are a rare minority. This is normal to people now. If you told people in the 90s about this they’d rightfully call it a dystopia. I remember my mother being super paranoid about me going online back then. Boiling frog situation here.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        5
        ·
        9 months ago

        Which is kinda funny because lemmy is really bad for privacy since pretty much everything is open. If you want to see how people vote, just make your own instance and collect it all.

        Lemmy is relatively anonymous, but not private. It’s still way better than anything Meta does.

    • andrew_bidlaw@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      4
      ·
      9 months ago

      why the hell don’t they just ban the accounts that try to send nudes to minors?

      Because they are sent from minors to minors too? Teens are horny, they copy adults making nudes, sometimes just sharing porn. Recently there were problems with classmates using pornLLM to undress their peers. The abuse problem is harsher, but I feel it’s the minority of nudes received by minors. Honestly, I’d have changed the EULA to forbid it on a public service like Insta, because unlike messengers there is everything to be deanonymized and explicitly targeted by an abuser, including stalking and threats IRL. For Insta, there could be a rule to ban uploading images to Direct of <18 y.o. users, only reposts, meaning they are publically availiable and may get reported by other users and brought down by existing policies without breaking E2EE.

      • RmDebArc_5
        link
        fedilink
        English
        arrow-up
        7
        ·
        edit-2
        9 months ago

        Because they are sent from minors to minors too?

        This could be different depending on the country, but in Germany that would still be illegal. I don’t think a rule like you suggest would ever happen if not forced by law

        • andrew_bidlaw@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          2
          ·
          9 months ago

          I haven’t heard of that law be strictly enforced tho. For one reason - teens are stupid and don’t know laws, even though they fall under them. But yeah, most civilized places have laws against production of minor porn that doesn’t specify age, but can walk around the problem if it’s produced by a consenting party, of themselves, and without a big age difference.

          • Quik@infosec.pub
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            The “problem” here (if you think so) is that if law enforcement in Germany gets to know about a case like this, they cannot choose themselves not to act on it.

    • General_Effort@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      25
      ·
      edit-2
      9 months ago

      Because not everyone lives in Saudi-Arabia or Texas a country dominated by religious conservatives?

      ETA: I’m sorry. I shouldn’t have made it about specific countries.

        • Borkdornsorkpor
          link
          fedilink
          English
          arrow-up
          10
          ·
          9 months ago

          If an 18 year old girl sends a spicy picture to her 17 year old boyfriend, that probably shouldn’t warrant the same reaction as a 15 year old receiving porn in her dms from some 40 year old stranger. Black and white thinking typically doesn’t lead to fair policies and implying that someone wants to creep on random children because they recognize that nuance exists seems a little disingenuous.

          • General_Effort@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            If an 18 year old girl sends a spicy picture to her 17 year old boyfriend

            If the 17-year-old sends one back, that’s already a crime in many places. It could get him prosecuted for production and her for possession. If he uploads the picture to a chat group, the real fun starts.


            The article says this is about nudity, not selfies. IDK how kids use instagram, but I’d guess that the senders are mainly kids sharing horny pics from somewhere else.

  • Red_October@lemmy.world
    link
    fedilink
    English
    arrow-up
    52
    arrow-down
    1
    ·
    9 months ago

    So… they can identify when someone in a conversation is a minor. And they can identify when nudes are being sent. But when these two are combined, they figure just blurring the image is the appropriate solution?

    • UraniumBlazer@lemm.ee
      link
      fedilink
      English
      arrow-up
      28
      ·
      edit-2
      9 months ago

      Perhaps to avoid false positives? I think it’s telling the minor, “hey, this might be a dick. Open only if you trust the person”.

  • EvilBit@lemmy.world
    link
    fedilink
    English
    arrow-up
    44
    ·
    9 months ago

    Yeah, this is definitely gonna work, as if I haven’t been over 18 years old since I was 12 years old, according to every birthdate question ever.

        • Bizzle@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          ·
          9 months ago

          Lmfao for real, putting my fake age as born in 2000 would make me younger 🙃

      • schnurrito@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        5
        ·
        9 months ago

        That was well below 18 for most of the time I have used the Internet. People born on that day were toddlers when I started to seriously use the Internet.

        I could nowadays enter my real DOB and get through all checks but I usually still pick something in the 1970s or 1980s.

      • Buddahriffic@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        If the default date is old enough to get past the prompt, I use that one. If it isn’t, I pick a random year that is. I don’t have to lie unless I want a senior discount or something, but I just don’t want to share my birthdate with any random site or service.

  • BearOfaTime@lemm.ee
    link
    fedilink
    English
    arrow-up
    35
    arrow-down
    3
    ·
    9 months ago

    Wouldn’t not permitting minors to use the service at all make this issue moot?

  • qprimed
    link
    fedilink
    English
    arrow-up
    27
    ·
    9 months ago

    lots of comments about e2e encryption (or the potential lack thereof)

    even if it is e2e encrypted (and I mostly believe it is), once its decrypted on your device (in their app) its in the clear. there is nothing technical preventing the app from then inspecting the data or forwardiing the data to another party for analysis - thats a “terms and conditions” issue.

    the article claims they are doing some on-device recognition - thats likely computationally non-trivial, with variable accuracy (false positives/negatives, anyone) and probably at least partially circumventable and perhaps even exploitable (more app surface area to attack).

    so, ok… its a lead-in to classifying content on your device. I have no idea what comes next, but I am pretty sure there will be a next and this is why I don’t intentially use any meta products.

    • Lutra@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      ·
      9 months ago

      Which is a end-game around E2E. Saying ‘the message is encrypted’, but yes, I look at all messages before and/or after violates the expectation of E2E.

      • BearOfaTime@lemm.ee
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        2
        ·
        9 months ago

        I’ve said this from the start, and people called me names, or “prove it”. Sigh.

        If the capability is there, that’s a problem.

  • Zink@pawb.social
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    2
    ·
    9 months ago

    In case it wasn’t already obvious that they are not encrypting like they said they were…

  • boatsnhos931@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    2
    ·
    9 months ago

    Did anyone ask for this feature? Are you telling me that when a kid receives a photo blurred out in IG, shim is just going move on and be like ‘gee I’m just going to have to wait’. They have to have a phone number and email address to set up the account right??!!

  • h_ramus@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    2
    ·
    9 months ago

    What about images sent from Japan? Aren’t they all pixelated by default? /s

  • werefreeatlast@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    6
    ·
    9 months ago

    Daddy, what’s noodity? Oh! So peepee pictures is nudity? How come I can’t see all the peepee in my phone?

    Anyway, to prevent this conversation, maybe labele the images “content not appropriate or not allowed”. It works for mastodon. We literally can’t see a tit or dick unless we double click on the fussy image. So why only minors? Just add a switch for everyone.