Unencrypted chat history is a prime target for police

cross-posted from: https://lemmy.ml/post/1874605

A 17-year-old from Nebraska and her mother are facing criminal charges including performing an illegal abortion and concealing a dead body after police obtained the pair’s private chat history from Facebook, court documents published by Motherboard show.

  • patch1@lemmy.fmhy.mlEnglish
    0·
    1 year ago

    I thought messenger was end-to-end encrypted, at least according to Facebook. How were they able to hand over the chat logs? The messages should be encrypted with a key that is itself encrypted with user’s password, which Facebook doesn’t store.

    What am I missing?

      • patch1@lemmy.fmhy.mlEnglish
        1·
        1 year ago

        Actually that page suggests that they can’t access it. They’d never passed the security on it if that page was lying and they don’t encrypt it. Clearly there must be some kind of mechanism they can use to decrypt it for law enforcement. The technicals of that are what I was actually interested in from my original comment.

        EDIT: Oh my God I just figured it out. It’s not enabled by default. You have to explicitly turn it on per conversation. That’s terrible

        • jabjoe@feddit.ukEnglish
          1·
          1 year ago

          Even if you turn it on, they control the end points, so it’s not really any more secured.

    • ghariksforge@lemmy.worldEnglish
      11·
      1 year ago

      End2End encryption is mostly a PR stunt. In practice it’s not hard to go around it. For example:

      • going after unencrypted backups (such as in google drive)
      • compromising or seizing your device
      • forcing the app developer to leak the private keys
      • forcing you to turn over the information by threatenening you with not cooperating.

      It reminds me of this XKCD: https://xkcd.com/538/