The slippery slope argument is no doubt a valid one. But Apple specifically implemented (almost) the CSAM scanning after being threatened by multiple politicians - notably Lindsey Graham - that if they didn’t find a solution that they would legislate a backdoor into the OS for law enforcement. I think Apple was doing everything they could to appease the demand without actually violating users’ privacy. While it’s clear they failed to please end users, the solution itself was pretty ingenious.
> Also that apparently Facebook stores the conversations in plain (or easily decryptable) text.
This. Even with E2EE enabled, that only protects your conversations as they travel between you and facebook's servers. It does not mean that the messages are protected from facebook being able to see them. People should have zero expectation of privacy on facebook's platform(s).
That is not true. For both messenger and whatsapp, e2ee messages are not only encrypted between you and facebook servers, they are encrypted end-to-end and only decryptable on the devices. Please reconsider your level of confidence in your understanding of this.
I do not have any information about the current state of messenger, so I cannot comment.
Here is my issue with WhatsApp though:
How will I know that Meta is still shipping an application based on an uncompromised version of the Signal protocol, without malicious modifications?
Auditing is the normal answer.
Sadly, Meta is not ISO27001 certified, so there's no trustworthy external audit trail.
Barring that, who is capable of auditing Meta to confirm this? Who can see the client and server sources to confirm that there is no MITM? Only Meta, on both counts.
I have to trust their word for it and I'm incapable of trusting them.
It doesn't matter whether end (you) to end (facebook) encryption is enabled or not. That only protects data "in transit". The information is still accessible in to facebook "at rest". Enabling E2EE should give you absolutely no sense of privacy from Facebook because it doesn't exist.
This is contrary to the universally understood meaning of E2EE (as in, end to end between the two participants in the conversation). I'm not one to blindly take Facebook's PR statements at face value, but if you're making the claim that Facebook is deliberately advertising E2EE while secretly redefining the term to mean non-E2EE, you should have some strong evidence. Those sorts of linguistic gotchas don't work in real life or in a courtroom.
> The only way to not be complicit is to not have a phone. China makes them all.
Not exactly:
Librem 5 USA: "The Freedom and Privacy of the Librem 5, plus Made in the USA Electronics with a Secure Supply Chain." https://puri.sm/products/librem-5-usa/
Well what would you expect? Lol that's the whole point! What you're saying is you care more about price than you do where the product is made. That's fine, but just be honest with yourself about it.
I am completely fine paying $2000 if I feel like it is a decent product. The problem is I don't think it is good enough to actually use on a regular basis. I wouldn't even pay the non-US price ($1300) for the US version.
Some of these things may have been fixed, but last time I looked there were multiple issues that make it a deal breaker. The battery life is not good, the phone is huge, app compatibly is not good, cooling issues, etc.
I prefer to buy Western made products even if they cost quite a bit more money. I just want to get a decent product for the price and I don't think the Librem 5 is worth anywhere near the price.
Keep in mind, the Nokia bricks of the days of yore. They were still fully functional telecommunication devices. Just because the Librem is probably a glorified Raspberry Pi doesn't mean it isn't worth investing in to help grow the domestic supply chain.
The world is bound by Physics and miracles facilitated by networks. When faced with a toxic hub node, you route around, and reinforce alternative routes.
The vast majority of Samsung phones are made in Vietnam, India, and South Korea. Samsung Mobile no longer owns factories in China, though they may or may not contract out manufacturing for low end phones for the local China market.
One option is to vote for politicians to increase tariffs or ban imports from China, but that would make the voters’ products/services more expensive. At the end of the day, the politician that wins elections is the politician that delivers lower priced goods/services to the voters.
Edit: https://www.eff.org/deeplinks/2019/12/senate-judiciary-commi...