undefined | Better HN

0 pointslucb1e8y ago0 comments

To me it is. The server you'd be talking to in my case is physically mine, in my home, so if I'm an endpoint and someone else is an endpoint, and they have an encrypted connection to the server, for all intents and purposes, it's end to end encrypted.

Of course, there's no way you can tell from the outside since it looks like an ordinary https connection to an ordinary server. Then again, I can think of more ways to implement end-to-end encryption over wiretapped channels without it being obvious that encrypted data is being exchanged (stego is quite easy to make but very hard to detect if you don't know the method). So the whole ban is pointless.

Terrorists and other criminals have an interest in arranging this, and it's quite easy, so they'll succeed. The general public will not care enough, and any widely used end-to-end solution will be banned anyway, so they'll just have to give up a little bit of privacy. No gains but at least the government is trying, right?

0 comments

5 comments · 1 top-level

kakarot8y ago· 4 in thread

Sorry, but that's just wrong. End-to-end encryption has a specific definition that you can't distort just to play devil's advocate.

itake8y ago

Can you elaborate? If I am communicating with a server over tls, how is that not e2e encryption?

The communication between both clients (my computer and the server) are encrypted locally such that mitm are not able to read our secure communication. The "end" of the connection is either the server or my laptop.

SpaceManiac8y ago

"End to end" refers specifically to the two people involved - that is, nobody but the sender and recipient of a communication can read it. Twitter DMs happen over TLS, but they're not end-to-end - Twitter knows the content of the messages.

2 more replies

lucb1eOP8y ago

> Sorry, but that's just wrong.

Sorry, but you're just wrong. I am not playing the devil's advocate, nor am I changing the definition.

kakarot8y ago

Were you unhappy with the fact that no one felt like arguing with your reply to SpaceManiac, so you're trying again?

The scenario you presented, client <-> server, has nothing to do with wisty's original statement,

"As I understand it, it means banning end to end communication between clients. So you can chat over https, but only if the server in the middle (which can be served warrants) is doing the encryption."

which is client <-> server <-> client, and is completely irrelevant. You are changing the definition to client <-> server. Think about it.

j / k navigate · click thread line to collapse