this post was submitted on 10 Jun 2025
477 points (99.4% liked)

Technology

71503 readers
4315 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
477
An analysis of X(Twitter)'s new XChat features shows that X can probably decrypt users' messages, as it holds users' private keys on its servers (blog.cryptographyengineering.com)
submitted 1 week ago by Pro@programming.dev to c/technology@lemmy.world
42 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] lagoon8622@sh.itjust.works 3 points 6 days ago (2 children)

Are you so sure Apple doesn't have your keys? How are they migrating the keys to your new device? It's all closed source

[–] GamingChairModel@lemmy.world 2 points 2 days ago (1 children)

The actual key management and encryption protocols are published. Each new device generates a new key and reports their public key to an Apple-maintained directory. When a client wants to send a message, it checks the directory to know which unique devices it should send the message to, and the public key for each device.

Any newly added device doesn't have the ability to retrieve old messages. But history can be transferred from old devices if they're still working and online.

Basically, if you've configured things for maximum security, you will lose your message history if you lose or break your only logged-in device.

There's no real way to audit whether Apple's implementation follows the protocols they've published, but we've seen no indicators that they aren't doing what they say.

[–] lagoon8622@sh.itjust.works 1 points 2 days ago

That's good to know, thanks.