Share this page!

Matthew Green Profile picture
Twitter logo
6 Jan, 5 tweets, 1 min read
I’ve belatedly come to believe that we blew it by focusing on secure messaging, while Silicon Valley quietly built their unencrypted backup infrastructure and doomed most of our efforts.
I think people at Apple knew this back in ~2014, which is why they threw so much effort into an (ultimately doomed) effort to deploy end-to-end encrypted iCloud backup. But they were too late.
By the time they got close to deploying it, governments had realized the value of what Apple (and Google) had built. There was no way they were going to let that resource be taken from them.
Apple’s photo scanning plan last summer was the first push to mobilize that backup repository for mass surveillance (of genuinely bad people), and perhaps Apple’s attempt to strike a limited bargain.
I’m still curious what’s in the future for backup. I’m optimistic that Google has deployed some end-to-end encryption in Android Backup, but not enough. WhatsApp has also done this. Apple’s content scanning plans make me doubt they’ll ever do encrypted backup now.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Matthew Green

Matthew Green Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @matthew_d_green

Matthew Green Profile picture
6 Jan
I think this a very worrying idea, and one I’ve seen from many thoughtful policy experts: namely that laws are the only solution to the surveillance nightmare we’ve created with newer technologies.
The problem today is that we’ve opened up a virtually infinite feed of potential surveillance data, then centralized that data in a few poorly-secured centralized repositories. Governments can’t resist accessing this data, don’t ask them to try.
There is this idea among policymakers that if we just democracy harder, we can somehow bring digital privacy expectations back to where it was in the 1980s (or even the early 2000s.) But even if we had a working democracy, we can’t. It’s too late.
Read 8 tweets
Matthew Green Profile picture
30 Dec 21
Moms are the real tracking threat.
A friend recently lost his wallet with a Tile inside it, and rather than get the thing back we’ve been watching it wander around Baltimore for the last three weeks.
It turns out that knocking on random doors in Fells Point is a very bad strategy for recovering lost things.
Read 4 tweets
Matthew Green Profile picture
27 Dec 21
Apropos Moxie’s thread, Telegram’s E2E is so obviously homebrewed, it’s like sending a chat to the late 1990s.
So the remote client picks the DH parameters (why!) and sends them to you, where you have to carefully check that they’re constructed correctly (pretty sure these checks were added later.)
Then there’s this weird thing about the server picking randomness, which used to be a total security vulnerability since it allowed the server to pick the DH secret (now fixed, I think) and still more complicated group membership checks.
Read 6 tweets
Matthew Green Profile picture
21 Dec 21
Oh this isn’t good, Binance. blog.trailofbits.com/2021/12/21/dis… Image
I’m uncomfortable using “1” as an x-coordinate for Shamir, since my stupid intuition tells me “it’s so close to 0” :) But Binance just letting you blast away at q, 2q, etc.
One of my favorite things about cryptocurrency is you never have to say “well the impact can’t be that bad” because you know someone secured like $100m with it.
Read 4 tweets
Matthew Green Profile picture
20 Dec 21
No, no, no, it does not. What is wrong with you people. Stop this. Image
What even is this. You had an explicitly *non-cryptographic RNG* but you’re upset it doesn’t display cryptographic properties!? Image
Rust cryptography task force: wake up and get on top of this before your beloved language gets ruined by idiots who don’t even know what they want.
Read 9 tweets
Matthew Green Profile picture
19 Dec 21
Does anyone know how Apple’s privacy protocol for AirTags combines with their anti-tracking features? Seems like the two should be incompatible. (I have some guesses but I’m wondering if it’s officially documented.)
My guess is that the AirTag cycles its broadcast pseudonym at a slower rate than your phone can scan, so if your phone detects many broadcasts of the same pseudonym within some time window it says “ah, an AirTag is near me.” And it links this over many windows.
In other words, Apple is taking advantage of a weakness in their anti-tracking protocol to do tracking, in the service of preventing a different kind of tracking.
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @matthew_d_green has new unrolls!

Check out other threads from @matthew_d_green!

Read all threads by @matthew_d_green

:(