Meta Defies FBI Opposition To Encryption, Brings E2EE To Facebook, Messenger

An anonymous reader quotes a report from Ars Technica: Meta has started enabling end-to-end encryption (E2EE) by default for chats and calls on Messenger and Facebook despite protests from the FBI and other law enforcement agencies that oppose the widespread use of encryption technology. "Today I'm delighted to announce that we are rolling out default end-to-end encryption for personal messages and calls on Messenger and Facebook," Meta VP of Messenger Loredana Crisan wrote yesterday. In April, a consortium of 15 law enforcement agencies from around the world, including the FBI and ICE Homeland Security Investigations, urged Meta to cancel its plan to expand the use of end-to-end encryption. The consortium complained that terrorists, sex traffickers, child abusers, and other criminals will use encrypted messages to evade law enforcement.

Meta held firm, telling Ars in April that "we don't think people want us reading their private messages" and that the plan to make end-to-end encryption the default in Facebook Messenger would be completed before the end of 2023. Meta also plans default end-to-end encryption for Instagram messages but has previously said that may not happen this year. Meta said it is using "the Signal Protocol, and our own novel Labyrinth Protocol," and the company published two technical papers that describe its implementation (PDF). "Since 2016, Messenger has had the option for people to turn on end-to-end encryption, but we're now changing personal chats and calls across Messenger to be end-to-end encrypted by default. This has taken years to deliver because we've taken our time to get this right," Crisan wrote yesterday. Meta said it will take months to implement across its entire user base. A post written by two Meta software engineers said the company "designed a server-based solution where encrypted messages can be stored on Meta's servers while only being readable using encryption keys under the user's control."

"Product features in an E2EE setting typically need to be designed to function in a device-to-device manner, without ever relying on a third party having access to message content," they wrote. "This was a significant effort for Messenger, as much of its functionality has historically relied on server-side processing, with certain features difficult or impossible to exactly match with message content being limited to the devices."

The company says it had "to redesign the entire system so that it would work without Meta's servers seeing the message content."

Retail encryption...

[dowhileor]

What is encryption when neither end controls the keys, the route the data takes to destination? So you don't trust the government but you trust a private corporation with your private thoughts?

Re:Retail encryption...

[gweihir]

There is no need to control the path the data takes or prevent it from being stored somewhere with E2E. That is the very essence of E2E encryption.
 

Re:

[PPH]

This.

And if each user is responsible for generating their own private/public key pairs, it can be secure. The statement "neither end controls the keys" is incorrect. Each user (and only that user) is in possession of their private key.

Re:

[Opportunist]

Each user (and only that user) is in possession of their private key.

...says the metastasis.

Unless that has been audited by some independent party, I don't care what they say.

Re:

[PPH]

Unless that has been audited by some independent party

Which may happen. But it's better than "We'll hold your private key. For your convenience. Trust us. We don't do evil."

My e-mail is generated on a machine that cannot see the Internet. And the Internet cannot see it. The client encrypts the message, hands it over to another system running Postfix and off it goes into the world. The private key does not reside on a directly connected system. Incoming e-mail goes to a completely different host. So it's unlikely that well crafted malware e-mail could be used

Re:

[gweihir]

Very likely, nobody will be willing to invest the effort to break into there. But a simple and a bit hardened single Linux system already does that. Targeted _competent_ attacks are very rare. Even the NSA has only 150 or so people doing it and they try all standard approaches first and will often not continue if that fails. Zero-days are _expensive_ and not plentiful.

Re:

[Opportunist]

Zero-days are _expensive_ and not plentiful.

Not to mention usually very specific and are rarely available just exactly when you're dealing with that kind of system or software.

And also most of the time not necessary. Shaking down a system by the OWASP Top 10 is usually good enough to find something that gives you what you need, unless you're dealing with a high sec system.

And we're still talking consumer systems here.

Re:

[gweihir]

Look, just being combative about the term E2E encryption because you do not like Meta is not really smart. I do not like Meta either, but if they have E2E encryption, that is a good thing. Incidentally, if they claim E2E encryption, the GDPR pretty much says they must have it or there will be huge fines.

Re:

[Opportunist]

Talking about it, I think it's not available in the EU. Wonder why.

Re:

[conorjh]

Look, just being combative about the term

pot kettle black lol thats kinda your whole bag no?

Re:

[Opportunist]

Unless I control the keys, I still have to trust them to not just copy them.

Re:

[gweihir]

That is a completely different aspect. Mixing aspects is not conductive to understanding security.

Incidentally, you also have to trust your OS make and probably all other apps on that device to not steal your keys.

Re:

[Opportunist]

Technically I can fully audit my OS. The source code is available, I can audit it and build it from the source.

Technically.

Am I doing it? No. I can trust my OS. Why? Exactly because I could audit it. If there was something bogus about it, someone who wants to make a name for himself would already have done it.

Re:

[gweihir]

Well, while I have not personally audited Windows source code, I know at least two people that have. Does that make me trust Windows? Not one bit.

Re:

[93 Escort Wagon]

So you don't trust the government but you trust a private corporation with your private thoughts?

Back when I had a Facebook account, very little of what I saw on the platform even qualified as "thoughts".

"Random spewings" might be a more apt description.

Re:

[Tablizer]

Yes, but they were the very best random spewings ever seen, believe me!

Re:

[Opportunist]

I've seen better, or at least more coherent, on Usenet back in the days.

You know, back when people didn't think grammar isn't just your mom's mom.

Re:

[Baron_Yam]

Honestly, it could be performative nonsense for the masses, with American agencies knowing they'll be able to get privileged accounts that can see whatever they want despite privacy settings with direct access to the raw data via the vendor.

Re:

[ls671]

What is encryption when neither end controls the keys, the route the data takes to destination? So you don't trust the government but you trust a private corporation with your private thoughts?

Meta Defies FBI Opposition To Encryption, Brings E2EE To Facebook, Messenger

This is obviously a trap to lure dumb criminals into using Facebook! Of course FBI has the keys and all data is forwarded to them! There are even FBI agents working within Facebook! /s

Re:

[VeryFluffyBunny]

Most Facebook users don't know what a key pair is, let alone how to manage one or the consequences of losing your private key. You can imagine how irate users would get if they got locked out from Messenger because they broke/lost/changed their phone & could no longer access their Messenger account. My guess is that Facebook will keep copies of users' private keys with some kind of automated account recovery process for when this happens. Yes, technically it's E2EE but Facebook has copies which can be r

Has anyone actually vetted their encryption?

[satsuke]

Has anyone actually explored their policies?

I have 2 phones and desktops and the "Secret mode" that was previously E2EE seems to be accessible on all of them.

e.g. if the only thing preventing access to them is changing a password or issuing a login token administratively than there's really no protection from interception by law enforcement or whomever wants access.

Re:

[thegarbz]

Has anyone actually explored their policies?

Yeah the FBI didn't like it and that's a tick in the "good" box for me.

Meta is trying to hide their pedo complicity

[schwit1]

https://www.wsj.com/tech/faceb... [wsj.com]

Investigators in New Mexico created a fake account for a seventh-grade girl named "Issa Bee," complete with AI-generated photos of her. Issa quickly attracted "thousands of adult followers who deluged her with both invitations to join private chat groups and sex content featuring both children and adults," according to the Wall Street Journal.

With allegedly no effective safeguards in place to prevent child exploitation, this week New Mexico Attorney General Raul Torrez filed suit against Meta — the parent company of both social media platforms — alleging that the company "has allowed Facebook and Instagram to become a marketplace for predators in search of children upon whom to prey."

Re:

[Neuroelectronic]

It does seem that way. What a weird priority to have with a dying social network, completely re-implement the infrastructure for encryption? Now?

Re:Meta is trying to hide their pedo complicity

[sacrilicious]

I dislike Meta as much as the next person, ditto pedophilia, but out of earnest curiosity I want to ask: assuming there were no tech or legal barriers to doing so, would you consider it a good thing to mandate government-monitored cameras in everyone's homes to verify the absence of sexual child abuse? If not, then what is the difference -- again, putting aside tech and legal issues -- between the in-home-camera scenario and forced monitorability of otherwise-private messages?

so I guess that means

[Growlley]

The american government can either still slurp the data via the speical security courts it has OR it's already been backdoored weakened or crack or all of them.

Same As It Ever Was, Don't Look Behind the Curtain

[databasecowgirl]

Just because they encrypt your communications, doesn't mean they aren't still logging all of your keystrokes and mouse actions. You don't even need to be a Facebook user to enjoy their surveillance, you just need to use a website that contains their Meta Pixel. For example, log into your healthcare provider's portal where Meta Pixel operating inside the password-protected patient portal is sending patient names, medication information, and appointment details to Facebook.

If they're doing this on other peo

Re:

[Anonymous Coward]

Wasn't there an article about Meta logging what you typed in a text bar, even if was deleted?

E2EE encryption without source code, and a provable path to show it is executed is BS:

1: You can have encryption keys, but they can be generated from the same seed, where a key can be 4096 bits, but all but 80 bits are from a known source, making it trivial to obtain the key. Similar to how some companies in the 90s escrowed most of the bits from a DES key.

2: The app can be patched. Bob may have a copy with E2EE

Re:

[Anonymous Coward]

You don't even need to be a Facebook user to enjoy their surveillance, you just need to use a website that contains their Meta Pixel and allow JavaScript from Facebook.

Fixed that for you.
https://developers.facebook.co... [facebook.com]
"The Meta Pixel is a snippet of JavaScript code..."

One thing that has irritated me for a long time is that people were so obsessed with third party cookies when it's third party JavaScript code that's the real danger. And often times when a site runs poorly, it's those same scummy third party JavaScripts that's dragging things down.

Cryptography was onced classified as munitions

[lwmv]

About 30 years ago, Phil Zimmermann published PGP, the first widely available program that implements public key cryptography. Later he was investigated by the US government [wikipedia.org] for "munitions export without a license".

Re:

[sconeu]

"munitions export without a license".

At the time, encryption with anything larger than a 40-bit key was classified as a munition, and therefore regulated under ITAR.

However, Phil didn't distribute the code digitally, it was published as a book (with pages easily removable for scanning purposes), and therefore legal under the First Amendment.

An actual positive step

[stikves]

We can be critical of Meta, we can have doubts about the quality of their end-to-end encryption. However this is a positive step.

We should have e2e as the norm in the industry, so that really good applications like Signal (with an open source client, and open protocol), don't become the "odd ones out". Maybe Messenger is not perfect, maybe WhatsApp has security holes. However if all programs are standing together, undivided against government interference, then the truly good ones cannot be easily targeted.

Key Escrow?

[bill_mcgonigle]

Are they keeping the keys for users to unlock with their password?

It seems like most FB users would want their messages if they drown their phone.

trust

[nicubunu]

Do we trust Meta they do what they are saying? From me, not very much, Meta worked hard to break that trust.

Well then keep up!

[Saucy7443]

The fact that the govt(at least in canada) paid a private firm for encryption software for radio's tells me what I need to know. Encryption should not be inherently or intentionally back-doored. I believe that's their problem with this. They know it's open and fair use and that they cannot break it. However I respect that a level of transparency is required when dealing with legal matters; I don't think the process to obtain information is well documented or public enough, and should likely be reviewed by t