Instagram Encrypted Messaging Ends on Friday, May 8(www.macrumors.com)

83 pointsby fraXis5 hours ago7 comments

giwook4 hours ago
"In March, a spokesperson for Meta told The Guardian that the decision to abandon encryption was due to low uptake. "Very few people were opting in to end-to-end encrypted messaging in DMs, so we're removing this option from Instagram in the coming months," the spokesperson said."
I wonder what it's like being a spokesperson for a company (or administration) where everyone including yourself knows your statements are misleading at best.
- TheChaplain4 hours ago
  I've noticed it is a quite common attitude in society, not paid enough to care so they don't.
  - settsu3 hours ago
    What you're describing more often applies to retail and service workers whose pay provides little incentive to do more than the absolute minimum to maintain employment.
    Whereas it seems this might be a situation where the situation is actually inverse: being paid enough to not care.
  - giancarlostoro3 hours ago
    I really would not assume that the spokesperson knows the true technological implications. As a Software Engineer, who has talked to people in marketing and PR from various companies, they know how much upper management tells them unless they independently research or understand, you can really tell when you start talking technical to them or asking them questions (based on business needs). I would assume it is very likely that they are oblivious.
  - testfrequency3 hours ago
    Oh people care, it’s just - the likelihood of being held responsible in the current USA political climate is moot.
    Americans can’t even agree on persecuting pedophiles, what makes you think they can agree on a clear loss of privacy for the normies that only people in power will only benefit from?
    It’s all exhausting
  - password43213 hours ago
    In this case wouldn't it be paid enough to [deliberately] not care?
  - GlacierFox3 hours ago
    What do you mean? It's a depressing thought people only care about things for financial incentive.
    emsign3 hours ago
    It's true though. There actually exist people whose only incentive in life is the pay they receive or the profits they can make. It seems to be more common in the US where your worth as a human being is measured by your wealth. That's why the USA looks in most parts like a third world country with a few enclaves where the rich people live.
- emsign3 hours ago
  It feels similar to being a buzzing fridge. These people possibly can't have any feelings or else they couldn't do that job.
- 15 minutes ago
  undefined
- godzillabrennus4 hours ago
  Being good at serving the interests of wealthy people as a paid liar has proven to be a demonstrably good skill set for a career in politics.
brandon2723 hours ago
It feels absurd to have seen E2EE fought for and considered table stakes by many users, especially the technically-oriented, now rolled back a short time later by these companies who never really cared about privacy to begin with and clearly don't expect any backlash.
It also feels like the wide-scale desperate adoption of AI has weakened claims about the essential nature of privacy, now that everyone has demonstrated that they are happy to feed their innermost thoughts, secrets, personal conflicts, code, medical records, legal documents, etc. into cloud AI platforms.
nitrat33 hours ago
I do not think any person would freely choose unencrypted messaging.
There is no reason for unencrypted messaging.
This is a fundamental market failure.
It is only through bundling these messaging services with other services + platform dominance that unencrypted messaging still lives.
- newphone7333 hours ago
  True e2e makes it hard to sync a new device and makes it easy to lose all your history. The company also can't help you recover your messages and it's unclear for normal people why (often met with anger or disappointment).
  Unencrypted messaging is easier and more convenient, just login from anywhere and done. So there are actual technical and rational reasons to choose against e2e.
- tardedmemean hour ago
  I have so many problems with using Matrix with multiple devices and most of them are caused by its encryption. If there was a magic wand that would add encryption to a system without changing anything else there would be no reason not to use it, but the reality is that E2EE does place limits on the overall functionality of the system.
  This is why Telegram and Discord are so popular. They are popular because they work well, and part of the reason they work well is not bothering with E2EE. For instance, when you join a group chat, the server can just send you the message history (if enabled) and there's no need to negotiate keys with every other participant. There no "joining...", there is no "message will appear shortly...", you just press the button and you're in.
  I've never seen an E2EE group chat that could remain stable with more than a few hundred participants. Even Matrix gives up and just makes it unencrypted at that point.
- tt242 hours ago
  This is not correct. People are happy to give up privacy in exchange for the convenience of being able to restore message history remotely, even if they lose their key.
- lxgr3 hours ago
  > I do not think any person would freely choose unencrypted messaging.
  Many people do, e.g. by switching from Whatsapp to Telegram.
  The market is working alright; people are (uninformedly) voting with their wallets (or rather, their personal data).
cdrnsf4 hours ago
Everything Meta has built is antithetical to privacy. I’m surprised this feature existed at all.
- roughly4 hours ago
  I’m curious if this was built off the work Moxie did with them back in the day, but as I recall Facebook Messenger had E2EE built off Signal’s technology a decade or so back, and the zeitgeist back then was at least a little bit less user hostile.
  - bsimpson3 hours ago
    I feel like Messenger was originally a new front-end for the send message feature of thefacebook.com's social network for college students. It was based on the PHP architecture where all the messages are in a database and you just render HTML to show them.
    That grew into the Messenger mobile app. They eventually added private messaging, but it was never popular/defaulted because users expected the chat moles on facebook.com to be able to show the same messages as the mobile app. If facebook.com can't read your messages, it can't show them there.
  - giancarlostoro3 hours ago
    That era of Facebook was the last shred of respect I had for them, but it was starting to die for me. Now I've noticed younger generations really don't seem to care about Facebook, and friends I grew up with who used to post on Facebook no longer do.
  - lxgr3 hours ago
    I feel like if e.g. Whatsapp were not end-to-end encrypted, it would have faced significantly more regulatory scrutiny in the EU and other places where it's effectively replaced phone calls and SMS.
- nickburns4 hours ago
  Probably figured they'd ride the wave of E2EE messaging while public popularity crested to draw some conversations (group chats?) onto the platform, just to inevitably rug pull later.
- jckahn4 hours ago
  I assume Meta has backdoor access.
  - nickburns4 hours ago
    Then why end the more insidious route rather than stay the course?
  - towers3 hours ago
    Then why end the feature? Would it not be better to maintain the facade and continue to benefit from it?
  - chabes4 hours ago
    This has always been my assumption as well.
- rapnie4 hours ago
  Given how few upvotes and comments this submission gets, no one here is surprised at the disappearance of the feature. I guess at 8 May there'll be a higher upvoted submission that better matches the relevance of Meta's move in HN submission history.
dmos624 hours ago
This might not be obvious to some, like it wasn't to me, but Instagram chat history is used for profiling. I noticed when I chatted with someone about something on Instagram, and instantly reels with the subject of our discussion started appearing in my feed.
- nickburns4 hours ago
  Failing to connect those dots is (unfortunately) what keeps many, many people from moving their otherwise private conversations to a more private channel. I think you're right that it bears mentioning.
  - lxgr3 hours ago
    Many people are absolutely convinced that their phones are listening to their in-person conversations already, yet seem ok with continuing to use them.
  - copper-float3 hours ago
    What's a sufficiently private/secure messaging platform? Signal comes to mind, but I'm open to alternatives.
    dmos623 hours ago
    A few people gave some input on this here: https://news.ycombinator.com/item?id=47945392
    Signal and Threema seem to be known for good UX and viability as everyday messengers.
    There was this table: https://www.messenger-matrix.de/messenger-matrix-en.html
    SoftTalker3 hours ago
    GPG-encrypted email.
    lxgr3 hours ago
    GPG doesn't support forward secrecy, which is table stakes for encrypted messaging these days. And that's to say nothing about the slightly suboptimal usabilty...
    SoftTalkeran hour ago
    True, but you're not trusting any corporation to do what they say they are doing, or not changing it out from under you. I guess you're trusting the Gnu people though.
    towers3 hours ago
    Hard to convince others that are less knowledgeable and/or involved to use this over a typical mode of communication like Signal.
Ifkaluva4 hours ago
What’s the endgame here?
- just better ad targeting? (lol if so)
- policing accounts for various possible infractions?
- training data for ML models?
- nickburns3 hours ago
  All of the above and anything else you can think of that can be tied back to 1.) profit; or 2.) the accumulation of clout with authorities (in that order).
emsign3 hours ago
Will the messages be used as training data now?
- nrmitchi3 hours ago
  Yes.
  - strictnein3 hours ago
    No, it won't. All the "news" about that at the end of last year was 100% nonsense, started by tech "influencers" who cited nothing and showed nothing.
    https://lifehacker.com/tech/meta-is-not-scraping-dms-to-trai...
    jtbaker3 hours ago
    what has meta ever done that would instill trust in you? From the very article you cited:
    > The best thing you can do to preserve your privacy and security with your Meta messages is to use end-to-end encryption (E2EE) whenever possible. WhatsApp has E2EE built-in, and Meta has automatically started rolling it out for Messenger, but you might need to manually start an E2EE chat for existing conversations in the app. The same goes for Instagram: Meta offers E2EE, but you need to enable it yourself. In either app, tap the name of the chat to check whether or not that conversation is currently E2EE.
    strictnein3 hours ago
    I didn't say that I trust Meta. My point was that saying they're doing it so they can read your messages just means that the people commenting don't know how E2EE works, or how it is still not a 100% secure way of communicating, just a more secure way of communicating. Once one of those ends is compromised, it's game over.
    I really don't understand what the point of the quote you're citing? Or how it goes against what I was saying?
    The best thing you can do would be to use E2EE. That would be the most secure thing. It won't, however, prevent the makers of your E2EE product from reading the messages once they're unencrypted, regardless of who makes it.