BACKGROUND:
Meta has announced plans to delay the global rollout of end-to-end encryption (E2EE) across its messaging applications to 2023. The company previously said it would have E2EE across all its products by 2022 at the earliest. Meta said it would be taking additional time to ensure the implementation across Facebook Messenger and Instagram is done correctly, protecting privacy while also mitigating the risk of online harms.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
E2EE is a technology that was designed to protect the content of a message from interception while in transit. It becomes a significantly more complex design if that communication involves multiple endpoints.
Typical consumer communication applications, however, do not encrypt between the “microphone” and the “network”, leaving a gap in the communication path for interception. For example, to provide transcription services, these applications also still leave E2EE communication
.....Read MoreE2EE is a technology that was designed to protect the content of a message from interception while in transit. It becomes a significantly more complex design if that communication involves multiple endpoints.
Typical consumer communication applications, however, do not encrypt between the “microphone” and the “network”, leaving a gap in the communication path for interception. For example, to provide transcription services, these applications also still leave E2EE communication vulnerable to unwanted interception.
With software vulnerabilities making devices open to exploit, it is important to ensure a device’s design is secured by default. The UK Government initiative known as Digital Security by Design (DSbD), delivered by UKRI, is working with the tech industry to block by design around 70% of these ongoing vulnerabilities from exploitation. Making technology inherently more secure would help close this gap in E2EE and prevent attackers from intercepting communications through software vulnerabilities.
Read LessLinkedin Message
@John Goodacre, Director of UKRI’s Digital Security and Professor of Computer Architectur, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/meta-delays-plans-to-rollout-end-to-end-encryption
Facebook Message
@John Goodacre, Director of UKRI’s Digital Security and Professor of Computer Architectur, provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/meta-delays-plans-to-rollout-end-to-end-encryption