this post was submitted on 09 Jul 2023
962 points (96.2% liked)

Technology

59092 readers
6622 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

cross-posted from: https://lemmy.ml/post/1874605

A 17-year-old from Nebraska and her mother are facing criminal charges including performing an illegal abortion and concealing a dead body after police obtained the pair’s private chat history from Facebook, court documents published by Motherboard show.

you are viewing a single comment's thread
view the rest of the comments
[–] FlyingSquid@lemmy.world 61 points 1 year ago (3 children)

For all of those saying Facebook was just complying with the law- there is absolutely no reason for Facebook to have access to its users' private information. The company I work for can't do anything with a customer's account unless they give us the password. We can't see anything they have saved there. All of the private stuff they have is private and even if a court ordered us to show it to them, we literally couldn't comply.

We're a small company and we can do it. A company the size of Meta can certainly do it.

[–] RagingRobot@lemmy.world 7 points 1 year ago (2 children)

Can't you just look at the data in. The database though? No need to login as the user. Surely not every field is hashed

[–] fishpen0@lemmy.world 17 points 1 year ago* (last edited 1 year ago)

Hashing is not reversible so obviously it is not hashed. You hash data you want to compare later to see if it is still the same. For example you may hash user passwords you store in your database. So you don’t know the actual password, but can confirm later that the same password is still being used. You know or can infer someone is storing your passwords in plaintext when they have a maximum length as that indicates they are not correctly hashing.

It is however possible and even easy in many databases to do row or document level encryption. Many privacy first applications do client side keys and encryption so the database does in fact have no plain text in it.

[–] FlyingSquid@lemmy.world 4 points 1 year ago (2 children)

That's a good point and I don't know the answer to that (my guess is encryption is involved), but as other people have pointed out, Facebook has an alternate encrypted messaging service, WhatsApp, so Facebook is clearly capable of not being able to access its users' messages.

[–] essteeyou@lemmy.world 5 points 1 year ago* (last edited 1 year ago)

Yeah, based on Signal's protocol. Signal is the only messaging app I use.

[–] astral_avocado@lemmynsfw.com 1 points 1 year ago

Wasn't there strong evidence Facebook has a built-in backdoor to their encryption?

[–] afraid_of_zombies@lemmy.world -1 points 1 year ago (1 children)

You are the product. Are you paying money for the service? No? Zero expectation of privacy.

[–] A_Very_Big_Fan@lemm.ee 3 points 1 year ago (2 children)

We enable them to make profit via ads and data harvesting. Private texts/DMs do not need to be involved in that.

[–] afraid_of_zombies@lemmy.world 1 points 1 year ago

Don't use them. I haven't had an account for over a decade.

[–] kava@lemmy.world 0 points 1 year ago

To be fair, I'd imagine there's a wealth of data to plug into their AI models from private chats.

I'd imagine it's hard for them to resist the temptation

[–] Skyrmir@lemmy.world -2 points 1 year ago (3 children)

You can do it because you're a small company. Get enough attention, and the FBI will force you to decrypt on demand. They've done it before and the supreme court backed them up. Do it over seas and expect your US traffic to get blocked, if they don't raid your offices.

[–] EricHill78@lemmy.world 13 points 1 year ago (1 children)

That is untrue. The FBI tried to get Apple to decrypt a shooter's iPhone in Florida a few years back and they wouldn't budge.

[–] KairuByte@lemmy.world 3 points 1 year ago (1 children)

This isn’t quite right…

Apple didn’t have the means to decrypt the information, but it was within their ability to do (by writing code to do so.)

But asking a company for the unencrypted data, and forcing a company to produce a new application, are completely different things.

[–] False@lemmy.world 1 points 1 year ago

Apple didn’t have the means to decrypt the information, but it was within their ability to do (by writing code to do so.)

Happen to have a source for that? That's nigh impossible for most encryption

[–] ikidd@lemmy.world 8 points 1 year ago

E2EE is what prevents this, which is why the TLAs hate it and legislators are trying to prohibit it.

[–] ABCDE@lemmy.world 6 points 1 year ago (2 children)

WhatsApp, Signal and Telegram don't have that issue.

[–] ModdedPhones@lemmy.ml 22 points 1 year ago* (last edited 1 year ago)

Signal yes, WhatsApp yes but not the meta data, telegram only if explicitly set to encrypted otherwise no.

[–] Skyrmir@lemmy.world 1 points 1 year ago

Because they have a back door due to cloud storage.