Hacker News new | past | comments | ask | show | jobs | submit login

Why would you trust the hash function if you don't trust the rest of the platform?



This assumes you trust eg Apple (to a certain degree, eg to have their hardware provide legitimate hashes, but eg not to just run a messaging services), but you want to avoid also having to trust Meta.

More generically: you might trust that a company can do the Right Thing now (or at most points in time), but you avoid having to trust that they always do the right thing at all points in time.

See how Apple famously could refuse to give law enforcement access to people's phones, because Apple deliberately designed their systems in such a way to remove that ability from their future selves.

Similarly, a company that doesn't keep any logs, can't be forced in the future to divulge those logs.

They can be forced to start keeping logs, and then be forced to divulge those. But doesn't work retro-actively and is still one extra hoop for the forcing party to jump through. And perhaps you can even set up matters such that adding this vulnerability can't easily be done in private.


Ah, yes, I was mixing up iMessage and Messenger here (too much messaging encryption news these days!) – for the case of trusting your OS and hardware vendor, but not a third-party messenger's vendor, reproducible builds would indeed be advantageous.

It's a real shame the app store does not allow for reproducible builds.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: