• SuddenlyBlowGreen@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    edit-2
    1 year ago

    It’s E2EE from the sender to your Beeper server, where it’s decrypted, then re-encypted as a Matrix message.

    Then it’s not E2E encrypted.

    One end is your device, the other end is the other device. It’s only E2E encrypted if it is not decrypted until it reaches the other device.

      • Spedwell@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        1 year ago

        Sticking two E2EE tunnels together with a plaintext middleman doesn’t result in a single E2EE tunnel.

        The reason the distinction is important is because the security profile is vastly different—a compromised server leads to a compromised message—which isn’t true for actual E2EE services like a pure Matrix link.

        Side note: the first thing you should ask of a “end-to-end encrypted” product to you is “which ‘ends’ do you mean?” I’ve seen TLS advertised as E2EE before.

        • Spedwell@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          Adding: TLS is actually a pretty apt analogy here.

          You could make a chat server that just accepts plain text messages over a TLS link, and that’s basically the same security topology as with this Beeper bridge.

          But no one would call that a E2EE chat.