Thanks for linking that, I had not actually seen the update to it. Of course, if one of the parties in E2EE shares the message it doesn't constitute a 'break' in E2EE. However, what I think was important from the Ars article I linked was this statement:
>An "end-to-end" encrypted messaging platform could choose to, for example, perform automated AI-based content scanning of all messages on a device, then forward automatically flagged messages to the platform's cloud for further action. Ultimately, privacy-focused users must rely on policies and platform trust as heavily as they do on technological bullet points.
Which doesn't break E2EE technically, but it certainly breaks it in spirit. And yes, I understand that really any application could feasibly implement something like this, it's not in many peoples threat models, etc. However, if I had to bet on which company would implement such a feature, it would be FB.
It just felt sort of funny, seeing this only a few days after all of those articles were written. Of course there is no way FB weaved the whole system and documentation together in two days, but I can't help but roll my eyes slightly at the timing of their release.
Your concerns seem reasonable and well-grounded, it’s just odd to insinuate a conspiracy of how these articles were released. It probably was a reaction but it a perfectly reasonable thing to do. WhatsApp is committed to being transparent, and this is apart of it.
If you are highly principled about privacy or doing sketchy things yeah… don’t trust any software from for-profit companies.
>An "end-to-end" encrypted messaging platform could choose to, for example, perform automated AI-based content scanning of all messages on a device, then forward automatically flagged messages to the platform's cloud for further action. Ultimately, privacy-focused users must rely on policies and platform trust as heavily as they do on technological bullet points.
Which doesn't break E2EE technically, but it certainly breaks it in spirit. And yes, I understand that really any application could feasibly implement something like this, it's not in many peoples threat models, etc. However, if I had to bet on which company would implement such a feature, it would be FB.
It just felt sort of funny, seeing this only a few days after all of those articles were written. Of course there is no way FB weaved the whole system and documentation together in two days, but I can't help but roll my eyes slightly at the timing of their release.