Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] "Securing Email Communications from Facebook" offering PGP support

Thomas Delrue thomas at epistulae.net
Mon Jun 1 15:21:54 PDT 2015


On 06/01/2015 06:09 PM, Parker Higgins wrote:
> On 06/01/2015 12:35 PM, Thomas Delrue wrote:
>> On 06/01/2015 01:46 PM, Steve Weis wrote:
>>> Hi Libtech. Facebook added support to put a PGP public key to your
>>> profile and optionally use it to encrypt email notifications that are
>>> sent to you:
>>> https://www.facebook.com/notes/protect-the-graph/securing-email-communications-from-facebook/1611941762379302
>> Forgive my ignorance but what is the point of this 'feature'?
>> Wouldn't FB (and thus anyone able to coerce FB as well) still have the
>> unencrypted data?
>>
>> Wooden leg, meet band-aid.
> 
> Facebook is offering end-to-end encryption. If you don't trust the other
> end of an end-to-end connection, this won't help that particular
> problem. But there are plenty of well-attested benefits of end-to-end
> encryption for all sorts of other threats.

I think this addresses my concern. Thank you Parker.
Can you point me to resources of the benefits to me if I do indeed find
myself in the situation of not trusting the other party.

The point I was trying to make (in a veiled way) was that FB should/can
indeed not be trusted and I am therefore questioning the usefulness of
this feature when it involves that site.

Sure, Google/Hotmail won't be able to scan your (now encrypted)
GMail/Hotmail inbox notifications from FB and understand the content of
them but to what purpose? Is FB just trying to prevent Google/Hotmail
from gathering your FB 'graph'?
On the other hand, for those communications where it matters that no-one
else can see them, against whom is this protecting me?

I think that I still stand by my claim that this is nothing more but
smoke and mirrors giving the illusion of 'secure' communications.






More information about the liberationtech mailing list