• SecureTaco@lemmy.asc6.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 month ago

    US based apps that’s are end-to-end encrypted where you control the private keys cannot physically share as they won’t have access. Even if it’s in their cloud.

    • jmcs@discuss.tchncs.de
      link
      fedilink
      arrow-up
      10
      ·
      edit-2
      1 month ago

      If the nice people at the FBI show up to your door with a warrant from a secret court set up by Trump show up to your office telling you either implement a backdoor in your app or everyone goes to jail forever, what do you do?

      • ReversalHatchery@beehaw.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 month ago

        the devs don’t even need to know about it. google has the app signing keys, they can make a change anytime they want. read my reply to their comment

    • ReversalHatchery@beehaw.org
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 month ago

      until they get forced to issue an update that steals your key.

      assuming you installed the app from google play.
      since for a few years now google holds the signing keys that are used for verifying that the app has not been tampered with, the app developer is not even needed for this. google can make the changes, sign the app with the key they already have, and push an update to your phone.