Hacker News new | past | comments | ask | show | jobs | submit login

Wasn't this what got people into so much bother with Snapchat though?

There's no way to undelete sent data in practice (as you've no way of knowing if the counterparty backed it up / screenshotted it etc).

Sure you can enable deleting messages, but you can't guarantee they've been deleted - which is what I'm assuming puts developers off implementing the feature.




The point isn't to protect against malicious receivers -- as you say, there's really no way to do that -- but for cases where you trust the receiver but want to make it as difficult for a third-party to access the message as possible.


But the receiver having access to the message for eternity isn't the only issue to address. If a phone is subpoenaed and the messages of interest are no longer on the phone nor on a server, that's a powerful feature.


Even with proper end to end encryption and the deleted messages problem solved, an app like Signal is still relying on the rest of the OS for its security model. Keyboard input comes to mind as a potential weakness. Things like third party keyboard apps for example.


> Even with proper end to end encryption and the deleted messages problem solved, an app like Signal is still relying on the rest of the OS for its security model

Is there a circumstance where an app isn’t subject to the underlying OS security model?


Fair point... The real core issue might be a simple one. All current power structures have great fear over any kind of real end to end encryption and would never allow it to happen. So if there ever is a weakness, like the keyboard example, it will likely be exploited to the fullest extent.


I'm not saying there aren't many more points of weakness. I'm just saying there is value in data being proactively removed from places that the company has control of.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: