End to End Encryption protects the messages *between the ends". If an “end” is compromised the best E2EE technology isn’t going to protect confidentiality.
Just ask Pete Hegseth, who invited a journalist into an E2EE signal chat. The journalist was an authorized “end” and could therefore read the conversation.
This change is about employers who already have full access to the “end” of the Android phone itself when that phone is in an enterprise managed state. Perfect encryption between that phone and other parties doesn’t change anything because the employer has full access to the phone itself.
On a company device the owner (the company) is the end, and you’re just given the task of operating it.
It varies between jurisdictions, but in general, you better believe they have every right to investigate any suspicions regarding how company assets (work devices) are used and whether their agents may appear unprofessional when using official company communication channels (literally your work phone number, which is used in RCS messages).
In plenty of places there’s still privacy rights for employees, but their main purpose is generally preventing overbearing surveillance and protecting your personal data contents in personal communication channels (like if you’re using personal webmail on a work device).
The sending and receiving ends are the devices, not the humans. If you don’t want the device to see it, you’ll need to do the encryption and decryption in your head.
By not storing decrypted message on device? You can also block screenshots if you have a reasonable suspicious your screen can be used to capture the text shown on the device.
Apps using Flag_Secure and Secure_display can block screencapture. While user apps stay below MDM apps in privilege. The MDN app themselves reside below the android system.
Do you have a source of MDM apps bypassing secure display and having the ability to capture the display?
Google maintains both the Pixel device management and Google Messages. Do you really think they would have locked their own MDM out of their own messaging app?
Messaging apps often implement various APIs for better Android integration. But even if they don’t, any management service can implement certain APIs, like the accessibility API, that gives them access to everything each app is doing. In that case, it can’t necessarily read the messages as data, but it can record your screen as image or video.
An E2E Encrypted message should not be readable by anyone but the recipient and the sender.
If it can be read and shared without your explicit consent and approval with anyone even your employer. It’s no better than regular TLS encryption.
End to End Encryption protects the messages *between the ends". If an “end” is compromised the best E2EE technology isn’t going to protect confidentiality.
Just ask Pete Hegseth, who invited a journalist into an E2EE signal chat. The journalist was an authorized “end” and could therefore read the conversation.
This change is about employers who already have full access to the “end” of the Android phone itself when that phone is in an enterprise managed state. Perfect encryption between that phone and other parties doesn’t change anything because the employer has full access to the phone itself.
On a company device the owner (the company) is the end, and you’re just given the task of operating it.
It varies between jurisdictions, but in general, you better believe they have every right to investigate any suspicions regarding how company assets (work devices) are used and whether their agents may appear unprofessional when using official company communication channels (literally your work phone number, which is used in RCS messages).
In plenty of places there’s still privacy rights for employees, but their main purpose is generally preventing overbearing surveillance and protecting your personal data contents in personal communication channels (like if you’re using personal webmail on a work device).
No end to end the device is the end that is where the encryption ends.
The sending and receiving ends are the devices, not the humans. If you don’t want the device to see it, you’ll need to do the encryption and decryption in your head.
Not sure if you are intentionally being obtuse. But, this is not a hard problem. It has already been solved.
We have Signal, OMEMO in XMPP which already do that. You don’t need to do any encryption in your head…
And how do those apps prevent device management from accessing the messages when they’re decrypted?
By not storing decrypted message on device? You can also block screenshots if you have a reasonable suspicious your screen can be used to capture the text shown on the device.
The apps run at less privileges than device management apps. They can’t do any of that
Apps using Flag_Secure and Secure_display can block screencapture. While user apps stay below MDM apps in privilege. The MDN app themselves reside below the android system.
Do you have a source of MDM apps bypassing secure display and having the ability to capture the display?
My dude.
Google maintains both the Pixel device management and Google Messages. Do you really think they would have locked their own MDM out of their own messaging app?
I was talking about signal. Did you miss that?
If the app has decrypted messages, device management can see them.
How? The decrypted messages would have to be stored in plan text to be read. Unless, it can be read from RAM…
If you can read it, they can read it. They have root on the company device.
If it’s rooted sure. But, regular work profile phones with MDM software are not.
Messaging apps often implement various APIs for better Android integration. But even if they don’t, any management service can implement certain APIs, like the accessibility API, that gives them access to everything each app is doing. In that case, it can’t necessarily read the messages as data, but it can record your screen as image or video.
True, but Accessibility API cannot bypass secure display, and secure flag I had replied that in another comment so I did not mention that here.
Exact same problem it is unencrypted on the device. You know you have to be able to read the message.
It is stored encrypted last I checked the signal website…