Depends on your definition of "safe". Imagine an adult DMs a nude photo to a minor (or other kinds of predation).
If it's E2EE, no one except the sender and receiver know about this conversation. You want an MITM in this case to detect/block such things or at least keep record of what's going on for a subpoena.
I agree that every messaging platform in the world shouldn't be MITM'd, but every messaging platform doesn't need to be E2EE'd either.
The receiver has a proven and signed bundle, that they can upload to the abuse report. So the evidence has even stronger weight. They can already decrypt the message, they can still report it.
Yes, but this leaves the only way to identify this behavior as by reporting from a minor. I'm not saying I trust TikTok to only do good things with access to DMs, but I think it's a fair argument in this scenario to say that a platform has a better opportunity to protect minors if messages aren't encrypted.
I'm not saying no E2E messaging apps should exist, but maybe it doesn't need to for minors in social media apps. However, an alternative could be allowing the sharing of the encryption key with a parent so that there is the ability for someone to monitor messages.
> I think it's a fair argument in this scenario to say that a platform has a better opportunity to protect minors if messages aren't encrypted
Would it be a fair argument to say the police have a better opportunity to prevent crimes if they can enter your house without a warrant? People are paranoid about this sort of thing not because they think law enforcement is more effective when it is constrained. But how easily crimes can be prosecuted is only one dimension of safety.
> However, an alternative could be allowing the sharing of the encryption key with a parent
Right, but this is worlds apart from "sharing the encryption key with a private company", is it not?
> Would it be a fair argument to say the police have a better opportunity to prevent crimes if they can enter your house without a warrant?
This is a false equivalency. I don't have to use TikTok DMs if I want E2EE. I don't have a choice about laws that allow the police to violate my rights. I'm not claiming that all E2EE apps should be banned.
> Right, but this is worlds apart from "sharing the encryption key with a private company", is it not?
Exactly why I suggested that as a possible alternative.
I'm not making an equivalency. I'm just trying to get you to think how something that is at surface level true is not necessarily a "fair argument".
> I don't have to use TikTok DMs if I want E2EE.
I don't know why you think this is a convincing argument. It is currently illegal to tap people's phone lines, but when phones were invented it obviously was not illegal. It became illegal in part because people had a reasonable expectation of privacy when using the phone. They also have a reasonable expectation of privacy when using TikTok DMs - that's why people call them "private messages" so often!
> Exactly why I suggested that as a possible alternative.
My point is that you are offering these as alternatives when they are profoundly different proposals. It is like me saying I am pro forced sterilization and then offering as an alternative "we could just only allow it when people ask for it". That's a completely different thing! Having autonomy over your online life as a family rather than necessarily as an individual is totally ok. Surrendering that autonomy is not.
> Police cannot access your E2EE DMs with a warrant.
They can and do, regularly. What they can't do is prevent you from deleting your DMs if you know you're under investigation and likely to be caught. But refusing to give up encryption keys and supiciously empty chat histories with a valid warrant is very good evidence of a crime in itself.
They also can't prevent you from flushing drugs down the toilet, but somehow people are still convicted for drug-related crimes all the time. So - yes, obviously, the police could prosecute more crimes if we gave up this protection. That's how limitations on police power work.
It certainly can be - destruction of evidence is a crime. If they can prove you destroyed evidence, even if they can't prove that the destroyed evidence incriminates you, that's criminal behaviour. For instance if it's known by some other means you have a conversation history with person X, but not whether that conversation history is incriminating, and then when your phone is searched the conversation history is completely missing, that is strong evidence of a crime.
And they shouldn't be able to. Police accessing DMs is more like "listening to every conversation you ever had in your house (and outside)" than "entering your house".
>Police cannot access your E2EE DMs with a warrant.
Well the kind of can if they nab your cell phone or other device that has a valid access token.
I think it's kind of analogous to the police getting at one's safe. You might have removed the contents before they got there but that's your prerogative.
in public is the operative word (and surveillance cameras in public are extremely recent and very controversial, so not as strong an argument as you might be thinking)
> I'm not saying no E2E messaging apps should exist, but maybe it doesn't need to for minors in social media apps. However, an alternative could be allowing the sharing of the encryption key with a parent so that there is the ability for someone to monitor messages.
The problem with that idea, that you are implying E2E should require age verification. Everyone should have access to secure end to end encryption.
Are you suggesting all messaged photos should be scanned, and potentially viewed by humans, in case it depicts a nude minor? Because no matter how you do that, that would result in false positives, and either unfair auto-bans and erroneous reports to law enforcement (so no human views the images), or human employees viewing other adults' consensual nudes that were meant to be private. Or it would result in adult employees viewing nudes sent from one minor to another minor, which would also be a major breach of those minors' privacy.
There is a program whereby police can generate hashes based on CSAM images, and then those hashes can be automatically compared against the hashes of uploaded photos on websites, so as to identify known CSAM images without any investigator having to actually view the CSAM and further infringe on the victim's privacy. But that only works vs. already known images, and can be done automatically whenever an image is uploaded, prior to encryption. The encryption doesn't prevent it.
Point being, disallowing encryption sacrifices a lot, while potentially not even being that useful for catching child abusers in practice.
I'm sure some offenders could be caught this way, but it would also cause so many problems itself.
Keeping children safe and prosecuting are too different concepts, only vaguely related. So no, being able to track pdfs doesn't make children safer. What keeps them safe is teaching them safe communication habits and keeping them away from things like Tiktok.
We shouldn't make the world a worse place for every one because some parents can't take care of their children.
Not necessarily saying what they did was right, but I think there's a strong utilitarian argument to be made that what they did in that case was, in fact, the best way to keep children safe.
What's more dangerous? CSAM on the internet? Or actual child predators running loose?
That stuff spreads and re-spreads just like anything else people download off the internet. There's a pretty strong argument for shutting it down right away. IIRC most users were outside jurisdiction.
Even if one more person was prosecuted it was worth it. If you shut down an illegal website a new one will show up a month later, with the same people involved, and you achieved nothing.
In that case don't use Tiktok dm's to discuss your sexuality. I think it is strange that people feel like they have to be able to talk on sensitive topics over every interface they can get their hands on.
Similarly in "traditional" media you may not want to discuss such private conversation on a radio broadcast. Perhaps you would rather discuss it on the phone or over snail mail as there is more of an expectation of privacy on those medium.
Right, but it currently isn't a sensitive topic - homosexuality is, as of 2026, broadly legal in the United States. That's a relatively new state of affairs, historically speaking, and one which Afghanistan shared as recently as 2021.
I'm commenting in the context of the conversation, not in a vacuum. You could just as (in fact, much more) easily say that children shouldn't be on apps with private messaging enabled. That would help a lot more, and then we could keep e2ee.
I don't think you confused anything, except for the terminology the platform uses. There is an obvious expectation of privacy when sending direct messages!
Hasn't been true ANYTIME IN HISTORY. Hell it was well understood even by children that no conversation you had on the telephone was truly private. That's why cyphers were invented.
What are you talking about? It is illegal to tap people's phone lines or to interfere with mail. Are you saying people don't have a reasonable expectation of privacy even when it's illegal to be spied on?
'Illegal' doesn't really mean anything in this, or any other, day and age when you are talking about the very rich, the very powerful, or the state.
The good thing about e2ee is that it probably makes the list of those with the ability to decrypt things encrypted e2e somewhat smaller. Fact is hacking can get to those keys. (i.e. state actor zero-click exploits your phone they are going to be able to get your private key and the messages in memory)
This is akin to someone in 1861 saying US cotton plantations, and by extension the entire Southern economy, aren't viable without slavery, so let's allow slavery to run.
Western liberal civilization has theta decay without occasional violent intervention.
Imagine if we didn't go all-out against communism.
The West didn't go all out at all against communism. Europe barely spent anything, and the US spent pennies on the dollar. The communists were bankrupt trying to keep up with the collective West spending loose change on military and intrigue.
By the way, I am not saying we should exploit people, I am just saying majority of people don't care about what they are not seeing face to face or feeling face to face, majority people care about direct impact on their pockets and lifestyle.
Obviously we look at world differently, but I was under impression that slavery wasn't abolished, it just got different form with slightly more rights.
Late-Capitalism as slave owners, workers as slaves, because their health insurance tied to their work, they can be punished without notice (at will employment), wealth gap is 50-2000x between Lord in feudalism (CEO / rich / ultrarich) and slaves. Lord can rape (Epstein class), avoid taxes, bribe each other, the moment slave does the same, goes to jail for 10 years
No offense intended, but that is an ignorant take. The law of the land in the U.S. was that one human could literally own another human being (with all the implications of property ownership, including disposing of it and abusing it at your leisure). How such a despicable mindset took hold and was allowed to go on for so long, is beyond modern comprehension.
You mentioned many other injustices but none of those are "slavery but just different with slightly more rights."
you are just describing the shades of grey, even if one looks brighter, doesn't change the fact that it is still grey, I think your take is too simplistic.
Human nature didn't change, it is still power hungry, small percentage of narcissistic people want to control the masses and exploit, give them a chance (I mean to current capitalists), you will become a slave.
Look at the Elon and what he did to X employees, some were sleeping in the office "proudly", who still got laid off anyways, look at the Bezos, who fought against forming unions. So you think those people are different then slave owners? deep inside they are same, power and capital hungry, ready to do anything to get more powerful (see any big tech corporate, blood bath of politics at the top to fight for staffing and stack ranking to show "impact")
> So you think those people are different then slave owners?
You said "slavery wasn't abolished." Now you're comparing X and Amazon employees to the experience of American slaves. Those aren't shades of grey, they're not even in the same color space.
It's because the software EM function in tech companies doesn't have parallels to managers in other professions.
The technical decisions are made by the high-level SWEs. The product decision and customer-facing work is done by the PMs. The EM role only exists to hire, evaluate, promote, and fire SWEs. It's very light on the "engineering" and very heavy on the "manager". It's almost an HR-type role.
In my career, all my EMs who weren't recently internally promoted couldn't read the programming language that their team writes in. Some of them have good system design skills but they eventually atrophy from disuse. It's very much a role where you hang up the cleats.
The root cause is that other professions didn't bifurcate technical leadership and people management into separate streams. The partner lawyer or civil EM is the seniormost technical person on the team. Often the software EM is the least technical person on the team.
BTW there are countries (like China) that don't follow this model. Meaning, the only way to get promoted above a mid-level SWE is to become an EM. There is no parallel IC track, i.e. no "senior staff", "principal" or "distinguished" engineers. Just young ICs and older EMs.
The question really is why does American tech organise itself this way, a completely different way to other professions?
> The EM role only exists to hire, evaluate, promote, and fire SWEs
I can see why some people would find that unfulfilling. I work in one of those other professions and if I did just the hr bit I would be bored out of my mind! Do SWEs value the input of their EM? Does it really add value, or a bunch of busy work?
>why does American tech organise itself this way, a completely different way to other professions?
The massive shortage of software engineer talent over many decades has created a situation where any work that a SWE doesn't like to do is carved out into its own role so that the SWE's job description stays fun and attractive.
DE, DS, BI, SDET, SRE, QA, FDE, SE and to some extent even PM are all roles that emerged from the boring stuff that SWEs don't like doing.
>Do SWEs value the input of their EM? Does it really add value, or a bunch of busy work?
Depends on the EM. Usually though, no. Usually EMs earn the respect of their reports by doing the people side of things really well, not by having extraordinary technical inputs.
In my opinion oatmeal is better as a spicy-savory rather than a sweet dish. You could add black pepper and a bit of salt to it and maybe a hot sauce for even more flavor. Montreal steak spice also works well.
Could take it to the next level with green peas, diced carrots and other things.
In fact once you go savory, you'll never go back. Sweet oatmeal grosses me out.
Like the chip-software in Gibson’s sprawl, from the micro-soft to the ROM cowboy to the Aleph, the endgame of computertool distribution is via single-use chunks of quasi-biological computronium
This would be a hell of a hot power bank. It uses about as much power as my oven. So probably more like inside a huge cooling device outside the house. Or integrated into the heating system of the house.
I haven't seen one, but I also don't tend to use it for anything other than a power supply, so I wouldn't know. Since the standard supports it, though, it's just a matter of the market needing a device like that.
The only product they've announced at the moment [0] is a PCI-e card. It's more like a small power bank than a big thumb drive.
But sure, the next generation could be much smaller. It doesn't require battery cells, (much) heat management, or ruggedization, all of which put hard limits on how much you can miniaturise power banks.
I wouldn't call that size a small power bank. That chip is in the same ballpark as gaming GPUs, and based on the VRMs in the picture it probably draws about as much power.
But as you said, the next generations are very likely to shrink (especially with them saying they want to do top of the line models in 2 generations), and with architecture improvements it could probably get much smaller.
Top of the line models will need more weights and more transistors, so the shrinking factors will be competing with growing factors, I'd expect them to keep maxing out the ASIC sizes to whatever is economically feasible.
Well it's less mental load. It's like Tesla's FSD. Am I a better driver than the FSD? For sure. But is it nice to just sit back and let it drive for a bit even if it's suboptimal and gets me there 10% slower, and maybe slightly pisses off the guy behind me? Yes, nice enough to shell out $99/mo. Code implementation takes a toll on you in the same way that driving does.
I think the method in TFA is overall less stressful for the dev. And you can always fix it up manually in the end; AI coding vs manual coding is not either-or.
If it's E2EE, no one except the sender and receiver know about this conversation. You want an MITM in this case to detect/block such things or at least keep record of what's going on for a subpoena.
I agree that every messaging platform in the world shouldn't be MITM'd, but every messaging platform doesn't need to be E2EE'd either.
reply