I recommend watching Chris Dumas' videos from defcon, he demonstrates that hardware backdoors do exist and that it is possible to find them, although it is a lot of work.
On the other hand I think the groups that have access to the hardware backdoors are very small and distinct from that of the typical OS backdoor.
Hardware backdoors are extremely expensive as compared to software backdoors. The only instance I know of a major hardware backdoor is the Intel Management Engine
Though AMD is supposed to have one as well.
Idk about phones though. Would like to learn more.
in end to end encryption both sides exchange public keys to encrypt message for the other. Their private keys are used to decrypt them...
If you don't have 100% control of the infrastructure you don't know if the app is ONLY SENDING THE PUBLIC KEY, its trivial to send BOTH public and private and strip off the private key on the server... then they can read everything.
The only real encryption is not to say it over or around electronics.
Checkout SimpleX when you have a chance, it's new within last couple years. Coded in Haskell Functional Programming Language. Gives no identifiers. Code is open source as well. It hasn't gotten any press yet from what I've seen.
Its readable at the end points, if you use the official apps or programs you are visible.
If your device is compromised encryption is irrelevant they have access to the keys or could read the data after it is decrypted.
Use a custom OS like Grapheme OS.
If your device is compromised, ROM is irrelevant.
The hardware isn't compromised, the software is.
Android and Apples iOS are shitstain spyware.
I recommend watching Chris Dumas' videos from defcon, he demonstrates that hardware backdoors do exist and that it is possible to find them, although it is a lot of work.
On the other hand I think the groups that have access to the hardware backdoors are very small and distinct from that of the typical OS backdoor.
Hardware backdoors are extremely expensive as compared to software backdoors. The only instance I know of a major hardware backdoor is the Intel Management Engine
Though AMD is supposed to have one as well.
Idk about phones though. Would like to learn more.
Is it this video?
https://www.youtube.com/watch?v=jmTwlEh8L7g
All modern hardware is completely compromised at the chip level - the OS/Software isn't even aware and are irrelevant.
in end to end encryption both sides exchange public keys to encrypt message for the other. Their private keys are used to decrypt them...
If you don't have 100% control of the infrastructure you don't know if the app is ONLY SENDING THE PUBLIC KEY, its trivial to send BOTH public and private and strip off the private key on the server... then they can read everything.
The only real encryption is not to say it over or around electronics.
One time pad, it’s the only unbreakable cipher IF the rules are followed.
Session or SimpleX is the way to go. No identifiers with SimpleX.
Signal phone number is still an identifier and when you texted someone can be read by a 3rd party but the text inside is still encrypted.
Upvote for Session.
Checkout SimpleX when you have a chance, it's new within last couple years. Coded in Haskell Functional Programming Language. Gives no identifiers. Code is open source as well. It hasn't gotten any press yet from what I've seen.
Thank you.