• jmcs@discuss.tchncs.de
    link
    fedilink
    arrow-up
    24
    ·
    2 months ago

    All US-based apps and all the apps that store their data in US-owned cloud providers at very least.

    • SecureTaco@lemmy.asc6.org
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 months ago

      US based apps that’s are end-to-end encrypted where you control the private keys cannot physically share as they won’t have access. Even if it’s in their cloud.

      • jmcs@discuss.tchncs.de
        link
        fedilink
        arrow-up
        14
        ·
        edit-2
        2 months ago

        If the nice people at the FBI show up to your door with a warrant from a secret court set up by Trump show up to your office telling you either implement a backdoor in your app or everyone goes to jail forever, what do you do?

      • ReversalHatchery@beehaw.org
        link
        fedilink
        English
        arrow-up
        8
        ·
        2 months ago

        until they get forced to issue an update that steals your key.

        assuming you installed the app from google play.
        since for a few years now google holds the signing keys that are used for verifying that the app has not been tampered with, the app developer is not even needed for this. google can make the changes, sign the app with the key they already have, and push an update to your phone.