Comment on My Honest Opinion
JustEnoughDucks@feddit.nl 3 days agoAnd being adobe, they will put a nice little backdoor in it for them to change the credentials so that they can take artists’ work and use it, train their AI with it, and sell it like they have been doing for years.
fmstrat@lemmy.nowsci.com 2 days ago
You can’t change the credentials if the user owns the private key. But nothing stops AI training, that’s part of the terms of service of some of their products, which operate outside the realm of this more open initiative.
JustEnoughDucks@feddit.nl 2 days ago
Spoken like a real Adobe rep lol.
It’s called a backdoor for a reason. Also since adobe software nowadays has almost full access to your machine, what is to stop adobe from simply uploading and storing your private key on their servers and using it when they like? They run their DRM client with a ton of rights to your computer on boot.
WhatsApp can do exactly the same thing and read every message you write and still claim it is “end to end encrypted” for example because key creation is through a process in their proprietary software.
fmstrat@lemmy.nowsci.com 1 day ago
Not sure why you’d say that, its just a factual statement. Also, I don’t even use Adobe products, and transitioned to GIMP and Shotcut many, many years ago. I work in privacy and data security, so I just happen to be involved with this initiative from the sidelines.
As for your conmetary, you could say the same thing about Signal. But you wouldn’t, because you like them. Just because you don’t like a company doesn’t mean they are being nefarious.
Would I rather a privacy-focused company be doing this? Yes.
Am I pleased with what I see from Adobe (a weekly working group full of identity and open source community members)? Yes.
Does Adobe have a good chance of making this mainstream because of their ecosystem? Also yes.
When you see something better, let me know and I’ll participate there too, vs complaining about those trying.
JustEnoughDucks@feddit.nl 1 day ago
community.signalusers.org/t/…/13243
Here is an entire list of years and years of independent audits
github.com/signalapp
Here, go look yourself to verify that the frontend isn’t sending your encryption key back to the server.
www.adobe.com/trust/security.html
Please tell me where I can find the source code of Adobe’s creative cloud and their audits to verify that they aren’t sending my private keys back.
You are comparing an audited, open source program with closed down proprietary system that says “trust me bro, we work with ‘security partners’, no we won’t release the audits”.
Interesting comparison. It’s like comparing a local farming co-op to the agro-industrial complex of Monsanto/beyer and saying “you could say the same about either! Monsanto is at least innovating in the seed space, no no no, ignore how they use it!!”