Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Note that the mud puddle test was originally described on Matt's very blog: https://blog.cryptographyengineering.com/2012/04/05/icloud-w... :)


And it only works because a corporation likely would want to offer this to its users as a convenient feature. If they were actively trying to hide this, they can rig the test and keep access to themselves.


It is true that passing the mud puddle test does not guarantee robust end-to-end encryption (there can still be backdoors reserved for company/law enforcement). But failing it definitely guarantees that there is no robust end-to-end encryption.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: