May 8: the day Meta admitted it wants to read your DMs.
Meta is removing Instagram's end-to-end encryption because "very few people were opting in". A closer look at what Meta is actually doing, and why the story isn't about Instagram at all.
Long-form pieces on what's actually happening with encryption, peer-to-peer architecture, and the difference between privacy as a courtesy and privacy as architecture. If you share any of these on Reddit or HN, we'd be grateful.
Meta is removing Instagram's end-to-end encryption because "very few people were opting in". A closer look at what Meta is actually doing, and why the story isn't about Instagram at all.
Half of US states now mandate it, and the price is a government ID or a face scan. How a child-safety measure became adult surveillance.
Governments want lawful access to encrypted messaging. A backdoor for the good guys is a backdoor for everyone. The fight is over who holds the keys.
A backdoor order needs someone to serve it to. Why an operator-less peer-to-peer network has no one to compel, and what that does and doesn't protect.
When even Discord, a company that wants this to work, delays its own age checks after an ID breach, the model is telling you something.
A manifesto, more or less, for why the standard "I have nothing to hide" reply misses the point. Your family birthday plans, your best friend's worst week, your "I love you" before bed. These aren't content to be scanned, ranked, or routed to advertising. They're yours.
Signal's own team says the phone number requirement is their critics' top complaint. It's also the single most durable identifier most people hand over to a messaging company. Why we built OpenDescent without one, and how we solve the spam problem it normally solves.
"Peer-to-peer" is a phrase you'll see on almost every privacy product's marketing page. Most of them use it incorrectly. An explainer with diagrams of what P2P is, what federation is, what "end-to-end encrypted on a central server" is, and where each one fails.
Discord leaked 70,000 government IDs in 2025. Its verification partner Persona exposed another 2,500 files in 2026. This isn't about Discord's implementation. The moment any company is responsible for holding 100 million driver's licenses, that company becomes the most valuable target on the internet. And the breach is eventually inevitable.
No newsletter yet (they collect email addresses, and that feels wrong for us). Subscribe via RSS instead (the open web way) or watch the GitHub repo for notifications when new posts land.