Pinterest Stumbleupon Whatsapp
Ads by Google

WhatsApp, one of the most popular alternatives to text-messaging in the world, recently announced that they would be enabling end-to-end encryption in their service (this follows their previous announcement that they’d be partnering with Open Whisper Systems WhatsApp Encryption: It's Now the Most Secure Instant Messenger (Or is it?) WhatsApp Encryption: It's Now the Most Secure Instant Messenger (Or is it?) Since being acquired by Facebook, WhatsApp has been forced to clean up its approach to security and privacy, which resulted in the news last year that it has introduced new encryption measures. Read More to improve the security of the app).

The timing of this announcement is especially notable, as the battle between Apple and the FBI Apple Refuses to Help the FBI, Popcorn Time Returns... [Tech News Digest] Apple Refuses to Help the FBI, Popcorn Time Returns... [Tech News Digest] Apple stands up for personal privacy, the original Popcorn Time gets resurrected, Kanye West learns the price of piracy, Sega gives games away on Steam, and play Pong on your Apple Watch. Read More over passwords and encryption is still ongoing. But what does this mean for you? Here’s what you need to know about WhatsApp encryption.

What, Exactly, Is End-to-End Encryption?

To make sure you understand why this is a big deal, I’ll quickly go through the basics of the technology behind the change. First, let’s take a look at text messaging, a totally unencrypted service. You type out the message on your phone and hit send. That message, character-for-character, is sent to your cell phone provider, where it’s stored on a server. It’s then sent from that server to the recipient’s phone. At every point in the transmission, it’s plain text, which means anyone could read it.

iphone-texting

Obviously this isn’t secure. So some apps offer a bit more security. Facebook’s messaging app, for example, encrypts your messages through part of their journey (read up on the basics of encryption How Does Encryption Work, and Is It Really Safe? How Does Encryption Work, and Is It Really Safe? Read More if you need a primer). You type it on your phone, and hit send; the message is encrypted, so no one can read it, and then it gets to Facebook. It’s decrypted, and stored on their server.

It’s then re-encrypted and sent to your recipient, where it’s decrypted again. Even with this partial-path encryption, your messages are stored in plain text on Facebook’s server, and they have the keys to the encryption used. They can see your messages, and if they’re compelled to hand them over to the government or they get hacked, someone else will have those keys, too (unless you’re using an Off-The-Record chat client How To Go Off-The-Record With Your Facebook Chats How To Go Off-The-Record With Your Facebook Chats Facebook chats are a great way to communicate with a major drawback: Facebook keeps a record of everything. Unless you delete chats manually, they will remain on Facebook for years to come. Read More ).

Ads by Google

Now we get to end-to-end encryption, like the kind used by WhatsApp. In this method of securing your communications, the key to the encryption is known only by the sender and the recipient, and your message isn’t decrypted when it’s stored on the company server. It sits there, fully encrypted, and totally inaccessible to WhatsApp (or whoever else might get access to that server).

lock-encrypted-data

Obviously, this is the most secure way to send messages. Not even the company that provides the service can snoop on your messages. Which means if the government gets a secret warrant for their servers, they can’t either. If they get a hold of your phone, it might be another story, but that seems quite a bit less likely.

Why Is WhatsApp’s Timing So Important?

WhatsApp announced that they’d be rolling out end-to-end encryption on 5 April, 2016, just under two months after a federal judge ordered Apple to help the FBI get into the iPhone belonging to Syed Farook, one of the people responsible for the previous December’s terrorist attack on San Bernadino, California.

Apple and the FBI went back and forth over the privacy and security implications FBI Backdoors Won't Help Anybody - Not Even the FBI FBI Backdoors Won't Help Anybody - Not Even the FBI The FBI wants to force technology companies to enable security services to snoop on instant messaging. But such security backdoors don't actually exist, and if they did, would you trust your government with them? Read More of allowing authorities access to a locked iPhone, and the battle still continues, with a number of related court cases being heard. To put it succinctly, there hasn’t really been any resolution. The FBI hired someone else to get into the iPhone, Apple is still holding strong, and big names around the world have started to take sides.

apple-customer-letter

The fact that WhatsApp announced the encryption of their service during this monumental battle is a really big deal. This situation is clearly going to set a precedent for relations between law enforcement and the tech sector in the future, and WhatsApp — and, therefore, Facebook — is coming down on Apple’s side in a big way.

As one of the largest messaging services in the world, WhatsApp is painting a pretty big target on its back for the US government. At the same time, it’s gained a lot of points with privacy advocates and earned more trust as a secure messaging app from its users and potential users.

Will There Be Consequences?

Some countries, generally the more repressive ones, have already banned the use of encryption, and the status of encrypted messaging apps in others is under question. Both France and the UK have made worrying remarks Why Snapchat & iMessage Could Really Be Banned In The UK Why Snapchat & iMessage Could Really Be Banned In The UK Speaking to a room full of party activists in Nottingham, Prime Minister David Cameron declared that encryption for messaging would be banned should his party gain a majority at the next General Election. Read More about their intentions to potentially outlaw encrypted services.

But because this functionality was rolled out so recently, we don’t really know if any countries out there will try to ban the app or take legal action against WhatsApp. It seems fairly likely that the US will, at some point, try to compel WhatsApp to create a backdoor encryption key that will let it spy on encrypted communications through the app (it’s also possible that they’ve already made this demand).

We can’t know how WhatsApp would respond to this sort of demand, but Mark Zuckerberg’s statements supporting Apple certainly imply that he would want to take a stand against similar action taken by the government.

Changes for WhatsApp Users

So WhatsApp is taking a stand, but what does that mean for you? For the most part, absolutely nothing. All of the encryption takes place behind the scenes, and your messages will be sent in exactly the same way they used to.

Now, though, when you tap on the name of the person that you’re sending messages to, you can tap Encryption to get a QR code and a long number that you can compare to the code or number on your recipient’s phone to make sure that your messages are encrypted. It’s probably not something you’re going to do on a regular basis, but it’s nice to know that you could check.

whatsapp-encryption-info

Beyond that, your WhatsApp experience will be exactly the same as it was before!

Shots Fired?

Could this be opening salvo in another battle between the US authorities and an American company? It’s a little early to say, but it certainly looks like that could be the case. How the FBI, NSA, and WhatsApp proceed from here will certainly be interesting, and when something big happens, we’ll be sure to let you know!

What do you think about WhatsApp’s deployment of end-to-end encryption? Are you less worried about Facebook spying on your chats? Do you think it will become a target of the US authorities, or that it might be banned elsewhere in the world? Share your thoughts below!

Image credits: SFIO CRACHO via Shutterstock.com, kentoh via Shutterstock.com.

  1. O'cherry
    June 8, 2016 at 1:33 pm

    But if I understood Prof Mo correctly, I think he meant WhatsApp (the company ) can still view your messages once decrypted by the recipient. And to be sure, I'd like to know if that really is the case or are all third parties declined access to messages sent eye encrypted.

    • Dann Albright
      June 13, 2016 at 7:46 pm

      Yeah, I'm not totally sure. If the company can see the messages on your device, that means they would have to be send, unencrypted, back to the company at some point. Which would mean that their claim of end-to-end encryption wouldn't really be true. Right? I have to imagine that's not the case; it seems like it's too big of a risk if you're trying to bank on the privacy thing.

  2. Prof Mo
    April 30, 2016 at 12:21 am

    End-to-End encryption isn't as safe as it sounds. The message gets decrypted within What's App. This means after it arrives at its destination, What's App can still read the data. You can only be certain What's App didn't see your data if decrypt it outside of the Whats App client.

    • Dann Albright
      May 3, 2016 at 1:35 pm

      It depends on who you're trying to keep your data away from. If you're worried about government surveillance, then e2ee is really good. It's not going to be quite as effective against corporate surveillance from the provider of the app, but I would think that rigging up a system to decrypt it outside of the app would be a pretty big hassle. As far as I know, there isn't any solid indication that WhatsApp is monitoring the decrypted messages, but it's a possibility, I suppose.

    • Rich
      May 16, 2016 at 1:30 pm

      This is an interesting topic. The article above stated that the message only gets decrypted by the recipient, not even WhatsApp can see it. At what point is the message decrypted for WhatsApp to see it? When can WhatsApp read the data?

      • Dann Albright
        May 16, 2016 at 8:51 pm

        I think I understand your question; when I said that WhatsApp can't see it, I meant the company, not the app. The app on your phone (or your recipient's phone) does the decrypting so the message can be displayed in the app. It decrypts the message when it's received from the sender.

Leave a Reply

Your email address will not be published. Required fields are marked *