December 7, 2022

What should we do about encrypted messaging apps?


When WhatsApp, Instagram, and Facebook – along with Messenger – all broke down in October, it became evident just how entrenched messaging apps have become in people’s everyday lives.

Many immediately took to Twitter (where else?) To express their frustration at not being able to contact friends and family as usual. Others have cited how essential these channels are for those in countries where freedom of expression is compromised or where communication infrastructure is lacking.

At the end of last year, in a profit call, Facebook founder Mark Zuckerberg revealed how WhatsApp now delivers more than 100 billion messages a day across the world, clearly demonstrating how the platforms Free forms of messaging have left texting and the simple phone call hanging in their wake.

However, this most recent outage has also been used by others to highlight the belief that some messaging routes might be more private and secure than others. Privacy Advocate Edward Snowden, for example, suggested on Twitter that it was a “reminder that you and your friends should probably use a more private, non-profit alternative.”

Snowdon cited Signal as an example. Describing the eponymous app on its website, Signal says, “We can’t read your messages or listen to your calls, and neither can anyone else. Privacy is not an optional mode, it’s just the way Signal works. Competitor Telegram is growing in popularity for similar reasons.

Andrew Whaley, senior technical director at Norwegian application security company Promon, suggests that the growth over time in the use of encrypted messaging apps has been determined by the richer functionality and privacy they offer consumers. and to the company’s teams.

Apps like WhatsApp, Signal, and Telegram all offer end-to-end encryption, which for many people who want privacy is a big bonus, ”he says. “In some cases it could be advertiser confidentiality, while in others it could be state confidentiality. In any case, a simple text or email is usually the least secure option.

From regulation to whistleblowing

The shift to using end-to-end encrypted messaging applications has sparked a wide range of controversies and highlighted a range of benefits.

In some quarters, they are seen as having a negative impact on society, with governments around the world regularly raising the idea of ​​regulation. More often than not, states say there is a dangerous lack of oversight over the private conversations that take place; the security services have long expressed concerns about those who may promote hate speech or plan terrorist attacks through these channels.

Such apps have also recently made headlines amid allegations they were used to disseminate COVID-19 vaccine content or, in the case of the German election, conspiracy theories.

Contrary to the argument, the strict confidentiality of these apps has been touted as a way for whistleblowers and journalists to communicate securely, ensuring that important stories and scandals are uncovered. In countries where democracy is hampered, they also provide a channel for private and unsupervised discussions.

Others believe that encryption is also a must-have tool to prevent businesses from mining data from unencrypted messaging platforms, which is often then used or sold to influence advertising.

Associated resource

Build mobile and web apps faster

Three proven tips to speed up modern app development

Free download

Robin Wilton, director of Internet trust at the global nonprofit Internet Society, says: Aware of end-to-end encryption and its benefits.

“In addition, these applications are often free and are as easy to use as texting, while providing enhanced privacy. Therefore, not only do users feel more secure, but they also don’t have to deal with the inconvenience of having to configure encryption in their apps.

Building the future of encrypted messaging

However, not everyone feels so positive about these kinds of services. For Andersen Cheng, CEO of Post-Quantum, a British crypto firm, the risks associated with such heavily encrypted applications actually led him to shut down a previous creation in 2014, described as “the first and only quantum instant.” “To the world’s messaging system”.

He explains, “In the age of privacy, this was a much needed victory at a time when the misuse and monetization of user data was widely recognized as out of control. However, the reality turned out to be much more complex when our app subsequently appeared on a list of technical tools recommended by the Islamic State.

“We were also getting healthy daily downloads, but the final decision to turn it off was relatively easy – we wouldn’t put profit before human lives. “

Cheng adds, “I firmly believe that these privacy-preserving apps have a future, but common ground must be found between the two sides of the debate. On the one hand, we have privacy advocates arguing for total and unchallengeable privacy for users. However, this makes it extremely difficult for law enforcement and tech companies to monitor communications, detect child grooming, and intercept child abuse footage. It also makes it easier for terrorist organizations to operate undetected. “

On the flip side, Cheng argues that government-sanctioned “backdoors” in encryption are not the answer either, warning, “A backdoor for one is a backdoor for all, and no matter what. who can cross it, whether it is the intended government agency, a hacker. , or a malevolent nation.

His suggestion is to have a preconceived ‘side door’, adding: “This allows you to divide control and responsibility, and one that you can only access if multiple parties like governments, private companies, corporate groups, etc. protection of privacy and preferably the courts each provide their section of the key.

Amandine Le Pape, co-founder of the secure messaging app Element, which claims to have the trust of the French, US and UK governments, is also against backdoors. Its goal was to create an open standard for communication that brought benefits to both parties, leading to Matrix – an open standard for decentralized and end-to-end encrypted communication. Element is a Matrix-based application, one of hundreds that exist now, with 38 million users on the network.

The Pope says end-to-end encryption is “absolutely vital” to securing the modern digital world. “We need end-to-end encryption to protect the 99.9% of the population who are fully law-abiding from bad actors,” she adds.

However, on the technology provider side, she believes there is a need for responsible stewardship and explains that by building a “first class infrastructure… users (and room / community moderators and server administrators) decide who to trust. , and what content to allow ”.

She thinks the future is “incredibly bright” but warns, “The backdoors are an absolute disaster. Remember, the “bad guys” have free and easy access to create their own end-to-end encrypted systems. They won’t be using an encrypted system with a backdoor wide open. It only impacts the “right people”.

Featured Resources

Why Faster Refresh Cycles and Modern Infrastructure Management Are Critical to Business Success

The connection between modern server infrastructure and business agility

Free download

Four traits of leaders in connected businesses

Create more meaningful work experiences for employees

Download now

Modernize the data stack to transform the data experience

Next-generation business intelligence and analytics

Free download

The three main computer problems of the new reality and how to solve them

Increase resilience with unified operations and service management

Free download