Have you wondered how your private messages are sent on the internet?
Encryption is how messages are secured using a key and math.
Keys
In most cases, a key is a giant number.
- A number big enough,
This key is only known to you and the other party.
Encrypting
Next, your messages are sealed with that key
By using a math equation that is easy to do in one direction, but nearly impossible to do in reverse.
HTTP
Sometimes, there's no key used.
In that case, messages could be read by others.
- If you ever notice a website has http:// at the top (instead of https://), it's possible others could see that message while it's being sent.
Robots
Most websites and apps: banks, messaging apps, Netflix, are encrypting your communication.
On the other side, a robot (the website or server) unlocks your message and deals with it accordingly.
- e.g. on YouTube, the robot reads your search query and sends you back some videos
Peeking
When sending a private message, The robot forwards your message along to the recipient. But the robot could take a peek at your message.
Some robots will pass the message along, not opening it. Some robots might scan the message to make sure it's not spam.
But, an opened message could also be stored insecurely without encryption, Or read & copied by spying parties.
End-to-end
Another method is called end-to-end encryption.
With this, only you and the final message recipient have the key, To the robots eyes, it's passing along random numbers between two people.
Apps
Many messaging apps are not end-to-end encrypted by default, and instead could be reading your messages for ads targeting, enforcement of rules/laws, or otherwise.
Here's what I could find among the top messaging apps where an app has different messaging modes with different encryption, I've specified.
Top messaging apps (2019) encryption:
+ end-to-end encrypted:- iMessage
- Signal
- Line
- Viber
- ProtonMail
- Telegram Secret Chats
- Facebook Messenger Secret Chats
- KakaoTalk Secret Chats
- Snapchat Snaps
= client-server encrypted:
- Most email (gmail, yahoo, outlook, etc.)
- Google Hangouts
- Skype
- Facebook Messenger
- Google Hangouts
- Discord
- Telegram
- KakaoTalk
- Snapchat Chats
- SMS Text Messages
With the exception of SMS text messages, all popular messaging apps uses some form of encryption.
Client-server encryption is when a message may be opened by the server While end-to-end encryption, if done properly, ensures that can't be done.
Why
Modern technology gives us a perfect tool to whisper to someone else so why doesn't every app use end-to-end encryption?
There are a handful of convenient features which may require some knowledge of your messages:
- Cloud backups - so you can read your messages if you lose your device, or from other devices.
- Search - searching 100,000+ messages may be too difficult to do on your device, and might require the server's help.
- Suggestions - e.g. auto-complete, tagging people by name, setting reminders, scheduling events, etc.
- Spam prevention - without being able to read the contents of messages, it's difficult for a server to detect spam, phishing, or other abuses of the service
Depending on the app, trading perfect secrecy for these features may be worth the trade off.
However, messaging is a relatively simple concept, and differences in features are minor between apps.
Take a moment to think about your choice.
⌃ back to top
← home