Standard messaging platforms resemble an old-school *telegraph*. End-to-end encryption more closely resembles *physical mail*.

To send a telegraph, you beep out your message. This gets sent to a telegraph station, where a person listening writes down your message, and then beeps it on to the next station down the line, where there’s another person waiting. Eventually, someone writes down the message and hands it over to the recipient.

The important thing to note is that the *telegraph operator reads the message* at every hop. So if your telegraph operator knows your cousin, they’ll gossip. And if the Government thinks you’re up to Crimes, they’ll watch over the shoulder of the telegraph operator to see if anything Looks Like Evidence.

Mail, on the other hand, is sealed in an envelope. And that envelope gets handed to a postman, tossed around by baggage handlers when it’s put on a plane, carried around by another postman, and then delivered *unopened* to the recipient. No one else has seen the content of the envelope until the recipient opens it. It is a crime for anyone else to open this mail, even the Government if they’re not going through proper channels (warrantee void where it’s voided).

The encryption is, more-or-less, the envelope that stops non-recipients from reading. The “end-to-end” part is the fact that it stays unopened from the beginning of the journey to the conclusion.

This, of course, relies on trusting the postal system actually does what they say they do. The post office has actual laws that guarantee it works this way, whereas some service that claims end-to-end encryption does not.

What is **not** “end-to-end” encryption is when the email is encrypted during transmission between servers, but is transferred from your email server to you in a form that the server (and its operators) can read.

And that’s actually the usual case, as email headers must be readable by the servers because they have routing information, and some email servers will also scan your emails for spam, attacks, and viruses.

What they’re claiming is that your data gets encrypted on your phone and doesn’t get decrypted until the intended recipient gets it. Encrypted data can’t be read without decrypting it first, so in principle end-to-end encryption ought to keep the app developer from sitting in the middle of your conversation reading your messages.

In reality, though, it’s important to remember that anyone can claim their app uses end-to-end encryption, whether or not it actually does. So you shouldn’t rely on an app to do the right thing.

It means it is encrypted on your device, and only decrypted when it reaches the other device.

Sometimes, apps will encrypt the data once it hits the servers, so that, but it is transmitted to those servers un-encrypted first.

What is **not** “end-to-end” encryption is when the email is encrypted during transmission between servers, but is transferred from your email server to you in a form that the server (and its operators) can read.

And that’s actually the usual case, as email headers must be readable by the servers because they have routing information, and some email servers will also scan your emails for spam, attacks, and viruses.

What they’re claiming is that your data gets encrypted on your phone and doesn’t get decrypted until the intended recipient gets it. Encrypted data can’t be read without decrypting it first, so in principle end-to-end encryption ought to keep the app developer from sitting in the middle of your conversation reading your messages.

In reality, though, it’s important to remember that anyone can claim their app uses end-to-end encryption, whether or not it actually does. So you shouldn’t rely on an app to do the right thing.

It means it is encrypted on your device, and only decrypted when it reaches the other device.

Sometimes, apps will encrypt the data once it hits the servers, so that, but it is transmitted to those servers un-encrypted first.

It means it is encrypted on your device, and only decrypted when it reaches the other device.

Sometimes, apps will encrypt the data once it hits the servers, so that, but it is transmitted to those servers un-encrypted first.

Simply put, End to End encrypts the data on the sender’s device, and it is decrypted on the receiver’s side when it arrives, so it stays encrypted for the whole journey. The only way to decrypt the message is by using the key that only the receiver device has.

Not to be confused with Link Encryption, which works similarly but is able to also encrypt the headers where the routing information is located (IP addresses, MAC addresses, etc). End to End Encryption does not do that; it encrypts the data itself, but not the header.

Typical communication is unencrypted. This means that the data, the contents of the message, could be read by anyone who has access to them at any point in their journey to the recipient. Maybe your internet connection is compromised and someone can see all the data that comes and goes from your connection. Maybe it’s the servers of the service that are compromised or maybe your Internet Service Provider is compromised. Your data passes through all those different networks and servers so it is theoretically possible that someone with access to them could read your messages.

End to end encryption is what it says on the label, it’s encrypted. When two users have a chat with each other, an encryption key is generated that only their devices have. This encryption key is used to encrypt and then decrypt the data on either end. Without it the encrypted data makes no sense to anyone who may have access to them and is next to impossible to decrypt without the encryption key. This means that even if for example someone has access to my messenger account, and he has it open on a computer, he still won’t be able to see my end to end encrypted chat that I have with someone through my phone, since only my phone and their phone have the encryption keys. That’s why it’s called end to end. A channel of communication may still be encrypted but not necessarily end to end.

End to end encryption offers significant security and privacy benefits but it’s not unbeatable. If someone up to no good wants access to your data there’s always ways they can get it. The weakest points are obviously the devices themselves. If malicious software that gathers your data is installed without your knowledge on your device it can simply read the decrypted messages and bypass the need to decrypt entirely. If someone has access to the encrypted data they may still be able to decrypt it if the method of encryption is weak or if they have the ability to brute force it with a suitable system. Lastly there’s the question of whether the providers of those services themselves are honest about their encryption. What’s App or Messenger may say their messages are end to end encrypted but that doesn’t necessarily mean that’s the case, in which case it poses a huge vulnerability.