In the last few years phones and apps have been touting themselves as better than other phones/services because their messaging has end-to-end encryption, or some other variant of secure messaging. Why do we care?
Edit: Thanks for the answers, everyone!
In: 140
Almost all traffic on the modern Internet is encrypted *in some way*. But it matters who has the keys.
As a quick refresher, encryption means that the data is scrambled mathematically, in such a way that only someone who has the key can open it. Ideally, there’s no way to “break in” without either having the key, or trying every possible key until you find the right one.
So with most messaging applications, the data is encrypted when you send it to, say, Facebook. Facebook uses their key to unlock the message, and store it for the recipient. When they log in, Facebook encrypts the message and sends it to the recipient.
With end-to-end encryption, you encrypt the message with a key only the recipient knows, and Facebook holds on to the scrambled, locked message. When they forward it to the recipient, the recipient can then unlock it.
In the case where Facebook has the key to unlock the message, this means that they can read the message. They can use it to target ads to you. Your government can demand that Facebook give them a copy of the message. Facebook can be hacked and the hackers can take the message.
In the case where only the recipient has the key, only the recipient can unlock the message.
Latest Answers