Facebook Experiments With End To End Encryption In Messenger

from the good-to-see dept

This has been rumored before, and perhaps isn't a huge surprise due to Whatsapp's use of end to end encryption, but Facebook has launched a trial of end to end encryption in Facebook messenger, under a program it's calling "Secret Conversations" (which also allows for expiring conversations).
It’s encrypted messages, end-to-end, so that in theory no one—not a snoop on your local network, not an FBI agent with a warrant, not even Facebook itself—can intercept them. For now, the feature will be available only to a small percentage of users for testing; everyone with Facebook Messenger gets it later this summer or in early fall.
What's good to see is that Facebook is directly admitting that offering end to end encryption is a necessary feature if you're in the messaging business today.
“It’s table stakes in the industry now for messaging apps to offer this to people,” says Messenger product manager Tony Leach. “We wanted to make sure we’re doing what we can to make messaging private and secure.”
This is a good sign. For years, tech companies more or less pooh-poohed requests for encryption, basically suggesting it was only tinfoil hat wearing paranoids who really wanted such things. But now they're definitely coming around (something you can almost certainly thank Ed Snowden for inspiring). And, not surprisingly, Facebook is using the Signal protocol, which is quickly becoming the de facto standard for end to end encrypted messaging. It's open source, well-known and well-tested, which doesn't mean it's perfect (nothing is!), but it's at least not going to have massively obvious encryption errors that pop up when people try to roll out their own.

Some security folks have been complaining, though, that Facebook decided to make this "opt-in" rather than default. This same complaint cropped up recently when Google announced that end to end encryption would be an "option" on its new Allo messaging app. Some security folks argue -- perhaps reasonably -- that being optional rather than default almost certainly means that it won't get enough usage, and some users may be fooled into thinking messages are encrypted when they are not.

Facebook's Chief Security Officer, Alex Stamos (who knows his shit on these things) took to Twitter (not Facebook?) to explain why its optional, and makes a fairly compelling set of arguments (which also suggest that there's a chance that end to end encryption will eventually move towards default). A big part of it is that because of the way end to end encryption works (mainly the need to store your key on your local device) that makes it quite difficult to deploy on a system, like Facebook Messenger, that people use from a variety of interfaces. Moxie Marlinspike, the driving force behind Signal has already pointed out that Signal protocol does support multi-device, so hopefully Facebook will figure it out eventually. But in the short term, it would definitely change the way people use Messenger, and it's at least somewhat understandable that Facebook would be moderately cautious in deploying a change like this that would end up removing some features, and potentially confusing/upsetting many users of the service. Over time, hopefully, end to end encryption can be simplified and rolled out further.

As some cryptogrphers have noted, this is a good start for a company with hundreds of millions of users on an existing platform in moving them towards encryption. A ground up solution probably should have end to end enabled by default, but for a massive platform making the shift, this is a good start and a good move to protect our privacy and security.

Anyway, anyone have the count down clock running on how long until someone from the FBI or Congress whines about Facebook doing this?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, end to end encryption, messenger, signal protocol
Companies: facebook


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 8 Jul 2016 @ 4:11pm

    Facebook still gets metadata. Would not touch with 10000' pole, and neither should anyone else who actually cares about their privacy.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 8 Jul 2016 @ 4:13pm

    If anything, this is just going to give Facebook the data they need (which will likely be shared with all interested government agencies) to figure out who to watch more closely by profiling the types and groups of people who use the 'secret' functionality most often.

    link to this | view in thread ]

  3. identicon
    do you trust facebook, 8 Jul 2016 @ 7:47pm

    Do you actually trust facebook to not give up keys to a government entity?

    link to this | view in thread ]

  4. icon
    John Fenderson (profile), 8 Jul 2016 @ 8:29pm

    Re:

    If it's truly end-to-end then Facebook has no keys to give up.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 9 Jul 2016 @ 12:28am

    Under Supervision

    The article forgot to mention that the end to end encryption is under the supervision of the FBI.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 9 Jul 2016 @ 1:04am

    Re: Re:

    There is the small matter of key exchange, which applies to any public key system, how do you validate that the keys you are using belong to the people you are communicating with, rather than a man in the middle who is relaying your messages. Similarly, if some server outside your control is storing the keys you use, how do you know that you are always getting the key of the person you are communicating with.
    It does not matter how secure the encryption is if you cannot confirm by some reliable means whose keys you are actually using. As ever convenience is the enemy of security.

    link to this | view in thread ]

  7. icon
    John Fenderson (profile), 9 Jul 2016 @ 8:21am

    Re: Re: Re:

    "how do you validate that the keys you are using belong to the people you are communicating with, rather than a man in the middle who is relaying your messages."

    PKE has mechanisms to handle that.

    "Similarly, if some server outside your control is storing the keys you use, how do you know that you are always getting the key of the person you are communicating with."

    In a true end-to-end crypto system, no server outside your control is storing your private key.

    link to this | view in thread ]

  8. identicon
    Guido, 9 Jul 2016 @ 1:10pm

    Key echange is the hard part

    There is the small matter of key exchange, which applies to any public key system, how do you validate that the keys you are using belong to the people you are communicating with


    Indeed, this is the hardest part in creating usable cryptography. And there are always trade-offs.

    At one side there is the pre-exchanged keys. It's secure and private but doesn't scale.

    Then came the CA's. They attest which key belongs to whom. This is reasonble secure but leaks metadata, lacks deniability. And there is the issue of: who does this identity belong to?

    Now we have Facebook, Apple, Google et al tying keys to phone numbers. Again, leaks metadata and lacks deniability.
    Now the question is: can they replace one key for another without detection?

    And there is my eccentric authentication, a different way to exchange public keys and identities online. Check out eccentric-authentication.org.

    link to this | view in thread ]

  9. identicon
    Philly Bob, 14 Jul 2016 @ 8:29am

    Countdown clock starting in 3 - 2- 1 - NOW.....

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.