Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Messenger To Get End-To-End Encryption

Posted by msmash on from the affinity-for-privacy dept.

Reader wiredmikey writes: Facebook announced Friday it would roll out optional "end to end encryption" for its Messenger application, following a trend aimed at stronger security and protection against snooping. The new feature will be known as "secret conversations" which can be read only by the sender and recipient. Facebook shared technical details about its implementation of the security in a technical white paper (PDF). Facebook earlier this year began implementing this end-to-end encryption on its WhatsApp messaging service.ZDNet's Zack Whittaker, however, warns about a catch in Facebook's effort. He writes: But already the company has faced some criticism for not encrypting messages by default, instead making the service opt-in, like Apple's iMessage, or even Facebook's other chat app, WhatsApp, which recently switched on default end-to-end encryption earlier this year. Cryptographer and Johns Hopkins professor Matthew Green, who reviewed an early version of the system, said in a tweet that though you "have to turn on encryption per thread," he added that providing encryption to almost a billion people makes it hard to "put that genie back in the bottle."

8 of 99 comments (clear)

  1. To my knowledge messenger unlike whatsapp by MarkH · · Score: 3, Insightful

    Keeps a copy on fb servers. So this change is cosmetic

  2. This would imply by JustAnotherOldGuy · · Score: 3, Funny

    This would imply that there is information of value being exchanged on Facebook; a proposition I find difficult to believe.

    --
    Just cruising through this digital world at 33 1/3 rpm...
    1. Re:This would imply by Opportunist · · Score: 3, Insightful

      If only important messages were encrypted, every bad person would instantly know which ones he should decrypt.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:This would imply by gsslay · · Score: 4, Insightful

      You are absolutely right. What you put on Facebook is of no value whatsoever. You have nothing to regret giving it to us. We just like collecting meaningless chatter and none of our client advertisers have the slightest interest in it. Nothing to worry your little heads over, nothing to see here.

      - Mark Zuckerberg

  3. Re:Translation: by cryptizard · · Score: 3, Informative

    End-to-end specifically means that Facebook can't read it, if it is implemented as they say. The ends in question are both users.

  4. Re:Why use we keep secrets? by The-Ixian · · Score: 3, Insightful

    Do you close the door to the bathroom stall when you take a dump?

    Do you have passwords on any of your accounts?

    Do you make your SS or CC numbers known to the world?

    Privacy is a protection.

    --
    My eyes reflect the stars and a smile lights up my face.
  5. Re:Breaks reading messages on phone and desktop by cryptizard · · Score: 3, Informative

    That's true, but you do need some "anchor" device for this to work or else there is nothing to bind together the many browser you may have across many devices. Without of course just giving Facebook the key like you said. In practice, most people have the phone's on and connected to cellular internet most of the time. I have used WhatsApp a lot and it really isn't an issue.

  6. Re:Translation: by Fnord666 · · Score: 3, Informative

    No they haven't, read the description of their implementation.

    No thanks, I would rather read their actual implementation (ie open source). The only way you can even begin to trust such a communications system is if it is open source and you can build the client from the provided source. Insert oblig reference to Ken Thompson's "Reflections on Trusting Trust" here. At any rate, the description of the implementation is not the implementation itself.

    --
    'The tyrant will always find pretext for his tyranny.' - Aesop's Fables