Tag: encryption

Google Messages rolling out end-to-end encryption for group chats

Post author By Mobile Syrup
Post date 20 April 2023

Google’s Messages app is now getting support for encrypted group chats.

The much-anticipated feature appears to be rolling out as part of a Messages update and has been spotted by several people online as well as publications like Android Police. Those seeing the feature are running Messages version ‘20230329_00_RC01.phone_dynamic’ — you can check the encryption status of a group chat by opening the chat, tapping the three-dot icon in the top-right corner, tapping ‘Group details’ and looking for the ‘End-to-end encryption’ section.

End-to-end encryption (E2EE) rollout for group chats is a major milestone for Google Messages and the Rich Communication Services (RCS) platform. E2EE is an important privacy and security feature offered by many of the most popular messaging services, and it prevents messages from being decoded by a third party. RCS lacked E2EE when it launched, but Google added it for one-to-one messages in 2021. That, unfortunately, left group chats vulnerable.

Android Police notes the rollout seems to be fairly widespread, although Google hasn’t made an official announcement yet. Ultimately, it’s great to see E2EE in RCS becoming more widely available. Many people stick with the default options on their phones — if the default messaging option offers better security, that’s a win for everyone.

Source: Android Police

Tags chat, e2ee, encryption, Google Messages, RCS

Mobile Syrup

Twitter working on encrypted DMs with Signal protocol

Post author By Mobile Syrup
Post date 28 November 2022

Last week, Twitter owner Elon Musk talked about plans to add encrypted direct messages (DMs) to Twitter as part of his ‘Twitter 2.0’ vision. Additionally, Musk mentioned the creator of the encrypted chat app Signal might be on board to help. Now, code spotted in the Twitter iOS app includes references to the Signal protocol.

Spotted by Jane Manchun Wong, who has a track record for finding in-development features in social media apps, the code strongly suggests Twitter will use the Signal protocol for encrypted DMs. As an aside, it appears Wong’s Twitter account was removed or deleted after posting these details — it’s not clear why.

End-to-end encryption (E2EE) is a fairly common feature of messaging platforms. For those unfamiliar with it, E2EE means that only participants in a given chat have the encryption key and can view the messages. Currently, Twitter DMs use a weaker form of encryption, which means Twitter holds the keys, and technically anyone at the company with access could read DMs.

Should Twitter adopt E2EE, it will make DMs significantly more secure. Moreover, using the Signal protocol will add some trust to encrypted Twitter DMs, given the protocol is the basis for E2EE in both the Signal app and WhatsApp. Of course, it’s likely still early days for the development of the feature, and it’s not clear how long it’ll take to roll out.

Source: @wongmjane Via: 9to5Mac

Tags direct messages, DMs, e2ee, Elon Musk, encryption, Signal protocol, Twitter

Mobile Syrup

RCMP issues ‘challenge’ to small business to create AI tool for decrypting data

Post author By Mobile Syrup
Post date 4 November 2021

The Royal Canadian Mounted Police (RCMP) issued a press release via Innovation, Science and Economic Development Canada (ISED) announcing that it wants “a solution to access encrypted data for investigation purposes.”

Specifically, the RCMP wants an artificial intelligence (AI) decryption system “that can process the seized data files and generate specific word lists to try and access the encrypted material” because it’s “facing challenges in accessing encrypted data,” which is kind of the point of encrypting it.

Aside from the fact that handing law enforcement a tool to decrypt encrypted data is a terrible idea, the whole press release has a dystopian vibe to it. The release positions the request as a “challenge” for small businesses issued by ISED and led by the RCMP.

ISED gives small businesses until December 16th to “apply to the challenge.” Further, ISED notes that the government invites small businesses to come up with “a new innovative product, service or solution that answers a specific challenge” through the Innovative Solutions Canada program. Moreover, the release says that “winning” small businesses can receive up to $150,000 to refine research and development and, if they’re accepted into phase 2, receive up to $1 million to develop a working prototype.

“The government can then act as a first customer, helping these businesses commercialize their innovations, scale up their business and create good middle-class jobs across Canada,” the release reads.

So, the feds basically want a business to create an AI tool to decrypt encrypted data as part of a “challenge,” will provide funding for the research and development and wants to be the first customer for the tool. Neat.

Of course, there are plenty of other concerns about law enforcement agencies having such a tool. For one, there’s always the possibility of misuse or abuse of the tool, and there will almost certainly be privacy violations. Not that the RCMP really cares — when the Privacy Commissioner said the RCMP violated Canadians’ privacy using the Clearview AI facial recognition tool, the RCMP basically responded with “Actually, we didn’t!”

Perhaps of greater concern is the possibility that malicious actors could gain access to or steal the tool, which would be really bad for everyone.

And when you consider that are several alternate ways for law enforcement to work around encryption, it seems unnecessary to pursue such a dangerous, problematic tool.

Source: ISED

Tags AI, decryption, encryption, ised, rcmp