Facebook Completes Rollout of Messenger App End-to-End Encryption

[MacRumors]

Facebook has announced that the rollout of cryptographic features for its massively popular Messenger chat service has completed, bringing end-to-end encryption to the largest messaging network in existence.

Back in July, the social network company said it was testing the privacy feature on a limited basis which would eventually be rolled out to all 900 million users of the app. On Tuesday, Facebook told Wired that rollout had finished.

Messenger now implements the same highly regarded cryptographic Signal Protocol that the company's WhatsApp platform uses to encrypt messages, but the Messenger app needs to be updated and the feature turned on for it to work.

A new "Secret Conversations" option can now be found at the top-right of the app's New Message screen, provided that users have enabled the option from the Me profile settings screen.

The encryption protocol covers one-to-one text chats and stickers used within threads, but does not currently support the use of videos and GIFs.

Messenger users who update the app will also get to use a new Snapchat-style option that erases messages after a specified duration.

Messenger is free on the App Store [Direct Link] for iPhone, iPad, and Apple Watch.

Article Link: Facebook Completes Rollout of Messenger App End-to-End Encryption

 

[xDKP]

Pretty great to see Apple isn't alone in the fight for privacy and secure communication

 

[fitshaced]

'Secret conversations'. Bloody hell. What a drama queen. Why not just encrypt all conversations instead of making it look like a adolescent girls diary?

 

[dannys1]

Most of my friends haven't even bothered to install the Messenger app, let alone update to the latest version, go to the "me" page and enable "secret conversations" ffs.

 

[miknos]

What's the point if they're not encrypted by default? And if Apple keeps data for 30 days, imagine Facebook.

Do they still keep your microphone listening in the background "to keep the app working"? Oh, it's the Facebook app only.

 

[Telos101]

'Secret conversations'. Bloody hell. What a drama queen. Why not just encrypt all conversations instead of making it look like a adolescent girls diary?

From Wired:

That decision may be in part a compromise designed to help Facebook avoid legal and political difficulties; WhatsApp’s default encryption, for instance, has already put its parent company in an uncomfortable spot at least once, when Brazilian authorities arrested a Facebook executive in the country for failing to help police decrypt WhatsApp messages sent by criminal suspects in a drug trafficking case. But the opt-in move has also drawn the scorn of privacy advocates.

 

[KALLT]

What's the point if they're not encrypted by default?

Convenience. Unlike WhatsApp, Facebook Messenger can be used on multiple devices simultaneously, independently. End-to-end encryption in a multi-device environment requires a more elaborate setup. Given that Facebook Messenger can also be used in a browser, the question arises: where to put the private key?

 

[jetho]

What a crappy implementation.

 

[adamjackson]

so you have to click a button to mark the message as secret? Also all people need to be running the most recent version? Pretty rough basically why bother? I think FB likes indexing all of these messages for their social graph and would prefer users not encrypt messages and this just ticks a box to help the company remain competitive.

 

[Iconoclysm]

'Secret conversations'. Bloody hell. What a drama queen. Why not just encrypt all conversations instead of making it look like a adolescent girls diary?

Likely the added bandwidth and processing required for the encryption overhead. In this case, it could be significant enough that they don't want to turn it on for everything yet.
[doublepost=1475671647][/doublepost]

What's the point if they're not encrypted by default? And if Apple keeps data for 30 days, imagine Facebook.

Do they still keep your microphone listening in the background "to keep the app working"? Oh, it's the Facebook app only.

Apple keeps the name lookup, hardly "data"

 

[Sandstorm]

I love Facebook Messenger. Imo simply THE BEST messaging app, with the most important aspect - beautifully cross platform (unlike the iMessage, which by incorporating disgusting gimmicks has also lost the one thing it had going for it - simplicity).

 

[C DM]

What's the point if they're not encrypted by default? And if Apple keeps data for 30 days, imagine Facebook.

Do they still keep your microphone listening in the background "to keep the app working"? Oh, it's the Facebook app only.

Apple keeps messages (let alone for 30 days)?
[doublepost=1475674396][/doublepost]

so you have to click a button to mark the message as secret? Also all people need to be running the most recent version? Pretty rough basically why bother? I think FB likes indexing all of these messages for their social graph and would prefer users not encrypt messages and this just ticks a box to help the company remain competitive.

How would a new feature work if people don't have a version that has that new feature?

 

[Porco]

Messenger users who update the app will also get to use a new Snapchat-style option that erases messages after a specified duration.

Facebook erase content in keeping with the user's express wishes? This could be it people, the end-times may be upon us.

More seriously, this is all good thing, especially on the day our (Britain's) PM Theresa May 'put on notice' companies 'stopping her government catching the turr'ists'. Encryption is an issue that will keep coming up, and though I don't particularly love Facebook at least they are on the right side of the argument on this, in my opinion.

 

[SteveW928]

So, I wonder if this is end-to-end encryption as I'd define it, or as Comey would???

 

[dekadent]

End-to-end encryption until someone in the conversation gets sand in their private parts:

"If you think a message you've received in a secret conversation goes against our Community Standards, you can report it. When you report a secret conversation, recent messages from that conversation will be decrypted and sent securely from your device to our Help Team for review. We won't tell the person you're talking to that you reported it."

 

[SteveW928]

End-to-end encryption until someone in the conversation gets sand in their private parts...

Yep, or I suppose aside from the the agency-in-the-middle feed/scan they are being paid to do and not disclose, and are given immunity from any consequences.

(Note: I'm not making this stuff up. The question is whether Facebook is above that and can be trusted or not... and I think we know the answer to that one.)