If you’re the least bit concerned about the privacy and security of your online conversations—and roughly two-thirds of Americans are—you face a few problems. First, your data is at the mercy of those who control the networks, be it a messaging startup or a telecommunications company. Strong end-to-end encryption can solve that problem, but that raises another challenge: you and the person you’re talking to often need to be using the same privacy apps.
Now, the hackers who built the open-source protocol used by protesters during the Arab Spring wants to solve that problem—by getting into all of your apps.
Late last month, Open Whisper Systems announced it was partnering with WhatsApp to steadily add that protocol, TextSecure, by default to the communications of hundreds of millions of users of the popular Facebook-owned messaging platform. And while Whisper makes a suite of apps that have been praised by Edward Snowden, the group dreams of baking its TextSecure protocol into every messaging app you own.
Already, anyone is invited to contribute to the project. Next, it wants to collaborate with any app or social network—and not just for messaging but for image- and video-based apps too, like Snapchat or Instagram.
While Apple’s recent move to encrypt user data was seen as a privacy milestone, the Cupertino giant acknowledged that this wasn’t a silver bullet: government agencies can still force telecommunications companies to hand over user communications and hackers can potentially carry man-in-the-middle attacks to acquire user information. And while Apple insists iMessage features end-to-end encryption (via public keys), some security researchers dispute the claim, stating that Apple can read iMessages, though it would be difficult to pull off.
When it was purchased by Facebook in 2014 for $19 billion, WhatsApp promised not to sell its user data, a pledge the Federal Trade Commission underlined when it approved the deal. With TextSecure now seamlessly in hands of WhatsApp’s 600 million-plus active users (as of October), governments can no longer compel the service to reveal its users’ communications. The company simply doesn’t have the data to hand over.
To Moxie Marlinspike, the long-haired hacker who founded the open-source project in 2011, end-to-end encryption is far stronger than simply locating servers in countries thought to be privacy-friendly, like Switzerland or Iceland.
“People that advertise that their servers are in one place or another is a bad sign because there are no safe jurisdictions, especially when you consider unauthorized access and that stuff can be attacked anywhere, ” Marlinspike says.
“The point with end-to-end encryption is that the server is not trusted, and it has no ability to read the contents of messages. The idea is that WhatsApp, its workers, anyone that compromises its servers, or governments that coerce WhatsApp do not have access to the contents of the communication.” (Meanwhile, conversation metadata—who was talking to whom and when and for how long—is not under TextSecure’s protections; that data can be hacked or turned over to authorities more easily.)
Marlinspike started Open Whisper Systems with a small team of developers and “a large community of Open Source contributors,” after his company, Whisper Systems, was purchased by Twitter in 2011 for an undisclosed sum. The integration with WhatsApp is only the first step in a much larger plan for the TextSecure protocol, including extending it to image sharing apps (think Snapchat). Marlinspike won’t name names.
“Our objective is to make end-to-end encryption ubiquitous,” he says, hoping that it will become the new normal in messaging. “We’ll continue working to integrate our protocols and libraries into existing products. Our thesis is that we can make end-to-end encryption a seamless addition to existing communication channels—any messaging product could benefit from that.”
Post-Snowden concerns about spying by three-letter government agencies has led to a mushrooming of secure apps. The encryption system Off The Record and an email alternative called Briar forgo central servers; there’s also Darkmail, a project by PGP creator Phil Zimmermann and Ladar Levison of Lavabit—Edward Snowden’s former email service—and Mailpile, now in beta, which raised over $100,000 last year to build an open source email client with PGP encryption.
While Apple has begun to offer end-to-end encryption on iMessages, Google last summer unveiled the code behind its own end-to-end encryption tool, a plug-in for Chrome called End-to-End meant to encrypt all information leaving the browser, but it hasn’t been released yet.
Unlike typical PGP apps, which rely on a single set of public and private keys in order to encrypt messages, TextSecure relies on a technique which is designed to send a new public key with each new message.
Marlinspike notes another problem with Apple’s approach: “If you sync your data to iCloud, everything there is unencrypted.”
Open Whisper Systems first integrated its TextSecure protocol into the SMS provider on CynogenMod, the popular alternative Android operating system. This instantly gave 10 million users the ability to send instant encrypted messages, provided they were texting users who had CynogenMod or TextSecure installed on their smartphone.
“We’ve been working on this stuff for awhile, and we got to a place where we were feeling really good about it,” Marlinspike says. “We have it deployed in our own TextSecure app, which has allowed us to make sure that we’re developing this stuff in a way that’s really going to work, and also to allowed us to demonstrate that it’s possible to deploy this kind of stuff in frictionless way.”
After the CynogenMod integration, Open Whisper Systems approached WhatsApp, which has come under criticism in the past for flawed data security. “They were really excited about it because I think this was something they were thinking about for awhile.”
Marlinspike is eager to keep encryption from being thought of as boring or difficult; he talks about “frictionless” privacy. On the surface, WhatsApp looks and functions exactly as it did before the TextSecure integration. The same would be true for any messaging app companies, big or small, that want the protocol integrated into their platforms.
“Our objective is to make private communication simple,” Marlinspike says. “We believe that starts with developing protocols and cryptographic libraries that are consistent with modern messaging: asynchronous [messages sent/read at different times], multi-device, and mobile oriented.”
And while the TextSecure protocol is now operational in so many smartphones across the world, nothing has changed with Open Whisper’s commitment to security. The team haven’t delegated this task to WhatsApp, says Marlinspike, promising that WhisperSystems will continue to analyze and research its own protocols and software (Signal for iOs, RedPhone and Flock for Android) in public, open-source fashion on its GitHub page, and with extended hackathons like Winter of Code.
And while the FBI hasn’t commented on the WhatsApp-TextSecure integration, given FBI Director James B. Comey’s comments on Apple and Google encryption at a recent Brookings Institute speech, he’ll probably have something to say sooner or later. And when he does, certainly some of what he says will be encrypted.