Instant messaging service Whatsapp has now announced that it will use end-to-end encryption to scramble all users’ communications and ensure they can only be decrypted by the recipient’s device. This has huge implications for intelligence agencies as we are only too aware following the FBI/Apple debate around the San Bernadino gunman’s iPhone. Indeed, public opinion is generally divided over end-to-end encryption although security experts around the world are reluctant to weaken encryption mechanisms to allow security agencies to read communications. Here to comment on this news is Richard Anstey, EMEA CTO at Intralinks.
Richard Anstey, EMEA CTO at Intralinks:
“This announcement by WhatsApp reflects a growing consumer awareness of the purpose and merits of encryption. It’s a win for privacy advocates, but undoubtedly a cause of frustration to governments across the world. Following the Apple/FBI scandal, and the return to prominence of the Snooper’s Charter in the UK, encryption has been pushed into the mainstream despite encryption algorithms having been around for years. End-to-end encryption is a very simple concept: as soon as a message leaves a sender’s device, the characters are scrambled into a series of letters and numbers which mean nothing to everyone except the recipient who holds the only key that can now interpret the message.
“End-to-end encryption is already posing a problem for intelligence agencies which are pushing for “backdoors” to decrypt messages between terrorists, some of which may be exchanged on WhatsApp. However, security experts across the world – including myself – are very reluctant to weaken encryption mechanisms, because this would have a wider knock-on effect in day-to-day life – both personal and professional. It can cause all sorts of sensitive information to become less protected from hackers, criminals and unfriendly nation states.”
[su_box title=”About Intralinks” style=”noise” box_color=”#336588″][short_info id=”59581″ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.