Offshore Outsourcing & Scammer
Blog about offshore outsourcing and scammer in the outsourcing industry
Why Google denies us real end-to-end encryption?
by Rudolf Faix Monday, April 6, 2015 3:40 PM

Why did we still do not have easy-to-use end-to-end encryption? The standard answer is far too complicated! But this is nonsense; Apple shows how to make it simple.

AndroidThe technical challenges for true end-to-end encryption are solved for many years. In principle, one could make the simple. With it would be sure not just anybody can easily read along our private and business communications.

Nevertheless, emails, chats and phone calls are still almost always in plain text. They are secured for transport (SSL / TLS), but at least, the service provider can read everything and often does. This course also various other interested parties that attach to help him, the contents of confidential messages.

At this point I always hear, end-to-end encryption is still far too complicated. Alone to generate key, not to mention the checking and signing - end users don’t like do that. In fact, I'll never get anyone to use PGP. Nevertheless, the argument is simply wrong.

Because there is already end-to-end encryption, which is so simple that they use many millions of users and do not even know this: Apple's iMessage encrypts any message with a key that is only known by the recipient. Not Apple, not the network operator and not the NSA. And the highlight: Thanks to Apple's iMessage is a sophisticated design that not a bit more complicated than traditional SMS. Each iPhone owners use it easily and has not to worry about the encryption. The encryption is just there.

This one who wants to read along these messages has to attack this encryption. This also applies to Apple or someone standing there with a National Security Letter at the door. In practice this means: It is not enough that Apple or engage NSAs to the appropriate server to write there the plaintext with, as would be the case with Google, Skype and almost all other services. Instead, Apple would have to actively engage in communication and distribute counterfeit keys.

Of course, experts will argue that Apple does not satisfy the pure doctrine and the user himself has no control over his keys. Specifically, the system is not hedged against the fact that Apple itself eventually distributed as "Man in the Middle" wrong keys. But these are details that go past the actual heart of the matter. It can get improved without much effort. (The ignorance and arrogance of Apple is typical and with that the refuse demands for such extensions and perhaps the other side of the coin is that Apple like no other company can create easy-to-use products). Is crucial, however, Apple is the only major manufacturer and service provider offering such end-to-end encryption at all.

The real question is: Why does Google's Android has no a similar function and nourishes us with Hangouts without proper encryption? I seriously doubt that Google no one has come up with this idea or that technological pioneer in so many areas that could not be implemented just as elegant as Apple; Moxie Marlinspike shows with TextSecure how this might look like. There is only one plausible explanation for why Google has nothing to offer in this respect:

Easy to use end-to-end encryption is undesirable.

There is strong political interest to be able to read the communication of all Internet users at any time without much effort. We can only speculate as large as the pressure is exerted by politicians and authorities on the Group. But much harder probably weighs Google own economic interest: With functioning end-to-end encryption, Google would torpedo his own business model. This is in fact based on that the Group can read and analyze our data - and then to present, inter alia for suitable advertising. This of course applies equally to Facebook; so you can write off any hopes about WhatsApp.

Apple, however, earns his money is still with the sale of equipment and Commissions from business apps and content. And they deserve it obviously so good that they - unlike Google and Facebook - have the luxury to leave us our privacy.

What does that mean for us now? Not that we should buy now Apple products. There are too many things that you can refuse to Apple for good reason. But we must not be fobbed off with cloudy promise to respect our privacy and the protection of our business communications to us. Correct and above all simple end-to-end encryption for all could be done - we must demand only finite.

 

Tags: , , , , , , , , ,

Blog Rudolf Faix

Filter by APML

Follow me

AboutMe

I'm since more then 35 years in the computer business (programming and technical support) and using the Internet since it has started. Since 2002 I'm programming solutions for Asterisk and since 2004 I'm in the call center industry.

Disclaimer

All data and information provided on this site is for informational purposes only. I make no representations as to accuracy, completeness, currentness, suitability, or validity of any information on this site and will not be liable for any errors, omissions, or delays in this information or any losses, injuries, or damages arising from its display or use. All information is provided on an as-is basis and is only representing my own opinion. By browsing or using content from this site you accept the full legal disclaimer of this website.