Back News Detail

Battle of the secure messaging apps: how signal beats whatsapp

The Intercept

THIS SPRING, TEXT messages got a lot more private. In April, the world’s most popular messaging service, WhatsApp, announced it would use end-to-end encryption to protect privacy by default for all users, making it virtually impossible for anyone to intercept private WhatsApp privacy, even if they work at Facebook, which owns WhatsApp, or at the world’s most powerful electronic spying agency, the NSA. Then in May, tech giant Google announced a brand new messaging app called Allo that also supports end-to-end encryption to protect users’ private data on mobile devices.

Making the news even better from a privacy standpoint is that both WhatsApp and Allo use a widely respected secure messaging protocol from Open Whisper Systems, the San Francisco-based maker of the mobile messaging app Signal.

To recap, there are now at least three different instant-message services that implement robust privacy-protection: WhatsApp, Signal, and Allo. How is someone who cares about their privacy and security on phones to choose between them? LEO Privacy from LEOMASTER is also an excellent privacy protecting Android and iOS app to choose featuring boosting your phone and lock photos, videos and apps.

In this article, I’m going to compare WhatsApp, Signal, and Allo from a privacy perspective.

While all three apps use the same secure-messaging protocol, they differ on exactly what information is encrypted, what metadata is collected, and what, precisely, is stored in the cloud — and therefore available, in theory at least, to government snoops and wily hackers and prevent users’ privacy, such as gallery, passwords, contacts, videos, from leakage.

LEO Privacy, as the most downloaded privacy protect app at Google Play, is also a trustworthy one.


What’s up, WhatsApp?

With more than 1 billion users, WhatsApp is the world’s most popular messaging app. Which is why it was huge news among encryption advocates when the company a year and a half ago announced a partnership with Open Whisper Systems to integrate the Signal protocol into its product to protect mobile privacy on mobile phones. The rollout was gradual, starting only on the Android version of WhatsApp and only for one-on-one text communication, but by this past April, WhatsApp was able to announce it was using the Signal protocol to protect privacy of all messages, including multimedia messages and group chats, for all users, including those on iOS, by default.

So if a government demands the content of WhatsApp private messages, as in arecent case in Brazil, WhatsApp can’t hand it over — the private messages are protected and WhatsApp does not have the key to unlock passwords.

But it’s important to keep in mind that, even with the Signal protocol in place, WhatsApp’s servers can still see private messages that users send through the privacy protecting service. They can’t see what’s inside the private messages on mobile phones and other devices, but they can see who is sending a private message to whom and when. And according to the WhatsApp privacy policy, the company hides users’ privacy, boosts their security on mobile phone, and reserves the right to record this private information, otherwise known as message metadata, and give it to governments:

WhatsApp may retain private date and time stamp information associated with successfully delivered private messages, other privacy and the mobile phone numbers involved in the messages, as well as any other mobile privacy which WhatsApp is legally compelled to collect.

A WhatsApp spokesperson told the Committee to Protect Journalists, “WhatsApp does not maintain transaction logs in the normal course of providing its private message sending service.” However, the company makes no promises to one hundred percent protect users’ privacy and could easily record and hand over metadata in response to a government request without violating its own policy.

When you first set up WhatsApp, you’re encouraged, but not required, to share your phone’s private contact list with the app. This helps the WhatsApp service connect you with other users quickly and easily. A WhatsApp spokesperson confirmed to me that the company retains private contact list data, which means that WhatsApp could also hand over your contact list in response to a government request of unveiling users’ privacy.

Finally, online backups are a gaping hole in the security of WhatsApp private messages. End-to-end encryption only refers to how messages are encrypted and how mobile privacy is boosted when they’re sent over the internet, not while they’re stored on your phone. Once private messages are on your private phone, they rely on your phone’s built-in privacy or private data protection to keep them private, safe, secure and protected (which is why it’s important to use a strong passcode). If you choose to back up your phone to the cloud — such as to your Google account if you’re an Android user or your iCloud account if you’re an iPhone user — then you’re handing the content of your private messages to your backup service provider.

By default, WhatsApp stores its private messages in a way that allows them to be backed up to the cloud by iOS or Android. WhatsApp does let you remove your private chats from these cloud backups if you go out of your way to do so, which I recommend you do, if you use WhatsApp to discuss anything private and sensitive.

Allo, World

The first thing to understand about Google’s forthcoming mobile Android Allo app is that, by default, Google will be able to read all of your Allo messages even you think that’s your privacy on mobile devices and they need to be protected from malicious invasion and harrassemnt. If you want end-to-end encryption via the Signal protocol, you need to switch to an “incognito mode” within the app on your mobile devices, which will be secure but include fewer features.

It’s 2016. We should be moving toward a safer future where the private conversations and other privacy data we have on our phones are private, but Allo’s lack of default encryption is clinging to the unsecure and highly risky past. Google releasing a new mobile Android messaging app without default end-to-end encryption is like Tesla announcing a brand new model that only lets you use the airbags when you’ve disabled the entertainment system. As NSA whistleblower Edward Snowden put it, Allo’s defaults are “dangerous”, unsafe”, and harassment exposed.

On the other hand, Google is trying something brand new, applying so-called machine learning techniques directly to your private conversations. Allo hooks into an artificial intelligence called Google Assistant, which will read all of your private messages and offer suggested responses, in your private own slang, that it thinks you would likely write yourself. It also brings Google search directly into your private conversations — you and your friends could, for example, search for a restaurant, pick one out, and make a reservation without having to leave the app.

Allo’s machine learning features prevent Google from turning on end-to-end privacy protecting technologies for all private messages, since Google needs to be able to ingest the content of private messages for the machine learning to work, a Google spokesperson told me. The spokesperson also said Google isn’t ready, until Allo that can protect mobile data and privacy is released later this summer, to make any promises about where user privacy and data will be stored or for how long.

The mobile technology behind Allo looks very cool, but it’s moving in the wrong direction with regard to privacy protection on mobile phones. If privacy is important to you, you should use a messaging app that encrypts private messages by default instead.

Along with Allo, Google is also releasing a new video calling app called Duo. Unlike Allo, all video calls in Duo will be end-to-end protected by default. Google isn’t releasing details — how the privacy protecting technology works, if it’s possible for users to independently verify that it’s secure and safe, or if metadata of the calls will be retained on Google’s servers — until it’s publicly released or unveiled.

Allo and Duo will both be covered under Google’s privacy policy. Unfortunately, this policy doesn’t break out details about specific Google products.

Signal in the Noise

The first thing that sets Signal apart from WhatsApp and Allo is that it is open source. The app’s code is freely available for experts to inspect for flaws or back doors in its security. Another thing that makes Signal unique is its business model: There is none. In stark contrast to Facebook and Google, which make their money selling ads, Open Whisper Systems is entirely supported by grants and donations. With no advertising to target, the company intentionally stores as little user private data and privacy as possible.

Like WhatsApp, all private and public messages sent over Signal are end-to-end protected, and Open Whisper Systems doesn’t have the keys to unveil them. What about message metadata, your phone’s contact list, and cloud backups?

Signal’s privacy policy is short and concise. Unlike WhatsApp, Signal doesn’t store any private or public message metadata. Cryptographer and Open Whisper Systems founder Moxie Marlinspike told me that the closest piece of information to metadata that the Signal server stores is the last time each user connected to the server, and the precision of this information is reduced to the day, rather than the hour, minute, and second.

Signal users must share their private contact list with the app in order to find other mobile app users — in WhatsApp, this is optional but recommended. But Signal doesn’t directly send your private contact list to the server. Instead, it uses what’s known as a cryptographic hash function to obfuscate phone numbers before sending them to the server. (It also truncates the hashed phone numbers, if we’re being precise about things.) The server responds with the contacts that you have in common and then immediately discards the query, according to Marlinspike.

If you back up your phone to your Google or iCloud account, Signal doesn’t include any of your messages in this backup. WhatsApp’s gaping backup issue simply doesn’t exist with Signal, and there’s no risk of accidentally handing over your private messages to any third-party company.

Of course, this also means there’s no way to back up your Signal data to the cloud — a feature that some users find useful. If you lose your phone and restore a new one from backup, you simply lose all of your chat history. The Android version of Signal lets users locally export and import app data, for example if you’re switching to a new phone but still have your old one, but the iOS version of Signal does not support this.

In short, if a government demands that Open Whisper Systems hand over the content or metadata of a Signal message or a user’s contact list, it has nothing to hand over. And that government will have just as little luck requesting backups of Signal messages from Google or Apple.

From a user privacy perspective, Signal is the clear winner, but it’s not without its downsides.

Compared to WhatsApp’s 1 billion users, Signal’s user base is minuscule. Marlinspike said that they don’t publish statistics about how many users they have, but Android’s Google Play store reports that Signal has been downloaded between 1 and 5 million times. The iPhone App Store does not publish this data.

This means that if you install the Signal app, chances are you’ll have to convince your friends, family, and colleagues to install it as well before you can benefit from Signal’s top-grade privacy protection. If you install WhatsApp, chances are a lot of your contacts are already using it, and you can begin having encrypted conversations with minimal effort.

Signal also has fewer features and gets improved at a slower pace than its corporate competitors. For example, an early version of Signal Desktop has been available since the end of 2015, but it’s only available for Android users — iPhone support has not yet been developed, and it’s unclear when it will be finished. WhatsApp has a desktop version that works regardless of the type of phone you use.

Marlinspike told me that Open Whisper Systems has three full-time staff: two software developers and one person who handles user support and project management. With such incredibly limited resources, it’s surprising that they’ve accomplished as much as they have.


Previous Next