I used to believe that WhatsApp, Signal and Telegram offered "private" messaging, particularly point-to-point encryption. I no longer belive that, in spite of what they all say. With all the recent flurry of controversy surrounding WhatsApp, I installed Signal and took another look at Telegram. I belong to a number of WhatsApp groups, and a few Telegram groups. Each WhatsApp chat states:
"Messages and calls are end-to-end encrypted. No one outside of this chat, not even WhatsApp, can read or listen to them. Tap to learn more."I used to take this at face value, but I don't believe it any more.
The first problem is what do they mean by end-to-end encryption? One would assume that each phone would create a direct link to the other phone, similar to the way Skype used to work. But that isn't the case. You can send a message to someone whose phone is switched off. The message can wait for days, if not weeks, before the other phone is switched on and the message is delivered. So the message is queued somewhere, presumably on the messaging app's servers, because the receiving party can receive the message even if the sending party's phone is off.
The second problem is the message backups. WhatsApp does a regular backup to my Google Drive, and they don't claim that it is encrypted. Nor do they claim that the messages sitting on my phone are encrypted. Confiscate my phone or log in to my Google Drive, and you get a pretty good idea what I have been reading and writing. Signal can make encrypted backups to my phone, and I have to copy that backup off the phone to make sure I don't lose all that data if the phone goes up in smoke or gets confiscated. Telegram automatically backs up all my messages to its "cloud servers", whatever that means.
The most obvious problem is this: each of these apps has a version you can run on your PC. So how does the PC get to display all the chats in plain, unecrypted text? No information passes from the phone to the PC. If the phone stores a private key, the PC never asks for it. That means that either the server keeps a copy and passes it to the PC, or there is no private key on the phone. Therefore the server has the means to read the stored messages.
WhatsApp displays a barcode on the PC screen that the phone needs to read when you visit https://web.whatsapp.com. No information is passed from the phone to the PC. It all comes from the server. I have confirmed this by watching the traffic leaving my phone after connecting using WhatsApp Web. On the PC I navigated to a group that posts a picture price list every day, and was able to go back to October 2020, when the group first started. Every picture that I had opened on the phone was available on the PC, without the phone uploading the data when I requested it on the PC. It complained if I put the phone into flight mode, but the PC was able to read the messages anyway.
Telegram and Signal both send a confirmation message to the phone when you setup the desktop app. But nothing goes in the other direction. They don't complain if the phone is in flight mode. So when any of these apps talk about "end-to-end" encryption they don't mean that your phone (or PC) is one end and the person you are talking to is the other end. Nope. The other end is their server.
The implications of this are serious: your chat is "secure" in the way your internet banking is "secure": it uses https between your PC and its servers. Anyone trying to intercept the traffic between the user and the server is going to have a hard time decrypting it. For practical purposes we will say it's impossible. Even for the NSA and other (Big Brother) nation state agencies. It's encrypted, but it isn't private. Big difference.
If the government wants to read my messages, all it needs to do is get a court order and instruct WhatsApp/Signal/Telegram to enable their PC application for my phone number, without sending the confirmation message or barcode to my phone. Presumably this would be in read-only mode so they don't give the game away by typing in somehting by mistake, or showing that the message has been received and read when I haven't done that yet. But there is nothing on my phone that they need to read my messages. If there was, the PC app would need it too. It doesn't. So either the servers have a copy of my private key, or they don't need a copy because they don't use public-private key pairs.
Whatever the reason, it's not private, even if it is encrypted. Leave a comment if you think I missed something obvious.