./ notes.txt / secret messages
june 3, 2019 | 4 min read
have you wondered how your private messages are sent on the internet?
encryption is how messages are secured using a key and math.
in most cases, a key is a giant number.
a number big enough,
comparing to hiding a grain of sand at the beach.
after looking for millions of years, there would still be a >99.999% chance you still wouldn't have found it
this key is only known to you and the other party
next, your messages are sealed with that key
by using a math equation that is easy to do in one direction, but nearly impossible to do in reverse
sometimes, there's no key used.
in that case, messages could be read by others
if you ever notice a website has http:// at the top (instead of https://), it's possible others could see that message while it's being sent
most websites and apps: banks, messaging apps, Netflix, are encrypting your communication
on the other side, a robot (the website or server) unlocks your message and deals with it accordingly.
e.g. on YouTube, the robot reads your search query and sends you back some videos
when sending a private message,
the robot forwards your message along to the recipient. but the robot could take a peek at your message.
some robots will pass the message along, not opening it.
some robots might scan the message to make sure it's not spam.
but, an opened message could also be stored insecurely without encryption,
or read & copied by spying parties
another method is called end-to-end encryption
with this, only you and the final message recipient have the key,
to the robots eyes, it's passing along random numbers between two people
many messaging apps are not end-to-end encrypted by default,
and instead could be reading your messages for ads targeting, enforcement of rules/laws, or otherwise
here's what I could find among the top messaging apps
where an app has different messaging modes with different encryption, I've specified
top messaging apps (2019) encryption:
+ end-to-end encrypted:
= client-server encrypted
- Telegram Secret Chats
- Facebook Messenger Secret Chats
- KakaoTalk Secret Chats
- Snapchat Snaps
- Most email (gmail, yahoo, outlook, etc.)
- Google Hangouts
- Facebook Messenger
- Google Hangouts
- Snapchat Chats
with the exception of SMS text messages, all popular messaging apps uses some form of encryption
client-server encryption is when a message may be opened by the server
while end-to-end encryption, if done properly, ensures that can't be done
modern technology gives us a perfect tool to whisper to someone else
so why doesn't every app use end-to-end encryption?
there are a handful of convenient features which may require some knowledge of your messages:
depending on the app, trading perfect secrecy for these features may be worth the trade off
- cloud backups - so you can read your messages if you lose your device, or from other devices
- search - searching 100,000+ messages may be too difficult to do on your device, and might require the server's help
- suggestions - e.g. auto-complete, tagging people by name, setting reminders, scheduling events, etc.
- spam prevention - without being able to read the contents of messages, it's difficult for a server to detect spam, phishing, or other abuses of the service
however, messaging is a relatively simple concept, and differences in features are minor between apps.
take a moment to think about your choice