In a recent news article, NSA whistleblower, Edward Snowden, says that “Google’s decision to disable end-to-end encryption by default in its new #Allo chat app is dangerous, and makes it unsafe. Avoid it for now (Tung, 2016).” While this is not totally the case, Allo uses end-to-end encryption if the users select incognito mode. This will also reduce the function available during app use. Thai Duong, Google’s ‘cyber overlord’ and co-lead has said “I can’t promise anything now, but I’m pushing for a setting where users can opt out of cleartext messaging. Basically with one touch you can tell Allo that you want to, “Always chat in incognito mode going forward,” and from that moment on all your messages will be end-to-end encrypted and auto-deleted (Tung, 2016).”

Thai goes on to explain that the primary security for Allo is that message disappear after a set amount of time. Allo will also not be viewable by Google. Thai explained that Google would sacrifice if using end-to-end encryption by default; “In normal mode, an artificial intelligence run by Google, but no humans including the Allo team or anyone at Google, can read your messages. This AI will use machine learning to analyze your messages, understand what you want to do, and give you timely and useful suggestions. For example, if you want to have dinner, it’ll recommend restaurants or book tables. If you want to watch movies, it can buy you tickets (Tung, 2016).”

This is interesting coming from Google. Allo is developed with the disappearance of messages as security instead of encryption. What if the messages are captured before the server deletes them? What impact will this have on the usage of the messenger? Let’s hope that Google knows what they are doing when it comes to the disappearing messages. With the current spike in the government being interested in recovering data from devices or servers when needed for investigation, what will happen when the courts give an order to Google to produce information that was transmitted within the Allo app.

GRyan

Tung, L. (2016, May 20). NSA whistleblower Snowden: Google Allo without default encryption is “dangerous.” Retrieved May 21, 2016, from http://www.zdnet.com/article/nsa-whistleblower-snowden-google-allo-without-default-encryption-is-dangerous/
Advertisements