A lot of companies advertise over encryption of data in their service. Encryption is a really good practice for privacy and security but it’s worthless sometimes. For example, WhatsApp encrypts messages but it’s worthless as it’s Facebook (WhatsApp’s owner) who creates and manages keys.

What a secure messenger or any service does is to let the user create and handle encryption keys. Let me give you another example. Imagine you want send a letter to a friend and I’m the mail person. You give me your letter and I promise you to hide it. Now, I may hide it from other people but I, myself, still have access to it.

Encryption is like that. If you want to hide your letter, you should do it yourself and not trust anyone. As long as other services do the encryption for you or manage your keys, you’re not truly secure and that encryption is worthless.

Leave a Reply

Your email address will not be published. Required fields are marked *