Lack of end-to-end-encryption means that conversations on Hangouts, if subject to a legal order, can be wiretapped or otherwise surveilled.
Google hadn't disclosed this information until a recent Reddit AMA (ask me anything) and a Vice follow-up that resulted. It's not clear whether Google has been asked to provide access to Hangouts, but the potential is there.
Vice:
We asked Google to clarify, or elaborate, on Monday, and a spokesperson confirmed that Hangouts doesn't use end-to-end encryption. That makes it technically possible for Google to wiretap conversations at the request of law enforcement agents, even when you turn on the "off the record" feature, which actually only prevents the chat conversations from appearing in your history—it doesn't provide extra encryption or security.
If the statement was reported accurately, it's an interesting differentiator between Google and Apple's services.
FaceTime, Apple's video and audio calling service, is end to end encrypted. The content of your call is private and secure, and — for all intents and purposes — available only to you and the person with whom you're talking. Technically, Apple could do the equivalent of a person-in-the-middle attack to get at the data, but the consequences would be so severe that it makes such a thing extremely unlikely. Apple has also been vocal about privacy and security, making it a CEO-driven priority, and positioned it as a competitive advantage and customer-facing feature.
With Hangouts — and Microsoft's Skype, too — that end-to-end encryption doesn't exist, and Google doesn't seem to have any of those technical safeguards. Neither Google nor Microsoft has been as vocal about privacy for those services, either. Apparently for good reason.
Because of end-to-end encryption and Apple's stance on privacy, FaceTime was accepted as HIPPA compliant for BabyTalk, which provides remote therapy to infants with cochlear implants.
Some people — perhaps even many people — may not care about end-to-end encryption for their internet calls, or might need to use Skype or Hangouts for things like group calls or screen sharing or other features not yet supported by FaceTime.
If you own an iPhone, iPad, or Mac, you're lucky in that you have access to every service: Hangouts, Skype, and FaceTime. So you can use whichever one bests suits your needs at any given time. That includes FaceTime when you want an end-to-end encrypted call.
And that Apple cares about end-to-end encryption is important. It means they've determined it's in their best interest to align their products and policies in a way that's in our best interests.
Reader comments
Apple's FaceTime is end-to-end encrypted. Google Hangouts... isn't
I'm pretty sure Apple doesn't let any government monitor or collect metadata from calls because they said so so it must be true oh and by the way you forgot to say that Samsung really sucks too!
All those companies said the Government has no back door, they don't give any access, etc. Lol... I guess people are free to choose who they want to believe...
Except that Apple's messaging platform IS vulnerable to government access. Security is a chain, which means it is only as good as the all of the links. End-to-end encryption is but one link. Apple's key management is another, and that is the weak link. It is great for consumers that Apple manages the keys. When I get a new Mac or iOS device, my iMessages sync just fine. Everything is so easy. This is also great for the US government. All they have to do is serve Apple with a National Security Letter demanding the government get a key to your iMessages. Now they see everything too. I wouldn't call this a back door, but it is a very real vulnerability inherent to how Apple decided manage keys; one that is oft overlooked because we see the words end-to-end encryption.
To be fair to Apple, when they say the device is encrypted, this is true. Nobody else, not even Apple, has access to the key needed to decrypt the device. But, when it comes to messaging, you need to be in control of the decryption keys if you want something secure. There are a few out there that do this well. BBM (only if subscribe to the Protected service, see above comment as to why), Signal (called Text Secure for Android), and Threema come to mind. Avoid Telegram.
Great article. Slight correction though - it's HIPAA, not HIPPA. Health Information Portability and Accountability Act.
How will iMore do their group video chats now then?
Posted via S6 Edge
Skype ;¬)
Most likely using Google Hangouts (easier to post to YouTube). Which is kind of the irony of Apple's messaging services, and his incessant anti-Google attitude.
In case one is interested, here is how the EFF rates messaging services/platforms with regards to security:
https://www.eff.org/secure-messaging-scorecard
That's great - thank you for that.
"Technically, Apple could do the equivalent of a person-in-the-middle attack to get at the data, but the consequences would be so severe that it makes such a thing extremely unlikely. "
Could that not be edited to say the same for Google/Hangouts?
Wish I knew more about this stuff to know how significant this really is (or isn't).
The fact that Hangouts isn't end-to-end encrypted allows it to have lots of useful features. For example, I can invite people to a Hangout without knowing their email address or phone number. I just send them a link. They can use it from a web browser or any device.
Moreover, the Hangouts On Air that power Mobile Nations podcasts would be impossible if it were end-to-end encrypted.
I use iPhone 6 Plus, iPad Air 2, and 13" MacBook Pro Retina. All three of them have *both* Hangouts and Messages. Please don't act scandalized or as though anyone is invading your privacy.
Maybe I'm wrong, but I don't see nearly as many attacks on Apple from AndroidCentral as I see attacks on Google from Rene. I'd assume the cross platform availability of Hangouts contributes to this, no?
You're not wrong. I can't remember a single article on AC that was driven specifically by the motivation of downing Apple. But Rene will create articles specifically meant to put Apple on a pedestal and Google in a trash dump.
Why does it seem like Rene only like to post anti android stories? It seems a bit ridiculous and I'm even an Apple user!
If it's not samsung bashing articles, it's android bashing articles lol. Seems Rene writes more about android now than he does IOS lol.
I guess I just feel like that's when we start teetering the line of "fanboyish". I enjoy coming to iMore and AndroidCentral because I have a genuine interest and love for both products. But the frequent bashing from Rene is honestly getting a little crazy.
Agree. I use all Apple devices, but used android in the past and enjoy seeing what android and Google do, but Rene seems to border on obsession with bashing anything Samsung/android, where as you don't see these constant attacks on Apple on androidcentral or other mobile nation sites.
Sent from the iMore App
Renee is the type of user that gives the OS X/iOS community a bad name/rep. Just ignore him.
I don't even read the articles anymore. Just the comments. Some of the discussion (fiery as it can often be) are fun. I don't find his writing to be anything worth wasting a second on.
That's because minus their phones almost every staff member use Macs at AC. Say what you want about iPhones their is no completion right now with Macs, even Android driven sites know this.
Sent from the iMore App
That may be true but it certainly doesn't give an Apple user any sort of superiority. The bashing just seems childish when we are talking about a "respectable" enthusiast blog that is under the umbrella of a larger tech/mobile enthusiast community. Android Central isn't competition. It's a sister site. Have some respect. Or is that too much to ask? This just seems like a pointless Apple article.
You sir, make too much sense. You're too smart to be having this conversation. Just know that these articles are what bring in the commentators. iMore would be a complete no-mans land were it not for the Rene click-bait articles. Look! We're here.
The thing that cracks me up is that I now see his name being used in the comments on other sites as a synonym for an Apple fanatic (not just fanboy). He's getting a reputation in the industry even from people who don't visit iMore. Kind of sad.
There is one complaint about MacBook Pros, the weak graphics chips. Hopefully that will be addressed in the next refresh of the 15" models.
Sent from the iMore App
'But that Apple cares about end-to-end encryption is important. It means they've determined it's in their best interest to align their products and policies in a way that's in our best interests.'. ……..Really???
Strange that encryption isn’t an option in Apple Mail too then. This is something that could ave been implemented AGES ago, if Tim was really that bothered……..
"Strange that encryption isn’t an option in Apple Mail too then."
They're doing as much as can reasonably be expected. All traffic from Apple's mail app to iCloud servers are encrypted. When you start dealing with various third party servers and clients, you end up dealing with the lowest common denominator security wise.
https://www.apple.com/privacy/privacy-built-in/
They could have done the same for Mail YEARS ago as they have done for iMessage recently. How does that equate to, ‘They're doing as much as can reasonably be expected’.?
Unfortunately Apple mail is not encrypted on the server, otherwise Apple wouldn't be able to scan and remove messages without user knowledge :(
Yes, but that’s a feature.
Rene, are you asserting that FaceTime is using a setup with unique session keys in a way that guarantees PFS? Because otherwise all you're saying is that Apple is encrypting the traffic to their servers with their key, and then retransmitting it, which is meaningless. The only thing that stops is MITM attacks - the owner of the private key can decrypt it at will. And even though Apple may see it as a corporate priority, they'll comply with legal orders to decrypt the transmission. The same thing can be achieved simply by initiating a Hangout from inside the desktop Gmail application over HTTPS. You want secure? Use RedPhone on an audited system. Everything else is meaningless.
This is what I'm trying to understand because when this first came out yesterday there were multiple comments on other articles asking how Apple even does this with multiple devices. I don't know enough about it to comment and discuss whether or not this is really that meaningful, though.
Aren't the users/devices the owners of those private keys, though?
No - that's why it was a Big Deal that the fingerprint data is stored on the device and not transmitted to Apple (though even there, I'm less than clear how it works). Basically Rene is asserting that what is happening in FaceTime is that when you call someone on FaceTime, FaceTime first looks up their public key in an index, encrypts the outgoing voice conversation using said public key, and then that someone decrypts it with their private key. In return, the person you're calling looks up your public key, encrypts their outgoing voice conversation with your public key, and your device decrypts it using your private key. This is (mostly) secure - the gotchas are many (such as if someone tampers with the index), but it's true end-to-end encryption.
However, based on what I'm seeing in the Little Snitch logs, that's not at all what seems to be happening. What seems to be happening is that FaceTime contacts Apple's servers using Apple's public key, Apple notifies the other device to connect to Apple's servers using Apple's public key, and then Apple connects the two. This is no different than how Hangouts works if you open Hangouts from inside an HTTPS-encrypted session. In theory, the government can serve Apple with a warrant for their private key, and Apple could be compelled to hand it over (after lots of lawyers make lots of money) - that's what happened with LavaBit, for example, which is why LavaBit shut down rather than comply.
So yeah, I'm taking this with some salt: http://i.imgur.com/0cCCl.jpg
Thanks for that explanation - that definitely helps...
Does this apply to both FaceTime and iMessage? Or just FaceTime?
iMessage also has end to end encryption.
Ah, thank you
Brings new meaning to Android being "open" and iOS "closed", eh?
Google's hangouts is available across multiple platforms. Apple's FaceTime...isn't.
It's fun coming up with titles.
Also, can you find out about BlackBerry's BBM voice (and video for BBs) encryption? Probably also end-to-end right?
Posted via the iMore App for Android
Your statement only helps to bolster the claim that if you care about privacy, you're better off with an Apple device over a Google device. Buy an iPhone to keep your conversations truly private.
Unless the other person doesn't have an Apple device.
I'm not sure how you came to that conclusion. It sounds stupid:
1. iMessage only works between Apple devices
2. FaceTime only works between Apple devices
3. FaceTime has no Group Audio/Video Chat capabilities
4. If the person only has an iPhone and no iPad/iMac/iPod Touch then the user experience is absolutely horrible compared to Hangouts and Skype, which can run on multiple platforms across dispirate form-factors.
FaceTime and iMessage are nice when you have an iMac/MacBook and an iPhone/iPad, but if you ONLY have the phone, it's simply not that good and very few people I know will switch to Apple for those services. Pretty much all of them, after having me explain to them the benefits of Apple's services conclude "so it's basically worthless if I don't buy an Apple computer?" even those who are fairly tech illiterate.
People still use their computers, guys. Did you seriously buy into this Post-PC Era nonsense?
The initial cost to get into Apple's ecosystem to a point where you really start to feel any of this is an advantage over Google or Microsoft services is huge. With their services, the initial cost is zilch.
So then is it Apple's fault for not releasing their software on other platforms, which only hurts their core business, or is it Google's (and everyone else's) fault for not bring up their messaging apps to the same security standard as Apple's?
I'm not sure where the complaint is other than "Apple is bad because they don't make their software available on non-Apple products!"
Here's the problem with that argument, though. Apple is a hardware company first and foremost. They make their billions upon billions of dollars on selling iPhones, iPads, and Macs. They make their software for the purpose of giving reasons for people to buy their hardware. They're not going to release their software on other platforms when it directly goes against their core business model (iTunes being the one exception, and even that exists to be able to sell i-devices even though you own a Windows PC). If you want end to end encryption messaging, you have to get an Apple device. That model is not going to change, ever. Otherwise, you just need to choose a different cross platform provider.
Maybe you should direct your anger at Google and Microsoft instead for having shoddier security models for their cross platform products.
You're assuming control over others, though.
"If you want end to end encryption messaging, you have to get an Apple device."
That's great in theory, but what are you going to do, go convince everybody you communicate with to only use Apple devices as well?
Is it good that iMessage and Facetime are end-to-end encrypted? Sure thing. But that value proposition is not based on solid ground as the end-user not only has to buy into Apple, but has to convince all of those they want to communicate with in a more private manner to buy into Apple as well. And it's not like Apple's not going to help out authorities if they're handed a warrant, same as Google.
You make a good point that got me thinking. I've noticed in my family that Apple devices are contagious. One person gets one, and it just slowly spreads through the circle of influence to others. Pretty dang good business model if you ask me.
I'm not sure what kind of solution to your complaint that you recommend, other than Apple releasing their messaging on competing platforms, which isn't going to happen. One has to face the fact that all the raging about it in the world isn't going to change that fact. It is what it is. Apple offers end to end encryption on their messaging services for the primary goal of selling Apple hardware to both you and the people you message with.
Again, your anger should be directed at the vendors who do offer cross platform communication services, who do not meet the same security standards.
Well I'm not angry, I was just responding to your response to n8ter. :)
One could argue that if Apple was truly concerned about the greater good of privacy, they'd release iMessage and Facetime on other platforms - though they obviously wouldn't integrate the same way (at all) and can they e2e encrypt in that scenario? But obviously there's balance in there between business savvy and the greater good.
And I agree, there does tend to be Apple contagion among social groups. Often you'll have the lone holdout and the next time they get a new phone... "I'll just get an iphone, that's what they all have already anyway".
Fair enough. And didn't mean to imply that you individually were angry. I just see a lot of sentiment along the lines of "Apple is terrible because they don't release software cross platform that directly hurts their business!". It's just nonsensical if you take two seconds to think about it.
Oh yeah, I definitely agree - they're really really good at knowing exactly what to keep proprietary and attractive to those outside of their product line and have every right to do so.
I have an iMac and an iPhone. Yes, very angry and clearly an Apple hater. The only sentiment I see a lot of around here is defensiveness and making wild ASSumptions about others with whom you people disagree (usually while completely missing the point of the comment - usually being "almost always").
My point stands. I know in Renee's perfect world everyone would use an iPhone, an iPad, a Mac, and iPod, and Apple Watch, and Apple TV, etc.
But that's his own fantasy. In the real world, there are tons of people without Apple devices and even more that don't even bother to use things like FaceTime on their device, because they've already settle on cross-platform alternatives and don't like having to remember to use "different apps for different people."
This is why Facebook has more Messaging users than Apple. They are ubiquitous and everywhere. Everyone knows how Facebook works, but very few seem to care about whether or not their chats are encrypted (and seriously, why should they unless they are that lazy and can't make a phone call to talk about something serious and private).
That's one of my favorite things about using Apple products. I get the end to end encryption (which by the way Apple doesn't even have access to the data in that circumstance so law enforcement can ask away but apple can't give what they don't have. This is what makes law enforcement and others so upset) and fir the lone holdouts I still have access to googled and microsofts apps. That's win win to me. I get to use apples great apps and still can use the competitions apps as well (if I choose).
Why do you need an Apple PC? My family regularly FaceTime each other, just from the iPhone, iPad or iPod touch. An Apple PC is not required.
Sent from the iMore App
The twee headline aside, the availability of Google Hangouts doesn't change the fact that it's easier to record/tap conversations on it.
As far as BBM, the answer seems to be, "it depends". If you're using BBM Protected on your internal BES setup, then yes, you can have ETE encryption. If you're using generic/regular BBM, then no, it does not have ETE, at least not as of late 2014.
With Generic BBM, Blackberry can, and has, provided access to various government agencies so they can tap the communications. By design, Apple can't do that with iMessage.
Indeed, but Rene's comment about the consequences of doing such a thing applies to Google just as much as it applies to Apple. If part of his premise is, "yes Apple *could* do this but why would they take that risk?" then that applies to Google just the same.
The free BBM is NOT encrypted. Here is a transcript of episode 427 of the Security Now podcast:
Steve: Yes. That's the problem. "The key used is a global cryptographic key that is common to every BlackBerry device in the world. This means any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device, if the messages can be intercepted and the destination PIN spoofed. Further, unfriendly third parties who know the key could potentially use it to decrypt messages captured over the air. Note that the 'BlackBerry Solution Security Technical Overview' document published by RIM specifically advises users to 'consider PIN messages as scrambled, not encrypted.'"
For consumers, Blackberry offers a paid subscript to offer true end-to-end encryption. If you are a BES customer, you also get better security measures as well.
I am a bit surprised anyone would think otherwise of any of Google's services. I use a Note 4 with every Google App/Service either deleted, disabled, or highly restricted via root. Google's revenue stream is derived from information, namely yours. They mine everything you put on their servers, from searches to emails, music, files, and photos.