The privacy of user communications has become big news ever since Edward Snowden released a secret cache of documents showing the extent of government spying worldwide.
This week Facebook has been trialling a new secret messaging service. There are plenty of anonymous chat apps on the market already but very few have a good share of users.
With the release of encrypted communications on the popular Whatsapp and Viber services Facebook with their messenger app is at risk of falling behind in the global encrypted communications stakes.
The new service being trialled allows users to select one device to use the service on due to the messages being stored locally and deleted after a specified period of time. Once deleted they are erased from the local device.
Facebook have opted to market the service as useful for health and financial conversations but essentially the service could be used by anyone for any purpose by those concerned about their own privacy and government snooping to more seedy uses such as love affairs and underground content.
Introducing private chats with the ability for messages to disappear always raises a security issue. For instance an angered spouse could use the service to send abusive messages to an ex-partner. Thankfully this kind of situation has been well thought through as would be expected by a large corporation such as Facebook.
Abusive messages can be flagged by the recipient user at which point the message won’t be deleted straight away to allow Facebook the chance to investigated the alleged abuse.
The service is initially available only for text content and video or GIFS aren’t available.
Surprisingly Facebook has made moves to rely on standards that the cryptography community approve of. Often when large companies make roads into the privacy market they use custom solutions that don’t please the security community.
Facebook have built the service around the Signal protocol which is produced by Open Whisper Systems and in use by many messaging services.
Professor Alan Woodward from Surrey University explained that the standard Signal is well regarded by those with an interest in cryptography but continued to say that although it is well tested if an issue was found with the standard then it would have a huge impact with the amount of users who use an app like Facebook messenger.
He continued to state that if he were to use a private message system then it would be one based on the Signal system but would be interested to know more how it is being implemented into the Facebook solution.