In simple words: yes, if you care about privacy

About the privacy implications related to the various instant messaging clients I have already wrote a few months ago in a rather terse.

But this article by Romain Aubert instead treats the subject very carefully, comparing WhatsApp, Facebook Messenger, Telegram, the newborn Google Allo and (of course) Signal.

The interesting fact is that, unlike Telegram that uses its own protocol, all the other clients use the Signal Protocol for the messages exchange, but implemented in different ways and with different levels of privacy.

For the analysis of individual apps will let you read the excellent article by Romain, Let me just add some additional information about the Signal protocol, directly from Wikipedia:

The Signal Protocol (formerly known as the TextSecure Protocol) is a non-federated cryptographic protocol that provides end-to-end encryption for instant messaging conversations.The protocol was developed by Open Whisper Systems in 2013 and was first introduced in the open source TextSecure app, which later became Signal. It has since been implemented into closed source applications, such as WhatsApp, which is said to encrypt the conversations of “more than a billion people worldwide”. Facebook Messenger also say they offer the protocol for optional “secret conversations”, as does Google Allo for its “incognito mode”.

The protocol combines the Double Ratchet Algorithm, prekeys, and a triple Diffie–Hellman (3-DH) handshake, and uses Curve25519, AES-256 and HMAC-SHA256 as primitives.

So, read the article, and let it read to your friends!


Very interesting, IMHO, the final part:

Why should you care about your privacy?

You might be tempted to say something like:

Who cares? I have nothing to hide.

If you don’t think privacy is all that important: