Google Hangouts doesn't use end-to-end encryption

Google Hangouts doesn't use end-to-end encryption
If you're using Google Hangouts as your main messaging service, you might want to know that Hangouts doesn't use end-to-end encryption (E2EE), a must-have feature for messaging services in the post-Snowden world. 

This was recently confirmed during a Reddit Ask Us Anything (AUA) session by Google's Richard Salgado, Director for Law Enforcement and Information Security, and David Lieber, Senior Privacy Policy Counsel.

As far as messaging services go, end-to-end encryption is a method of encrypting data so that only the sender and the recipient of a certain message can make sense of the data being transferred. The main thing to bear in mind is that the provider of an E2EE-encrypted messaging service cannot view the messages itself, as the data is encrypted and decrypted locally by the sender and the recipient. 

While the service provider has access to the bits of information that are transmitted between the sender and the recipient, this data looks like complete gibberish without the encryption key. It's worth noting that Whatsapp, the largest messaging service in the world, uses end-to-end encryption, as does Apple's iMessage.

The two Google representatives confirmed that Hangouts only uses in-transit encryption, a method that prevents ISPs and telecom operators from peeking at the messages. Long story short, Google can intercept Hangouts conversations when ordered by law enforcement agencies and governments. 

Google previously revealed that requests for user data coming in from governments across the globe rose one and a half times over the past five years, although the company did not break down the numbers by service.

source: Reddit

FEATURED VIDEO

17 Comments

1. XperiaFanZone

Posts: 2277; Member since: Sep 21, 2012

A Google app not using E2EE! How surprising!

2. Napalm_3nema

Posts: 2236; Member since: Jun 14, 2013

How dare you think they should! You just want to deny them their ad money while using free services that you totally didn't ask for or pay for when you bought the phone. /s

7. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

9. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

Yet you forget at the exact same time as the celebrity photo hack, google had over 5million compromised accounts. It didnt make the news because the targeted celebs that was confirmed took over a year to do (so insecure), were using apple and not google. DOH.http://time.com/3318853/google-user-logins-bitcoin/

10. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Thanks for the new information. After reading the information of all the related articles, is the hack is not confirm, and Google has denied it. http://www.ibtimes.com/5-million-gmail-usernames-passwords-hacked-posted-russian-bitcoin-forum-report-1684368 "Google Inc. (NASDAQ:GOOGL) users concerned that their own identity might be listed among the stolen usernames are advised to avoid typing their username and password into any website that claims to check if that name has been compromised. Cybercriminals frequently use this kind of method, known as a “honeypot,” to steal even more identities. A number of sites have already appeared to distribute phishing messages under the guise of offering help."

11. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

"Update: A Google spokesperson has confirmed what many security experts had already suggested, that many of the passwords in question were likely taken from a website other than Google." elitewolverine, a person that use Android phone because it a better overall platform but still ask others to buy WP. So it is no surprise to me that you will not think twice to smear Google good name just like Microsoft. A large portion of the general public already has a very low opinion of Microsoft and that not going to change by having a smearing contest.

12. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

I could link more sites than that. Regardless, you point to a celebrity case and yet act like google has never had their system broken. Same old song from you. I wonder if its that same song you keep hearing. And i use android because it is a better platform? Now you are just making stuff up, good for you, nice knowing your imagination still works. I get to use all 3 major os's daily, its part of the job. I dont let my wishes, which is using a wp, clout what a customer may wish. something clearly fanboys dont understand

15. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Please do provide more links. I want to read them. As to what you have said in the past. Those who had stay with PA long enough will know. You can me a fan, yes I am a fan but show me a single comment you said about Android and Google that is neutral. I am a trained Microsoft product specialist and an admin to a organization of 2000+ employee, I did not say anything bad about their product, I just don't like Microsoft as a whole for my own past bad experience dealing with them and their business practice. Which other company do this?http://thenextweb.com/microsoft/2012/12/06/bing-continues-its-hypocritical-scroogled-campaign-against-google-shopping-in-new-video-clip/

16. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

"I dont let my wishes, which is using a wp, clout what a customer may wish. something clearly fanboys dont understand" The WP statistic and market share say otherwise, its just not cost effective to implement WP app for the moment. In fact we have just done an internal poll,

3. Pattyface

Posts: 1658; Member since: Aug 20, 2014

Not happy about this.. Maybe I'll go full on messenger

4. mrej201

Posts: 226; Member since: Feb 04, 2015

Who said anything on the Internet is safe

5. buccob

Posts: 2968; Member since: Jun 19, 2012

Yeah even with E2EE in other services I still don't trust any of them... I try to keep my phone with as few messaging apps as possible but that still allows me to connect to all of my contacts... Whatsapp, FB Messenger and Hangouts is all I need. Even if my messages are not fully encrypted.

6. InJuxHurYlem

Posts: 28; Member since: Oct 07, 2009

Um, hangouts isn't for booty calls and drug deals. Hangouts is a powerful IM app integrated with all your other Google services. That means you can search your Hangouts history from Gmail, attach a file from Google Drive, or record your hangout and have it post it to Youtube. So, ya, Google can read your hangouts....just like they can read your email. Both are as secure as possible from everybody else.

8. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Agree. The right people with the right information is sometime crucial. Imagine in a murder investigation, since Apple "claim" not to have the information which is doubtful they can't release information to help free the innocent or convict the guilty.

13. Crispin_Gatieza

Posts: 3137; Member since: Jan 23, 2014

Still don't think BlackBerry is relevant? Want security? There's only one place to go.

14. sprockkets

Posts: 1612; Member since: Jan 16, 2012

This isn't news. I've known this since day one. Think. Use your brain. Hangouts is simply gtalk. Both have always used encryption in transit. You mention post snowden world, well, guess what? The NSA can't read them, only if google gets a subpoena.

17. buggerrer

Posts: 306; Member since: Sep 21, 2011

using any Google services and expecting privacy is like diving in water and expecting not to get wet!

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.