WhatsApp has become perhaps the most widely used independent (read not Microsoft, Google, Yahoo, etc.) messaging system out there.
This exciting announcement tells us that the TextSecure encryption technology is being quietly rolled out inside the WhatsApp client. For example, it’s already in the Android client and many have been using it without even knowing their messages are now encrypted end-to-end.
There are several things that excite me about this announcement:
- There have been security and encryption tools such as PGP around for years, but their usability sucks and most have not used them. This is changing, primarily courtesy of the revelations of Ed Snowden
- These tools can be retrospectively added to existing applications where this a will and a desire to do so
- TextSecure is public domain software, reviewed by anyone willing to pick it apart and shoot holes in it, as many have done, making it much, much stronger as a result
- At the heart of this code is one Moxie Marlinspike (anyone guess he’s a keen sailor?), who is committed to making a difference in on-line communications security. The Internet world allows the dedication of one individual to make a huge difference when applied in the right way (this is not to diminish the rest of the wonderful crew at OWS working on their exciting, secure products such RedPhone for Android and Silent for iOS)
Thank you, Moxie. And be careful of the hypothermia…