Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Encryption Privacy Security Android IOS Software News Build Technology Your Rights Online

Viber Update Brings End-To-End Encryption and Hidden Chats (gsmarena.com) 39

An anonymous reader writes: The new hip thing to do if you're a developer of a messaging app is to encrypt everyone's messages -- everyone's doing it! WhatsApp announced earlier this month all messages being sent through the service will now be end-to-end encrypted. Today, Viber has announcd it is doing something similar. All messages being sent through the latest version of the app will be end-to-end encrypted. To confirm messages are being encrypted, a padlock icon will appear in the chat UI. The latest version of the app is already available in the iOS App Store and Android Google Play Store. Viber is one of the largest messaging platforms with over 700 million users. Hidden chats can also be found in the new update. Users can hide select chats with people and access/display them with a PIN or Touch ID.
This discussion has been archived. No new comments can be posted.

Viber Update Brings End-To-End Encryption and Hidden Chats

Comments Filter:
  • Didn't AOL Instant Messenger add this feature like 15 years ago?
    • by ShaunC ( 203807 )

      I don't think the official AIM client ever offered secure end-to-end encryption. Pidgin+OTR does, though, and that's a common way to use the AIM network.

      • I'm pretty sure it did. It was part of the "Direct connect" feature, I thought. I think it even displayed a little key icon when it was in effect...
  • by Anonymous Coward

    Is Viber written using the Rust programming language? It's getting to the point where the only software I'll trust is software written in Rust. It's like being a vegan in a lot of ways. It's healthier for you, but it can also make life more difficult. For example I've switched to using Servo for all of my web browsing, since it's written in Rust. Servo is still a young project, though, so there are some rough edges. But since it's written in Rust I have a lot more trust for it than I do of other software.

    I

    • No. Viber is an application that people actually use. Therefore it isn't written in hipster Rust.
    • All joking aside, is Rust really that compelling of a language? I haven't actually used it, so I'm wondering if it lives up to all the hype it's generating.

  • by thesupraman ( 179040 ) on Tuesday April 19, 2016 @06:16PM (#51943873)

    I wonder which of them will be the first to open up their implementation to scrutiny?
    Showing us a nice little padlock icon is all very well, but encryption is *hard*, and getting it right is subtle.

    An assurance that they cannot access any of the data themselves would be a start, because it points
    to true end-to-end (rather than end-to-middleman, which is much less useful...)

    If you can access your messages from more than one device, then it is a sign that all is not well in paradise,
    as they may hold the keys themselves (in which case what is the point), but not necessarily.

    If trust is part of security, then do you trust the security? ;)

    • by johanw ( 1001493 )

      Well, I had to re-authenticate other devices (PC and tablet) by scanning a QR code from the main device (phone). This might be indicating that a key exchange is taking place.

    • Any form of encryption, even if crackable, if the user reasonably thinks it's secure can cause additional legal protections to kick in.
      'Reasonable eXpectation of privacy'

    • You're right, of course, but if the information you are protecting is valuable enough to another, it's really just a question of conviction, budget, and time.
      • by wbr1 ( 2538558 )

        You're right, of course, but if the information you are protecting is valuable enough to another, it's really just a question of conviction, budget, and time.

        Or a $5 wrench.

  • by Anonymous Coward on Tuesday April 19, 2016 @06:17PM (#51943881)

    So geezer here, been online since the early 80's. For a long time, store-and-forward type messaging (usenet) and instant messengers (IRC, when it appeared) alike separated the protocol from the client. There were dozens upon dozens of usenet and IRC clients, so you could pick one with features you wanted, but still communicate with everyone else, because they'd all abide the same underlying communication protocol.

    For some reason, everyone decided that they'd rather have kik that can't talk to viber that can't talk to whatsapp that can't talk that MS one that can't talk to any of the other dozens of competing ones. Fractured little fiefdoms. This confuses me. It seems like a significant loss.

    I can even understand why a company wants to lock people into its messager and only its messenger. What I don't understand is why everyone insists on flocking to those things, and eschews the kind of platform agnostic standards that let the internet succeed so wildly in the first place. You can email someone without caring much about which reader they use! What was wrong with that model, that we had to run as fast as possible away from it?

    • I don't know, but having been on the internet since the early 90s I fully agree with you. :(

    • Fractured little fiefdoms. This confuses me. It seems like a significant loss.

      What's a loss for the community is a win for the founders and the investors. A big win. Silicon valley wouldn't be as successful as it is if they were opening their doors to competition.

      What was wrong with that model, that we had to run as fast as possible away from it?

      Its easier to build a business model around an app that's closed down and proprietary as much as possible.

    • The reason Viber is popular is because it uses your phone number as your address. So you can use it to "SMS" for free internationally. What open standard clients usually forget is that people want something easy to use and attached to an address that they can remember. If someone did Jabber/XMPP using your phone number as the endpoint it would probably be more popular.
    • Users have correctly determined that most casual conversation is not worth the effort of configuring a complicated client,

    • I completely agree and share your preference. However, the fiefdom method unfortunately has its benefits, too.

      First, let's address the fact that XMPP, while a good IM standard protocol, is not the simplest thing to manually configure - you have to know what you're doing, and the core demographic for many of these folks consist of people who can't tell a search bar from an address bar in a web browser. You also need a server...somewhere...that someone owns. If Viber makes an XMPP client that can talk to What

  • Looks like it's hip to encryp'; that's a trip!
  • Will all of these secure apps just cause the rest of the system to be targeted so that all of my interactions with my devices are tapped into directly thereby making encryption pointless?
  • I'm sorry for the inevitable racist responses this will get, but if end-to-end security is your thing I have my suspicions that you don't want to deal with a company whose founder and CEO's last job was CIO of the Israeli Defense Force. [wikipedia.org]

  • Are they also using the Signal protocol, or did they come up with something unique?
  • Everyone does it. Even the malware flavor of the month deals with encrypting all your data.

  • ...what's next ? A better, free https client ?
  • Viber shares a founder with one of those Israeli shitware companies from Download Valley and has ties to several others https://en.wikipedia.org/wiki/... [wikipedia.org]

    Also, they have questionable security and/or sold people contacts in the past http://haydenjames.io/i-refuse... [haydenjames.io]

    On November 4, 2014, Viber scored 1 out of 7 points on the Electronic Frontier Foundation's "Secure Messaging Scorecard". Viber received a point for encryption during transit but lost points because communications were not encrypted with keys that

There are never any bugs you haven't found yet.

Working...