Meta has announced that end-to-end encryption (E2EE) will be implemented across all chats and calls on both the Messenger app and the Facebook platform. This move represents a substantial change towards putting user privacy and security first.

Data is protected by E2EE technology since it is only readable by the sender and recipient. This is accomplished by encrypting the data on the sender's device with a unique key, rendering it unreadable to anyone intercepting it, including Meta.

Previously, E2EE was only available through Messenger's optional "Secret Conversations" function. It is now activated by default for all users, adding an extra degree of protection to their conversations.

"With E2EE, you can be confident that your messages and calls are protected from prying eyes," Meta wrote in a statement. "Nobody, including Meta, can see or hear your conversations unless you choose to report them."

Read Full Article

Meta has also announced Labyrinth, a new encrypted storage system designed to securely store E2EE messages and media on its servers. This assures that even if Meta's servers are compromised, the content of your messages will be safe.

Messenger's E2EE implementation is based on the open-source Signal protocol, which is known for its excellent security features. Meta has also created a browser extension called Code Verify for Instagram, WhatsApp, and Facebook users on web browsers. This tool checks the integrity of the JavaScript libraries used by these services to ensure they haven't been tampered with, putting E2EE at risk.

Meta has released two new features to improve user experience while also improving security: the ability to amend sent messages within 15 minutes and "disappearing messages" that automatically vanish after 24 hours.

While E2EE for Messenger group messaging is still being tested, it is likely to be available in future releases.

Overall, Meta's choice to make E2EE the default option for Messenger and Facebook shows a strong dedication to customer privacy. Users that desire safe communication channels and peace of mind in their online dealings are likely to embrace this decision.

See the original post:
Meta Brings End-to-End Encryption to All Messenger Chats and Calls - Times Now

Metas Messenger is one of the worlds most common ways to send messages with contacts, now the company has said it will roll out end-to-end (E2E) encryption for all personal chats and calls on Messenger and Facebook.

To be clear, encryption has been available on these platforms for a while but this latest news means the feature is switched on by default for personal messages and calls. Under the new scheme, messages that you send are protected from the moment they leave your device to the moment they reach your contacts device, preventing any middlemen, including Meta, from seeing what you said.

In the past when messaging clients had or added encryption, it sometimes meant a more restrictive experience in terms of features. With this launch, Meta said that users will retain familiar features like themes and custom reactions but will also get a bunch of new features too including edited and disappearing messages, read receipts control, improved photo and video sending, and improved voice messaging.

With message editing, Meta is striking a balance. You will only be able to edit messages for 15 minutes after sending them and if you want to report someones original message before they edited it then Meta will be able to read the message edit history.

With disappearing messages, they will now last 24 hours after being sent and the chat interface has been updated to inform users that the messages will disappear. As for read receipts control, youll be able to decide if you want to let others see that youve read their messages. This will reduce the pressure to respond to people right away if you dont feel like it.

When you get the update, youll also benefit from higher image quality and improved responding or reacting to any photo or video in a collection. Meta said its also testing HD media and file sharing improvements with some users and plans to scale this in the coming months.

Finally, Meta said that voice messaging is the fastest growing messaging format today and with this update youll be able to listen at 1.5x and 2x speeds as well as begin listening where you left so you can pick up again if you have to leave the app.

The roll out will take several months until everyone gets it but when you do, youll need to set up a recovery method, such as a pin, to restore your messages if you lose, change, or add a device.

Read more here:
Meta begins rolling out E2E encryption on Messenger chats and calls - Neowin

Meta announced on Wednesday (6 December) that all personal calls and chats on Facebook and Messenger will be subject to end-to-end encryption (E2EE) by default.

Encrypted messaging, where the content of the message is only accessible to the sender and recipient, is currently offered by messaging services WhatsApp, iMessage and Signal.

In a blog post, Loredana Crisan, vice-president of Messenger, said: Nobody, including Meta, can see whats sent or said, unless you choose to report a message to us.

The implementation of encryption across Facebook and Messenger will be a gradual process, with an unspecified timeline mentioned, according to the blog post.

While Messenger users have had the option to opt-in for end-to-end encryption since 2016, the default encryption for all personal calls and messages represents a substantial change.

Meta CEO Mark Zuckerberg celebrated the achievement in a Facebook post on Wednesday.

After years of work rebuilding Messenger, weve updated the app with default end-to-end encryption for all personal calls and messages, Zuckerberg said.

In 2019, Zuckerberg committed to implementing encryption technology across all private communications within the companys suite of apps, emphasising a shift towards private, secure digital interactions.

This announcement by Meta is expected to contribute to the ongoing discourse on privacy and law enforcements investigative capabilities.

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Your download email will arrive shortly

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

WhatsApp and Signal recently took a stand against potential legislative moves in the UK that could weaken encryption claiming they would rather be blocked than have encryption weakened.

The Online Safety Bill (OSB),a new UK law aimedat ensuring social media companies are held responsible for user safety, was passed in September after almost six years.

The new law means social media companies will need to work harder to protect children from inappropriate content, as well as removing all illegal content.

WhatsApp, which specialises in encrypted messaging, threatened to refuse to comply with guidelines that would force it to examine the contents of messages for child abuse material.

In June, more than 80 national and international civil society organisations, academics and cyber experts signed an open letter over the serious threat to private and encrypted messaging posed by the OSB.

Give your business an edge with our leading industry insights.

Read the original here:
Meta to make Messenger messages encrypted automatically - Verdict

As the business world continues to find innovative ways to apply AI to accelerate growth and streamline operations, a similar trajectory of inventive thinking is emerging in the cyberthreat landscape. While only theoretical at this juncture, one of the big concerns about AI, when combined with quantum computing, is that there is a possibility that what is encrypted at present could be decrypted in the future. This is enough of a security concern to give pause to even the most experienced technologists. So, how are AI advancements, including generative AI, jeopardizing traditional data security techniques such as encryption and how can emerging new risks be mitigated?

Encryption is a foundational element of data security, so the potential impacts of AI should be considered carefully. Overall, the unique attributes of AI, and particularly those of generative AI, have the potential to significantly improve the development of encryption algorithms themselves, the management of encryption keys, the control of access and administrative rights, etc. Due to its generative nature, generative AI can learn, adapt and ultimately produce net new outputs, raising the bar far above rigidly determined preset algorithms. What this translates to are exciting positive impacts to help security researchers, developers and operators to benefit from a new ally in their work.

At the same time, there are new risks because any powerful new technology can be used to benefit attackers. Malicious actors could push the currently established boundaries of data security by circumventing existing security controls, disrupting the proper management of keys, searching for ways to steal keys and credentials and more. For this reason, quantum computing (aided by generative AI) poses a future threat to current encryption algorithms, as the accelerated computing capabilities could, in theory, allow quantum tools to break the encryption within a reasonable amount of time (e.g., months or even moments, rather than centuries).

Since generative AI is likely to ramp up the capabilities of attackers and defenders, this, in turn, may lead to (or accelerate an already existing) arms race for more powerful AI to remain competitive and gain advantages.

As the evolution of AI produces both positive and negative impacts for cybersecurity in general, IT teams must start now to seek ways to reinforce traditional data security strategies (like encryption) to avoid unmanageable problems down the road. We are already seeing efforts to manage these challenges in government through public policy. While its unlikely that we will see new legislation in the next year, we are seeing progress in this area with the presidents executive order on safe, secure and trustworthy AI. The EO is helping to further define AI safety and security protocols by leveraging the power and resources of the executive branch departments, such as homeland security, defense, energy, commerce, etc. One powerful tool the executive branch has is its procurement policies as the largest buyer of goods and services on the planet, the federal government can profoundly influence the market, including technology and safety standards.

Tech ecosystem players are also turning their attention to well-established, authoritative, independent sources, such as NIST, the Center for Internet Security, ISO and IEEE. As new generative AI-led security challenges arise, these organizations, which produce and maintain operational and technical best practices based on the input of a wide variety of industry, government and academic experts, will develop guidelines to address real-world scenarios. We will also see best practices updated in specific industry tools as vendors, manufacturers, system integrators, industry analysts and third-party testing services glean new insights through practical, real-world experience with generative AI.

As AI practices are refined worldwide, enterprises will begin to apply these new guidelines and improve their protection against cybersecurity risks, which includes taking steps to advance post-quantum computing algorithms to future-proof encryption. Enterprises will be able to identify where AI could be used to fortify weak areas, mitigate vulnerabilities and detect and respond to attacks in real-time.

As we learn more about the interplay of AI with areas such as quantum computing and the credible threat this poses to traditional data security measures like encryption, limiting the data attack surface becomes a top priority.

Typically, the data attack surface is defined as any part of the organization, including websites, applications, email accounts and human interactions that could be an avenue of attack for malicious attackers. AI could be very impactful in reducing the data attack surface by enhancing the data management process, particularly in data discovery, during which it could find sensitive data that may be vulnerable or that may no longer be needed. Furthermore, AI can be effective during data classification by determining the nature of the data and how it should be classified per organizational policy, thus applying controls immediately. This is also the case during data sanitization, by ensuring that sensitive and/or ROT data is adequately erased (to standard), verified and recorded for inspection and audit purposes. Leveraging these approaches to minimize the attack surface will help reduce the information that bad actors could access presently and potentially be able to decrypt in the future.

Overall, the effect that AI has already had on business is visible in many areas. While only time will tell what the future holds for the cybersecurity landscape, it is worth taking a deeper look now at optimizing AI for improved efficacy and efficiency of present-day and future security controls and operations.

Recent Articles By Author

Read more from the original source:
AI and Quantum Computing Threaten Encryption and Data Security - Security Boulevard

Meta Platform is finally rolling out end-to-end encryption for Messenger after years of promises and tests. According to Mark Zuckerberg, personal chats and calls will get default end-to-end encryption, except group chats where it will remain optional.

End-to-end encryption has become a vital security layer, ensuring that the company or any third-party can access the content of the chat.

This has taken years to deliver because weve taken our time to get this right. Our engineers, cryptographers, designers, policy experts, and product managers have worked tirelessly to rebuild Messenger features from the ground up, Metas head of Messenger, Loredana Crisan, said in a blog post.

Meta explained the delay in introducing the security feature was because the company had to build some features from the ground up to incooperate end-to-end encryption. In August, the company promised Instagram DMs, the same feature right after Messenger.

In its new update, Messenger is also getting a feature to edit sent messages up to 15 minutes after sending; speed control for voice messages to play those audio clips at 1.5x or 2x; new photo and video layouts; and a new interface for disappearing messages. Meta is also working on sending HD images and videos on the platform.

Visit link:
Facebook Messenger to get end-to-end encryption by default - The Express Tribune