Cheraw Chronicle

Complete News World

EU wants to open big chat services like WhatsApp and iMessage - IT Pro - News

EU wants to open big chat services like WhatsApp and iMessage – IT Pro – News

Maybe I don’t quite understand you, but assuming soon everyone will (for example) continue to use the Signal protocol (as Google, Facebook Messenger, WhatsApp and Skype use it now), this is only used interchangeably.

How will this make it easier for governments with a suspicious agenda? The encryption continues to pass from the first device to the second device.
Currently:
A phone with Whatsapp -> encrypt messages -> to internet -> phone with Whatsapp -> decrypt message.

thus:
Phone using Whatsapp -> Encrypt message -> To internet (via federation services) -> To phone using iMessage -> Decrypt message

Not every service will contain everyone’s data. Saying that I use Threema and you use Signal, does not mean that iMessage contains your or mine. Only when I send something to an iMessage contact, that platform will see something, but it has nothing to do with you. In addition, contact details are not required to be sent at all.
User entity (string with random characters) is sufficient. This string can be different for each platform and for each contact:

I am sending from Threema to Signal. My user entity is abcd @ threema -> contact is qwer @ signal
I am sending from Threema to Signal. My user entity is bcde @ threema -> contact is tyui @ signal
Send from Threema to iMessage. My user entity is dcba@threema -> contact person is poiu@imessage.
Send from Threema to iMessage. My user entity is hgfd @ threema -> contact is yuio @ imessage.

So when I send something to the @wxyz signal, only Threema knows that I am sending something to “someone on a signal”. And Signal only knows that “someone from Threema” is sending something to that user.

The above mentioned names are exchanged (for example) via the Diffie-Hellman protocol for example. So you have a unique username for yourself and the other person in each contact. These usernames don’t have to be visible to end users and can also be part of person-to-person encryption, so there’s no point in spoofing.