You should avoid Google’s new messaging app Allo.
That’s the advice of Edward Snowden today, following Wednesday’s debut of the Google “smart” messaging service, that doesn’t offer end-to-end (E2E) encryption as the default security mode (it is available in the app’s incognito mode.)
“Google’s decision to disable end-to-end encryption by default in its new #Allo chat app is dangerous, and makes it unsafe,” Snowden posted to Twitter this morning. “Avoid it for now.”
But should you? As long as you’re not using it for messaging, it might not pose a security risk. And if you’re looking for worldwide end-to-end encryption, there’s Whatsapp.
For example, if you want to play with the app’s advanced A.I. that generates text suggestions based on your message history, you will have to do without encryption cover, exposing your chats to the company as well as possibly hackers and law enforcement.
It is possible to receive the same kind of protection on Allo that is standard on WhatsApp and Viber, but it will mean forgoing all the reasons why Allo is different using in the first place. The smart chat capability only works in the app’s standard mode, and Snowden isn’t willing to risk exposing those conversations to potentially prying eyes.
Google’s Allo will be one of the only major messaging apps without end-to-end encryption. The search giant is likely gambling that, in the end, users will prioritize the app’s unique chat capabilities over its app’s privacy limitations. The economics may even work out for Allo, because WhatsApp and Viber will not be able to develop A.I. suggestions due to their use of end-to-end encryption.
Google seems to be betting that the percentage of security conscious users who align with Snowden’s point of view won’t be large enough to put a dent in its business.
Astutely put by security researcher and activist Christopher Soghoian on Wednesday: “Making encryption opt-in was a decision made by the business and legal teams. It enables Google to mine chats and not piss off governments.”