How WhatsApp revelations affect Judbox operations
The dust is starting to settle after reports that WhatsApp isn’t quite as secure as everyone thought. Follow up investigations indicate that the journalist may have overstated the significance of the compromise. Despite this, if you’re using any network to communicate you must accept the risk that someone could be listening in. So you need to accept that any network out of your control is probably compromised and manage your discourse accordingly.
Security is a tricky beast. Take email for example. The existing email protocols are all incredibly insecure — and there are good ways to secure email such as PGP encryption. However implementation of security leads to ever more friction and the user experience suffers. There is therefore unfortunately a trade-off between keeping data safe and keeping users happy.
Google is at the forefront of that fight. They’ve softly forced adoption of SSL certificates, and continue to put their significant resources to use and publish educational pieces and terrific encryption protocols (e.g. https://github.com/google/keyczar). Despite their efforts attack vectors are still present and accounts continue to be compromised through nefarious actors and other mechanisms as revealed by Edward Snowden.
At Judbox we do our level best to keep our customers things private. However, NetSec and military experts will agree that you are typically at your most vulnerable whenever you feel safest. That’s because you let down your guard and become complacent. There is therefore a perpetual sense of paranoia in our day-to-day code writing, and we are working to ensure that it will never leave us.