Linked by Thom Holwerda on Thu 22nd Sep 2016 09:03 UTC

Remember when Google said they wouldn't store messages in one of the company's new chat applications, Allo? Yeah, no.

The version of Allo rolling out today will store all non-incognito messages by default - a clear change from Google’s earlier statements that the app would only store messages transiently and in non-identifiable form. The records will now persist until the user actively deletes them, giving Google default access to a full history of conversations in the app. Users can also avoid the logging by using Allo’s Incognito Mode, which is still fully end-to-end encrypted and unchanged from the initial announcement.

Like Hangouts and Gmail, Allo messages will still be encrypted between the device and Google servers, and stored on servers using encryption that leaves the messages accessible to Google's algorithms.

For this reason alone, don't use Google Allo. But wait, there's more! There's also the backwards way it handles multiple devices and phone numbers - another reason to not use Google Allo. Sadly, even if you don't have Allo installed, you may still be forced to deal with it at some point because of some 'clever' tricks by Google Play Services on Android. If someone sends you an Allo message, but you don't have Allo installed, you'll get a special Android notification.

The notification lets you respond through text along (as opposed to stickers, photos or anything like that), or alternatively ignore it altogether. There's also a button taking you straight to the Play Store install page for Allo.

How can Google do this? The notification is generated by Google Play Services, which is installed on just about every Android phone, and updates silently in the background.

Don't use Google Allo.

Permalink for comment 634720
To read all comments associated with this story, please click here.
Comment by ddc_
by ddc_ on Thu 22nd Sep 2016 10:34 UTC
Member since:

And here follows obligatory comment about how the grass used to be greener:

There used to be multiple services (ICQ, MSNm Yahoo Messenger, etc.), each with is own set of problems and its own walls around. People had to use multiple applications to chat with others, because there was no platform where all of your contacts would be.

Then there was Jabber (now XMPP). It was a state-of-art protocol at that time.¹ It specifically allowed for transports, so that you could have your ICQ, MSN, IRC, etc. contacts in your roster, and you could chat with them as if they were using the same software as you do.² Google, Facebook and many others used XMPP for their chat services. If you wanted to, you could turn on some encryption feature, and your communication was reasonably secure by contemporary standards. That did not work with Google's, Facebook's and many other implementations that were build around non-XMPP services, but at least there was a path forward.

Then Skype happened. People were sold en masse on voice and video communication, and were readily dismissing all the security, privacy and openness concerns citing Skype's dubious security measures. Skype itself dismissed popular demand for openness as inconvenient for spam fighting. Basically, Skype's position on every question was: "Just don't think about it. We did, and we chose the best option. Your back is covered." Apparently people bought in.

Fast forward a few years. Now there are again multiple services (WhatsApp, Viber, Skype, Facebook Messenger, Signal, Telegram), each with is own set of problems and its own set of walls around.³ People have to use multiple applications to chat with others, because there is no platform where all of your contacts are. Back to square one. Only this time the market is very hostile towards any attempts at cross-service compatibility or alternative clients. People are banned for using third-party clients. Either public attitude changed, or people sold out for stickers and slick UIs.

¹ It was a bad protocol from technical standpoint, but hey, others were no better.
² Sometimes things were broken. Eg. every now and then non-ASCII messaging with ICQ contacts was turning into mojibake because somewhere something was incorrectly encoded. But there were workarounds, and things were generally workable.
³ If you are about to reply with something like "But Signal and Telegram are free software!", please don't forget to mention the way I could send a message from Signal to Telegram and vice versa. Also note, Signal's server implementation used to be opensource, but it is proprietary now.

Reply Score: 9