Thursday, 29 September 2016

Don't use Google Allo

Remember when Google said they wouldn't store messages in one of the company's new chat applications, Allo? Yeah, no. The version of Allo rolling out today will store all non-incognito messages by default - a clear change from GoogleĆ¢€™s earlier statements that the app would only store messages transiently and in non-identifiable form. The records will now persist until the user actively deletes them, giving Google default access to a full history of conversations in the app. Users can also avoid the logging by using AlloĆ¢€™s Incognito Mode, which is still fully end-to-end encrypted and unchanged from the initial announcement. Like Hangouts and Gmail, Allo messages will still be encrypted between the device and Google servers, and stored on servers using encryption that leaves the messages accessible to Google's algorithms. For this reason alone, don't use Google Allo. But wait, there's more! There's also the backwards way it handles multiple devices and phone numbers - another reason to not use Google Allo. Sadly, even if you don't have Allo installed, you may still be forced to deal with it at some point because of some 'clever' tricks by Google Play Services on Android. If someone sends you an Allo message, but you don't have Allo installed, you'll get a special Android notification. The notification lets you respond through text along (as opposed to stickers, photos or anything like that), or alternatively ignore it altogether. There's also a button taking you straight to the Play Store install page for Allo. How can Google do this? The notification is generated by Google Play Services, which is installed on just about every Android phone, and updates silently in the background. Don't use Google Allo.

Read the full article here by OSNews

No comments: