

Google Hangouts doesn’t use end-to-end encryption, law enforcement can access it - paganinip
http://securityaffairs.co/wordpress/36749/intelligence/google-hangouts-wiretapping.html

======
parfe
Duh? I can access hangouts from arbitrary browsers and devices which means, at
best, Google has "my" private key and that is the same as having the plain
text messages.

This is like the yearly "Dropbox lies about encrypting your data!" post. Any
service that gives you access to your data via a browser without a key only
you control is the same as it being "unencrypted" even if on their end they
encrypt it with their key before it hits a physical disk.

~~~
zurn
It's not quite that simple. For example FaceTime claims to exchange session
keys peer-to-peer without revealing them to Apple. It's no big deal to do
technically.

Of course Google/Apple still would have the power to backdoor the clients, as
long as they can issue app updates. But it seems that US wiretap orders can't
force them to go that far.

