Don't blackberry, Facebook, google etc etc send all data encrypted these days?
The gov can obviously still access it. Is something different with whatsapp or is this whole story a load of rubbish?
There's a few different ways of encrypting something, and they each have different weaknesses/strengths. I'll try to explain them here.
Normal, insecure websites (no encryption)
Code:
Dave ----->>> typing something ---->>> Random website
Nothing is encrypted here. Anyone could pretend to be the random website and intercept the message and read it easily. It could also be read by staff at any ISPs that are snooping on data travelling between their routers (there are often several steps between you and the website's servers).
This is equivalent to sending a postcard whereby anyone who handles it before it reached your mam and dad can read the contents.
Dave doing online banking (HTTPS)
Code:
Dave ----->>> password ------>>> HSBC
In this type of encryption, Dave has entered his password on a secure website. It's encrypted from the point it leaves his browser until it hits HSBC's servers. Anyone can see that Dave is doing something on HSBC's website, but they don't know what. The message is encrypted. HSBC staff know what he's told them as they have the keys to decrypt it (the HTTPS certificate on their servers). Facebook et al also work like this
This is equivalent to sending a message in an envelope. The security services could force HSBC to let them see everything
End-to-end encryption
Code:
Dave ---->>> unsolicited dick pic ----->>> WhatsApp ----->>>> Sue
Here, there's a middle-man acting as a delivery service, like WhatsApp, or iMessage, but the final destination is another user. The dick pic is encrypted by the app at Dave's end and stays encrypted until it reaches Sue, who can decrypt it with her app. In theory, none of the staff at WhatsApp can read the message, but as they are in control of the app, you cannot guarantee that they haven't got the keys for every user. In such a case, they could decrypt the message under orders from Mi5 and see Dave's erect member. Apple claim they don't even have the keys to their iMessage service, so even under orders they cannot decrypt the message. Of course, confiscating either phone will give Mi5 what they need here.
It's equivalent to sending a photocopy of your picture in the mail in an unbreakable, locked chest that only you and the recipient know the combination to. And perhaps the chest manufacturer
Strong encryption (not sure the proper term for this)
Code:
Dave ---->>> top sekrit message ---->>> local encryption program ---->>> some method of file transfer ---->>> Sue ---->>> local decryption program
Here, the message is encrypted by Dave before he sends it, so he knows* that even if it's intercepted on the way, no one can read it without his decryption code, which only Sue has. If the security services get hold of the message, they can't read it. If they go to Dave's house and take his computer, unless they find the code, they still can't decrypt it. Same as Sue's end.
This is equivalent to sending a postcard in a language that only you and the recipient speak.
*Snowden claims the NSA and friends have tried to get flaws inserted into 'safe' algorithms.
The last two are the ones the spies hate. The Bad Guys will be using the last one, mostly (if they're not stupid).