Discord with end-to-end encryption by default – for calls
End-to-end encryption is intended to prevent providers and attackers on the net from viewing sensitive content. Discord is activating it for calls.
(Image: Shutterstock.com)
Discord is now activating end-to-end encryption (E2EE) by default. However, only for regular voice and video calls. Text messages will remain in plain text.
This was announced by Discord's Vice President of Core Technology, Mark Smith, in a blog post. Initial experiments began in August 2023, leading to a protocol for E2EE of voice and video calls called “DAVE.” It is open source. Over the past year, developers have adapted and expanded DAVE for various platforms. Development was completed in March of this year.
End-to-end encryption has been active by default for calls since then; users don't have to do anything. Previously, manual activation was at least possible on platforms that were already supported. Discord developers point out the difficulties that had to be considered during development. Various operating systems and architectures need to be supported: smartphones, game consoles like PlayStation and Xbox, web browsers – all can be active in a call simultaneously and must be able to apply encryption. This has now been achieved, and Discord has also had the design and implementation of DAVE audited by external experts.
And what about text?
Discord is aware that the question of E2EE for text messages will now arise. There are no plans for this, announces Mark Smith. Many of Discord's features were developed under the assumption that text is not end-to-end encrypted. Developing these anew with encryption would be a demanding technical challenge. However, Discord wants to further strengthen privacy protection for users, which is an ongoing, not a one-time project.
Videos by heise
Fundamentally, the introduction of E2EE is always to be welcomed from a data protection perspective. However, the fact that text messages, of all things, are not end-to-end encrypted and decrypted is at least disappointing. However, plain text messages are not only the norm at Discord. Instagram deactivated privacy protection via E2EE for direct messages at the beginning of the month. Reason: Since users had to manually activate the encryption, it was hardly used.
(dmk)
