> go to the cloud

Fancy name for: Another person computer :)

NovaRift

Bingo. That's exactly why is recommended (for curious minds) to use new breed of OS like Graphene and new chats like keet that go directly p2p (remember napster? :-)
It is up to an individual to decide what to use, cool iPhone or more restricted OS and limit what you share.
In my opinion ( I know, no one asked..lol) the moment you send any data from your phone, you should consider it gone.... YMMV of course

JesseJames

As soon as they have access to your phone the encryption doesn't help. At that point they can do whatever, inject the app with custom logger, run extraction when user opens the app, etc. 

nout

but it is powerless when someone logs directly into a user’s phone

Thats true for every form of encryption, if you have the private key (ie. the users phone), you can access the data....

However that hides the real attack vector. Many of these "encrypted chat" stores the data unencrypted on local device....the problem comes if you have some type of "backup my phone to the cloud" service turned on (which both iphone and android have). Then those chats go to the cloud where who knows who has access....

Politics_And_Law

CIA can read WhatsApp messages – Zuckerberg

>but it is powerless when someone logs directly into a user’s phone

Thats true for every form of encryption, if you have the private key (ie. the users phone), you can access the data....

However that hides the real attack vector. Many of these "encrypted chat" stores the data unencrypted on local device....the problem comes if you have some type of "backup my phone to the cloud" service turned on (which both iphone and android have). Then those chats go to the cloud where who knows who has access....

