NOLO
Encryption · explainer

End-to-endencryption.

It is the gold standard for private messaging, and the thing surveillance laws keep trying to work around. Here is what end-to-end encryption actually is, in plain language, how it works, and, honestly, what it does not protect.

The idea

Only the two ends.

The name is literal: the message is locked at one end and can only be unlocked at the other. Everyone in between sees scrambled text.

Keys, not passwords

Each device has a public key it shares and a private key it keeps. Messages are locked with the public key and opened only with the matching private key.

The provider is blind

The app and its servers only ever move encrypted text. They cannot read your messages, because they never hold the key to open them.

Not even in transit

Because it is encrypted the whole way, intercepting the network gets you nothing readable either.

The honest part

What it doesn’t protect.

Encryption is powerful, but it is not magic. Knowing its limits is what keeps you actually safe.

What E2EE protects

The content of your conversation, end to end.

  • Message contentText, photos and files stay unreadable in transit.
  • From the providerEven the app maker cannot read them.

What it doesn’t

The context around the message can still leak.

  • MetadataWho you talk to, when and how often can be visible.
  • Your endpointsA compromised phone can read messages there.
  • Unencrypted backupsA cloud backup without encryption exposes content.
FAQ

Frequently asked questions.

End-to-end encryption (E2EE) means a message is encrypted on the sender's device and can only be decrypted by the recipient's device. Nobody in between, including the app provider, the network or a server, can read it. Only the two ends hold the keys.

Each device generates a pair of keys: a public key it shares and a private key it keeps secret. Messages are encrypted with the recipient's public key and can only be opened with their private key, which never leaves their device. The provider only ever handles scrambled text.

It protects the content, not everything around it. Metadata (who talks to whom, when and how often) can still be visible. If either device is compromised, the message can be read there. And unencrypted backups can expose the content outside the encrypted channel.

Signal uses it by default for everything. WhatsApp uses it by default for messages and calls. iMessage uses it between Apple devices. Telegram uses it only in opt-in "Secret Chats", not by default. Email and many services are not end-to-end encrypted at all.

NOLO is an AI assistant, not a messaging app, so E2EE between two people does not apply the same way. But it follows the same spirit: your history stays on your device, the optional cloud backup is encrypted in your browser before it uploads, and the providers running the models retain nothing.

Private by design

Private tools,
honest about limits.

NOLO keeps your AI history on your device and encrypts backups before they upload. No account, no tracking, no retention.