[BinaryIdiot]

> Surely an entity as large and as well financed and ISIS would have little trouble finding bright young engineers & technologists sympathetic to their cause to simply build their own encrypted services?

You wouldn't even need the brightest engineers. In fact so many encryption algorithms have been opened sourced and / or in library form for so long that it's easy for practically any developer to do.

[drdaeman]

Just having a library that does something doesn't magically bring security. The issue is, engineer still needs to know a lot of stuff (or strictly conform to the instructions) to use the thing correctly. There are too many ways to screw the thing up without even knowing it.

So, if the thing's to slap some nice GUI upon an existing library that implements the security bits, then almost no knowledge's required. But if one has a library full of primitives but still has to combine them in a meaningful way - it's a damned minefield.

[nickpsecurity]

That statement shows you haven't spent any time researching the security of secure messaging solutions. Or security software in general. Virtually all of them had protocol or implementation flaws with most having flaws so severe that cryptographers and top programmers saw fit to write books detailing how to do it right.

Books most people making "private" apps still haven't read. ;)