Forget WhatsApp: 6 Secure Communication Apps You’ve Probably Never Heard Of
Pinterest Stumbleupon Whatsapp
Advertisement

The Electronic Frontier Foundation (EFF) is a lobby group dedicated to “defending civil liberties in the digital world”. At MakeUseOf we love what they do. I’ve featured their work before in my explanation of warrant canaries The Privacy Mine: National Security Letters and Warrant Canaries Explained The Privacy Mine: National Security Letters and Warrant Canaries Explained Read More and many other authors have also written articles that cite them.

As well as actively campaigning around issues like Net Neutrality What Is Net Neutrality & Why Should I Care? What Is Net Neutrality & Why Should I Care? A significant number see Net Neutrality as essential to the survival of the Internet. In this article, we're going to look at why Net Neutrality matters, and why we should fight to protect it. Read More and the Stop Online Piracy Act (SOPA), the EFF also publishes information about what companies support your civil liberties online Who Is Fighting On Your Behalf Against The NSA And For Privacy? Who Is Fighting On Your Behalf Against The NSA And For Privacy? There are several Internet activism groups who are fighting on your behalf for privacy. They are doing their best to educate netizens as well. Here are just a few of them that are incredibly active. Read More .

One of the many things they maintain is the Secure Messaging Scorecard. From the EFF:

The Secure Messaging Scorecard examines dozens of messaging technologies and rates each of them on a range of security best practices. Our campaign is focused on communication technologies — including chat clients, text messaging apps, email applications, and video calling technologies. These are the tools everyday users need to communicate with friends, family members, and colleagues, and we need secure solutions for them.

What Makes A Secure Messaging App

The Secure Messaging Scorecard scores the different communication apps on seven dimensions:

  • Are your messages encrypted at all stages of the communication?
  • Is the encryption end-to-end so the messaging company can’t access your communications?
  • Can you verify who you are messaging?
  • If your encryption keys are stolen, are you your previous communications safe?
  • Can the app’s code be independently reviewed?
  • Is the design and implementation of the cryptography documented and available for review?
  • Has the code and implementation been independently audited in the last year?

While on their own these dimensions don’t guarantee that a messaging app is secure, they highlight the apps that are more likely to be so. Even more importantly, if an app fails any of the first four criteria it can be considered unsecure to some degree.

Popular? It’s Probably Insecure

The results of the scorecard are quite disturbing. Of the most popular communication apps — BlackBerry Messenger, Facebook Chat, iMessage, Skype, Snapchat, Viber and WhatsApp — only iMessage passed more than two of the tests.

muo_insecure

Most worryingly, all the parent companies, except for Apple, can decrypt and read your messages. Through programs like PRISM What Is PRISM? Everything You Need to Know What Is PRISM? Everything You Need to Know The National Security Agency in the US has access to whatever data you're storing with US service providers like Google Microsoft, Yahoo, and Facebook. They're also likely monitoring most of the traffic flowing across the... Read More , government agencies can potentially access every message you’ve ever sent or received.

The Secure Communication Apps You’ve Probably Never Heard Of

There are, however, some apps that are genuinely secure. ChatSecure, Silent Phone and Silent Text from Silent Circle, and Signal, RedPhone and TextSecure from WhisperSystems all scored full marks in the EFF’s scorecard.
muo_secure

ChatSecure

chatsecure
ChatSecure is a free iOS and Android app that “uses well-known open source cryptographic libraries” such as XMPP, OTR, and Tor to ensure your messages remain private. With ChatSecure you can communicate with other app users and also anyone who uses an app that supports the same protocols.

You can download the app from iTunes or the Google Play Store.

Silent Circle

silentcircle
Silent Circle offers a subscription plan that covers two of the apps that got full marks in the EFF’s scorecard: Silent Phone and Silent Text. The apps are available for both iOS and Android. Silent Phone is for making encrypted voice, video and conference calls — think of it as a secure Skype.

You can even use Silent Phone to call non-users and the call will be encrypted. Silent Text is a secure alternative to most messaging apps. It’s feature set is pretty similar to WhatsApp or Facebook Chat.

Silent Circle is aimed at travelling business people who need security on the road. The plans start from $12.99 a month and include unlimited communications between Silent Circle members through Silent Phone and Silent Text. The difference between the plans is the number of monthly minutes you have for securely calling non-members with Silent Phone.

You can sign up for a plan on the Silent Circle website.

WhisperSystems

whispersystems
Like Silent Circle, WhisperSystems produces a couple of different secure apps. For Android, they have Red Phone and TextSecure, and for iOS they have Signal.

RedPhone integrates with your phone’s default dialler. If you call a friend who also has RedPhone installed, you’ll get the option to make an encrypted call rather than a regular cell call. TextSecure, similarly, integrates fully with your Android phone. It replaces the default text messaging app. If you send a message to another TextSecure user the data is automatically encrypted.

Signal — the iOS app — doesn’t integrate as fully with the operating system. It works just like RedPhone but is a standalone app. You can even call RedPhone users from it. Support for TextSecure style messaging is in development.

You can download RedPhone and TextSecure from the Google Play Store. Signal is available in the iOS App Store.

Personal Privacy Policy

There are countless threats to your privacy online. From hackers to the government. Even googling things related to online privacy can get you on a NSA watch list Your Interest in Privacy Will Ensure You're Targeted By The NSA Your Interest in Privacy Will Ensure You're Targeted By The NSA Read More .

All the apps featured in this article make it as hard as possible for people to intercept your communications. You don’t need to be a drug dealer to want your messages to be tough to intercept and read.

Are you aware of any more secure apps, or surprised by the results from the Secure Messaging Scorecard? Share your thoughts by leaving a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Jon Dough
    September 30, 2017 at 1:54 am

    Great topic, but than there is Vipole, member to member, that is secure, chat, file transfer and calls, and another (not apple app) called Signal, and is free to use and available for Android, iOS, and Chrome (a browser extension that links with your phone).
    Both state they are end to end chat and calls are encrypted and Android, Windows, Linux..

    And Soma calls, (w or w/o video,) and chat, states.... "SECURE: Everything is encrypted using a combination of 2048­bit RSA and 256­bit AES for maximum security.
    And also "SOMA Messenger is the most secure messaging app, providing end-to-end encryption (E2EE) by default for private communication."

    And also a "client side" secure email / chat, called Salusafe, offered by Cryptoheaven for free (under 200MB storage) that a easy client server, E2EE, for Android, Windows, Linux.

    So let the "Tests" begin. lol!

    Again thank you for your post!

  2. Myntex
    July 5, 2017 at 10:32 pm

    Ensuring you have encrypted communications is a very important part of online life today, for that I thank you for taking the time to put this article together, however there is one essential aspect you haven't touched on; how secure is your device?

    Encryption is VERY seldom broken/hacked its usually bypassed. Running an encryption app on an unsecured, or unencrypted device leaves you open to keyloggers and other types of spyware/malware.

    For this reason ensuring you are running end to end encryption on a secure device is paramount.