Which messaging technologies are actually secure?

  • 5 November 2014
  • 2 replies
  • 939 views

Userlevel 7
Badge +54
Posted on 05 November 2014. The Electronic Frontier Foundation has evaluated 39 chat clients, text messaging apps, email apps, and technologies for voice and video calls, and found that only six of them fulfil the seven criteria the organization deems necessary for user security:
  • Data is encrypted in transit
  • Data is encrypted at the provider level
  • They offer the option of verifying contacts' identities
  • If encryption keys are stolen, past communications are secure (the app provides forward-secrecy)
  • The cryptography design of the app has been well documented
  • The app's code is open to independent review
  • The app's code has been audited.
The six apps in questions are ChatSecure, CryptoCat, Silent Circle's Silent Phone and Silent Text, and Open WhisperSystems's Signal/RedPhone and TextSecure (the latter's code and cryptographic protocol have only recently been audited). Full Article

2 replies

Userlevel 7
Very interesting story, Jasper. Thanks for sharing!
 
It looks like many sources picked this one up, including PC Mag
 
And here is a screenshot of the scorecard The Electronic Frontier Foundation used:
 


 
 
(Source: PC Mag) 
Userlevel 7
Badge +54
Thank you Yegor. I don't know what happened there because I thought I had included a screenshot.

Reply