How secure is your favorite messaging app? Open Thread: The most popular messaging apps have hundreds of millions of users, but how secure are they really? The Electronic Frontier Foundation has been finding out, producing a secure messaging scorecard to rate them on a range of criteria.
How secure is your favorite messaging app? Open Thread
Are messages encrypted in transit, and encrypted so the provider can’t read them? Can you verify contacts’ identities? Are past communications secured if your keys are stolen? Is the code open to independent review, is the security design properly documented, and has the code been audited?
Many companies offer secure messaging products – but are these systems actually secure?
We decided to find out, in the first phase of a new EFF Campaign for Secure & Usable Crypto, explain the EFF.
This scorecard represents only the first phase of the campaign. In later phases, we are planning to offer closer examinations of the usability and security of the tools that score the highest here.
What’s interesting is that the apps that score seven green ticks are the likes of Chat Secure, Crypto Cat, Signal, Silent Phone, Silent Text and Text Secure. Yet for most mainstream users, what defines their choice of messaging app is not “how secure is it?” but rather “which one are my friends using?”
BBM, Facebook chat, Google Hangouts, Kik Messenger, Skype, Snapchat, WhatsApp and Viber don’t score well on the EFF’s criteria, for example. Apple’s iMessage actually does pretty well, with five out of seven ticks.
Even so, will the EFF’s new research encourage those mainstream messaging apps to beef up their security? Or are we going to continue seeing a divide: security-conscious people messaging other security-conscious people on the niche apps, while everyone else continues using the popular apps?
Users interested to hear how important security is in your choice of messaging app, and whether you’ve tried to persuade friends to switch from one to another on those grounds.