Tests show only six messaging apps are truly secure
Posted by: Timothy Weaver on 11/05/2014 12:06 PM [ Comments ]
According to the Electronic Frontier Foundation (EFF), only six "secure messaging" apps pass the security test.
Thirty nine apps were tested including popular tools from Apple, Google, Facebook, BlackBerry, Microsoft, and Yahoo.
The EFF was interested in seven possible features:
• is data encrypted in transit
• is it encrypted so the provider can't read it
• can the service verify contacts' identities
• are past communications secure if keys are stolen
• is the code open to independent review
• is security design properly documented
• and has the code been audited
Few satisfied all of the EFF's security requirements. In fact, only six managed to tick all seven of the EFF's boxes: ChatSecure + Orbot, Cryptocat, RedPhone, Silent Phone, Silent Text, and TextSecure.
EFF said: "In the face of widespread Internet surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer 'secure messaging' products—but are these systems actually secure?"
The EFF was interested in seven possible features:
• is data encrypted in transit
• is it encrypted so the provider can't read it
• can the service verify contacts' identities
• are past communications secure if keys are stolen
• is the code open to independent review
• is security design properly documented
• and has the code been audited
Few satisfied all of the EFF's security requirements. In fact, only six managed to tick all seven of the EFF's boxes: ChatSecure + Orbot, Cryptocat, RedPhone, Silent Phone, Silent Text, and TextSecure.
EFF said: "In the face of widespread Internet surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer 'secure messaging' products—but are these systems actually secure?"
Comments