Secure Messaging Apps Are Not Mythical

Just yesterday, I had a WhatsApp voice conversation with my sister where we spoke about buying cars at a popular auctioneer in Samrand. When I checked my Instagram later on in the evening, no less than three adverts regarding that same auctioneer hounded me throughout the app. I know you’re probably thinking what I’m insinuating is looney and impossible… but is it? Just how much information does Facebook have on all its users and how much of that is traded?

They’re not really keen on sharing the answer with us mere mortals. In the time being, if you want secure communications, especially when you’re texting friends using messenger services, (read WhatsApp), the key thing to look at is the end-to-end encryption service. That means if my sister is communicating with me, the encryption key to actually encode and decode those communications are stored on our respective devices. No one in the middle has it.

If you use iMessage, it uses end-to-end encryption… but Apple can still decode those messages, and they do, regularly. They could be forced to disclose those messages to law-enforcement, security agencies and whoever else to be honest.

One of the most well-known apps that have been tested academically in the security community is the app called Signal. An absolutely free, cross platform, application that supports secure voice calls and secure text calls. That way, if you simply download the application, it makes it extremely difficult, even for an Orwellian state like ours, to monitor what you’re doing. They would have to physically compromise your device to steal the key. There’s no Jabulani Bond jumping through my window anytime soon.

The key, however, is to look for apps that are using end to end encryption with PFS (Perfect Forward Secrecy). If your key is ever compromised, it can never be used to decode your communications from prior sessions. Now that we know that WhatsApp’s security features and ‘end-to-end’ encryption are more of a suggestion than a function, the other half of the equation is getting my sister to download the app, or risk having to resort to homing pigeons to gossip properly.

What measures do you take to make sure your personal data is safe online? Do you care at all? Share your thoughts in the comments section below. Thank you for visiting Base64!