In the face of widespread Internet data collection and surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer “secure messaging” products – but how can users know if these systems actually secure?
The Electronic Frontier Foundation (EFF) released its Secure Messaging Scorecard, evaluating dozens of messaging technologies on a range of security best practices.
You can read the full Secure Messaging Scorecard here.
“The revelations from Edward Snowden confirm that governments are spying on our digital lives, devouring all communications that aren’t protected by encryption,” said EFF Technology Projects Director Peter Eckersley. “Many new tools claim to protect you, but don’t include critical features like end-to-end encryption or secure deletion. This scorecard gives you the facts you need to choose the right technology to send your message.”
The scorecard includes more than three dozen tools, including chat clients, text messaging apps, email applications, and technologies for voice and video calls. EFF examined them on seven factors, like whether the message is encrypted both in-transit and at the provider level, and if the code is audited and open to independent review. Six of these tools scored all seven stars, including ChatSecure, CryptoCat, Signal/Redphone, Silent Phone, Silent Text, and TextSecure. Apple’s iMessage and FaceTime products stood out as the best of the mass-market options, although neither currently provides complete protection against sophisticated, targeted forms of surveillance. Many options—including Google, Facebook, and Apple’s email products, Yahoo’s web and mobile chat, Secret, and WhatsApp—lack the end-to-end encryption that is necessary to protect against disclosure by the service provider. Several major messaging platforms, like QQ, Mxit, and the desktop version of Yahoo Messenger, have no encryption at all.
“We’re focused on improving the tools that everyday users need to communicate with friends, family members, and colleagues,” said EFF Staff Attorney Nate Cardozo. “We hope the Secure Messaging Scorecard will start a race-to-the-top, spurring innovation in stronger and more usable cryptography.”
The Secure Messaging Scorecard is part of EFF’s new Campaign for Secure and Usable Cryptography, and was produced in collaboration with Julia Angwin at ProPublica and Joseph Bonneau at the Princeton Center for Information Technology Policy.
Read the full Secure Messaging Scorecard here.
This article first appeared on Electronic Frontier Foundation and is republished under Creative Commons license.