By -
TOP ANDROID &  IOS APP TO SEND & RECEIVE ENCRYPTED TEXT MESSAGES


SECURE MESSAGING APP

1. TextSecure and Signal

  • Unique feature: Message everyone in your phone list, even if they don’t use TextSecure.
  • Security: Uses independently developed algorithms, including those implementing forward secrecy in which a new key is generated for each message.
  • Open Source.
TextSecure, created by former Twitter security researcher Moxie Marlinspike’s Open Whisper Systems, is the only app we looked at that can be used to message anyone in your existing phone list, even to the point where it’s a seamless replacement for the default text messaging client. Bear in mind, though, that end-to-end encryption will only exist in conversations with other TextSecure users, though you'll be informed when a conversation is insecure.
Some of the options to increase security include scanning encryption keys in-person with contacts to prevent man-in-the-middle attacks, and disabled screenshots by default. Also set by default is sending messages via data rather than SMS to avoid storing metadata with your cellphone provider.
In the future, Open Whisper Systems plans to release its text messaging service for desktop systems and Signal, its secure phone call app for iOS. You also have access to the same text encryption if you use CyanogenMod on your Android phone.
Available for free on Android (and announced for desktop and the Signal app on iOS).

2. Wickr

  • Unique feature: Ephemeral chats and photos which can be made to disappear in anywhere from 3 seconds to up to 6 days.
  • Security: Wickr has staked its claim with public independent assessments, as well as placing a large bug bounty on its “military-grade security,” and champions its warrant canary, or a secret indicator to its user base when the company has received a secret government subpoena to release information.
Wickr is a client for those who want to know that their messages and photos are not readable after a certain amount of time, even by the receiving party. Metadata is stripped from photos before being sent, and messages automatically disappear a set amount of time after being read.
Users can also send audio, video, and PDF messages from their devices and Dropbox or Google Drive storage. Customize your experience by setting how you want people to be able to find you (if at all), shredding remains of deleted local files, and creating group chats of up to 10 people.
Available for free on iOS and Android.

3. Telegram

  • Unique feature: Choose between either ephemeral chats that are never saved anywhere or cloud-accessible messages for when you do want to return to the conversation.
  • Security: Telegram also had its own hacking bounty, which is sometimes controversial, but drives home the point that as a company, Telegram is not only interested in knowing about flaws in its application, but is willing to stake its reputation (and money) on it.
Telegram is described by its creators as WhatsApp, but encrypted, cloud-based, and faster. You can share media and messages to up to 200 people at once. Choose between secret chats that leave no trace on the Telegram servers, have a timer for deletion and cannot be forwarded, and cloud-based messaging that's still secure, but is available on the cloud to return to later.
Available for free on iOS and Android, and unofficially available on desktop and Windows Phone.

4. Gliph

  • Unique feature:Communicate with non-Gliph users via a unique group chat interface, and access BitCoin transfers, email cloaking services, and a user "name" that doesn’t rely on real information.
  • Security: Gliph has an honest description of what its security entails, and when you might choose something else (i.e., if your life is in danger).
Gliph has a few unique features that might prompt you to choose it over other apps, if you have need of those things. It is more targeted as a tool to avoid exposing your information in public places, such as listing a Craigslist ad, posting online, or starting discussions on the web. GliphMe gets around requiring all messages to start and end with Gliph users by creating a web interface that allows people to jump into a conversation securely with a Gliph user.
As with some other apps, EXIF data is stripped from photos, and you can remove a photo from everywhere (the server and both your side and your recipient’s) all at once.
Available for iOS, Android and desktop. Free for the main client, with cloaked email addresses available through in-app purchases.

4. surespot

  • Unique feature: Allows multiple identities that don’t share keys, preferences, or contacts.
  • Security: As with some other apps, requires setting a password that cannot be reset or recovered, and allows users to view each other’s public keys offline to verify that there’s no man-in-the-middle attack occurring.
  • Open Source.
The surespot app has a few tools to independently manage different identities on one device, giving users the ability to separate business and personal communications. It also integrates voice chat and flexible photo control over unlocking, locking, and deleting photos from recipients’ phones.
Available for free on iOS and Android, with US$1.99 to add voice integration.

5. CoverMe

  • Unique feature: The CoverMe Vault securely stores all sorts of media, and the app adds many features to hide your identity and number.
  • Security: CoverMe allows you to call and text CoverMe nonusers by purchasing a phone plan with them; however, only phone calls and messages with other users will be encrypted end-to-end.
Where TextSecure elegantly adds in the ability to text nonusers, CoverMe adds several bells and whistles to accomplish the same thing, but with additional charges. However, there are several features that might appeal to some users, including; a vault to store passwords, photos, docs, and more; the ability to hide the app on the phone (for example, for use if you live in a country that bans the encryption of one’s internet communications); and the ability to hide contacts. If your friends don’t use CoverMe, you can purchase private, anonymous phone numbers to contact others, but as with other apps, these communications won’t be encrypted en route to your friend.
Available for free on iOS and Android, with premium features costing US$4.99 and additional fees for CoverMe VoIP phone number plans.

SECURE CALLING APP

1. RedPhone and Signal

  • Unique Highlight: Use of the default dialer in Android makes secure calls without requiring forethought.
  • Security: RedPhone and Signal encrypt PUSH data from even Google’s and Apple’s eyes and only the most necessary metadata is used to route calls.
  • Open Source.
Eventually these two apps will be merged with their text messaging component TextSecure, but for now, bear with the two different names. Android users can make secure calls to iOS users.The apps still work via the default dialer even if you never open the app a second time, and if you make a call to a fellow RedPhone or Signal user, you’ll be asked if you want to upgrade to a secure phone call.
RedPhone (Android) compatible with Signal (iOS), and announced development on desktop. Free download.

2. OStel

  • Unique Highlight: Open standard for secure phone calls means lots of different ways to use it.
  • Security: Each OStel client has novice or advanced settings, with advanced settings allowing for ZRTP, a protocol created by the PGP inventor and also used in RedPhone and Signal.
  • Open Source.
OStel is the public implementation of a defined standard for an Open Secure Telephone Network (OSTN), with a principle of "promoting the use of free, open protocols, standards and software, to power end-to-end secure voice communications on mobile devices." To make use of OStel, you’ll need to create an account with OStel (no personal info required) and then download the appropriate app for your phone or desktop OS. Both ends must be using OStel, and users cannot be on landlines or use a SIM card.
Available on Android, iOS, desktop, and more – see full list. Pricing depends on platform, with some free.

What should you use?

  • Given that the highest level of security exists when both ends of a connection are using the same app, one could argue that you should use the app where you already have the largest existing contact list. But as I was installing new apps, though I occasionally was informed that an existing friend of mine already used the app, I generally had no contacts already using the service. In order to enjoy the level of security the app was meant to provide, I would have to recruit my friends and colleagues, and accordingly, most of the apps had fairly visible methods to do so.
  • Compounding the lack of user base in some of these apps is the large number of secure phone and text clients available even for free. Arguably the population of interested users is being split among each app and walled off from other users. I didn’t even list secure VoIP calling plans that sell minutes for calling outside the user circle because, again, this seemed counterintuitive to being able to increase rather than decrease the number of one’s contacts in a secure network, instead focusing on apps that are cheap enough to not be considered an additional mobile plan.
  • I was forced to accept was that, were I to choose an app for personal needs and not for a business or group setting where I could require all members to use the same app, I would choose the one that natively fit best into how I text and call. That way, I would enjoy the end-to-end security when it was available, but have to resign myself to local encryption otherwise.
  • My personal choice to meet this standard is the Open Whisper approach of making encryption seamless and transparent because I didn’t have to change anything about how I communicated, and thus it was more likely that I (and others) would continue to use their apps. Similarly, OStel may also work for this purpose in the future if additional developers integrate the standard into more products.
  • However, I also came to the conclusion that there is no downside for choosing to encrypt my communications regardless of which app I chose, until there’s a better default standard for mobile encryption to prevent against man-in-the-middle attacks, surveillance-friendly carriers and leaked phone metadata.
  •  

Comments

Post a Comment

Popular posts from this blog

8 Key Tips That Every Single Cryptocurrency Trader Needs to Know

By -
Image
Even though we’re now several years into cryptocurrency becoming somewhat mainstream, although the hype has worn off, the digital, decentralized monetary format is still very much a big earner for people around the world, more commonly known as cryptocurrency traders. As a cryptocurrency trader yourself, you’ve probably witnessed the highs and lows of the market yourself, or even if you’re just getting started, you’ll look for the best way to make a start. With this in mind, today we’re going to help you get going. Below, we’re going to explore eight essential need-to-know tips to help you make the most in your cryptocurrency trading career, ensuring you have the best and most profitable experience. #1 – It’s Just Getting Started Although lots of people have heard of Bitcoin or might have seen it on the news, it’s not fully integrated into society just yet, and there’s only a real minority of people out there who actually use cryptocurrencies daily. That means there’s so much roo
Read more

Over 20% of Institutional Investors Already Exposed to Cryptos, Survey by Fidelity Reveals

By -
Image
22 percent of institutional investors already have exposure to digital assets. This is according to a new report by Fidelity Investments, one of the largest asset managers in the world. The report goes against many crypto skeptics who have been quick to state that institutions are no longer interested in digital assets. The survey polled 441 institutional investors between November last year and February this year. Interestingly, this was a time in which cryptos hit their lowest levels. Nevertheless, institutional investors remained unfazed, with interest in digital assets never really dwindling. Tom Jessop, the president of Fidelity’s digital assets division explained, “We never saw a decline in interest or sentiment during the crypto winter.” The survey revealed that 47 percent of institutional investors view digital assets as “having a place in their portfolios.” The investors, who include crypto funds, also disclosed their preferred investment methodology. 72 percent prefer to
Read more
By -
Image
INTRODUCING "DEEP WEB" THAT LIES BEYOND GOOGLE   The entire expanse of the Internet, going well beyond what you surf every day, is only the tip of a massive iceberg, the size of which is too vast to be known. Far beyond searching the Web with Google or chatting with friends on Facebook, there’s a dense maze of websites that exist out of view, though for how long that will be true is unclear. When most users log on to the Internet, they visit their bookmarked pages or use Google to search for sites that can provide the information they’re looking for. That Internet, used by billions around the world every day, is sometimes known as the  Surface Web , or the Clearnet, as coined by Tor and other anonymous online users. The Deep Web, simply put, is everything else. It’s made up of tens of billions of sites that are hidden within a universe of code — various estimates have put the Deep Web at anywhere from five to 500,000 times the size of the Surface Web.
Read more