Do you trust Apple’s text messaging app to be and remain secure? I do not. I’ve come to the realization that security and privacy may well be a cherished notion of the past, but something not fit in a complicated, complex, and overly viral brave new world. Apple claims end-to-end encryption is built in to Messages (sometimes referred to iMessage) and that may be the case, but even then there are two loose ends that may be more difficult to tie up in a ball of real security.
What loose ends? The sender and the recipient. The way it works should be obvious. When you send a message it remains on your iPhone. When the recipient receives the message, usually it remains on their iPhone or smartphone.
See the problem?
Over the past few months I’ve tried other messaging applications ranging from the highly acclaimed Signal to the KakaoTalk and all I can say is “Apple does it right.” Messages is simple, mostly secure, with just the right blend of basic features, but having a video and audio walkie talkie component would be very handy.
Signal is considered among the best messaging apps and the new version does video messaging. Hero traitor Edward Snowden says Signal is the best. But he’s held captive by the Russians so should anything he says or does these days merit trust?
The benefit to Signal seems to be the open source peer-reviewed cryptographic protocols. Maybe that’s the way it should be or maybe it’s a ruse, but don’t expect Signal to have cute little animations that could be used as code (that’s what I do in Messages).
WhatsApp seems to be a good choice, too, but it’s owned by Facebook and only Google, F.B.I, C.I.A., NSA, and everybody in Russia and China track your online whereabouts more. WeChat is used by a billion or so earthlings, mostly in Asia, and it’s a Chinese app, so there’s that fearful consideration, too.
I devoted time to Line and Telegram and Wire, plus half a dozen other also rans that claim security but never divulge how much security is provided. They all have the same weakness at the ends of the secured message– sender and recipient.
One messaging app I found intriguing is Confide. It has Mac, iPhone, and iPad versions (as well as other platforms). It’s free. Messages are encrypted end-to-end. Big whoop, right? Except that Confide messages disappear once they are read. You can’t even take a screenshot on the iPhone. It handles text messages, photos and documents, and even voice messages.
Here’s the problem.
Only the folks that designed, build, and publish Confide know how it works. Unlike Signal, there’s no open source material for security industry peers to, well, peer through to see how good it does what it does, but I like the idea of a secure message that disappears when it’s read.
Still, the conclusion I’ve come to is that nothing is fully secure, including voice conversations, let alone all the supposedly secure ways we have to text one another. My own insecurities are matched by the insecurities of the devices and methods I hope would be secure.