A few years ago, Edward Snowden released secret NSA documents about their very aggressive massive data gathering efforts, spawned by the 9/11 terrorist attacks. It wasn’t until Snowden’s revelations that the general public learned of this massive data gathering effort.
The EFF has published a “Score card” with seven criteria one must consider when using these apps. The details of which are here:
https://www.eff.org/secure-messaging-scorecard
In it, most commercial and open source apps are featured and given a score based on these principles:
Is data encrypted in transit?
Is data encrypted so the provider can’t read it?
Can you verify contact’s identities?
Are past communications secure if your keys are stolen?
Is the code open to independent review?
Is security design properly documented?
Has there been any recent code audit?
Every app known by EFF gets one point for each of the above principles. About nine of these apps have a perfect score. They are:
ChatSecure and Orbot
CryptoCat
Pidgin - Off the record messaging for Windows
Signal and RedPhone - Android and iPhone
Silent Phone
Silent Text
Telegram Secret Chats
TextSecure
Though all of the above apps have a perfect scorecard, in this article, I will also write about the ones that don’t have perfect scores, and why you can still use them, under specific conditions.
Lets go back through the years and examine some of the apps that were available in the Pre_Snowden years, and review why you should not use them. Let's begin with the most popular application, Skype.
SKYPE
A long time ago, Skype was released to the world in 2003 by Niklas Zennstrom from Sweden and Janus Friis from Denmark. The software was created by Estonians Ahti Heinla and others. Public Beta copies were released on Aug 29, 2003. Skype supports conference calls, video chats and text chats. Calls are encrypted end-to-end initially, but that changed when Microsoft acquired it.
Skype was one of the first multi-platform VOIP and video call apps that worked on both Windows and Mac platforms. It was originally released for the Windows platform. The initial Mac release was quite buggy and unstable, but it was free. Skype started out quite small, but eventually became one of the most popular VIOP apps for free voice and video calls. Its biggest problem is that it is not Open Source, and instead us a proprietary model. In September of 2005, Skype was sold to eBay for $2.6 Billion. Skype also bridged the gap between normal telephone calls and VOIP. It was possible (provided you paid for it) to make calls from Skype to normal phone lines. Their international rates to land line phones are approximately 2 cents a minute, and domestic phone calls are flat rate, provided you pay a small yearly fee. Calls to Mobile phones are more expensive, and due to tariffs, can cost up to 30 cents a minute. As of late, they are less expensive, averaging around 10 cents a minute to mobile phones.
In May of 2011, before Skype was bought out by Microsoft, it was a peer-to-peer system, however since May of 2012, it is entirely powered by Microsoft “Power Nodes”. Before the Microsoft acquisition, on May 27th, 2011, Skype experienced a major outage that hit the internet community worldwide, regardless of the platform you used. It was believed that the cause was due to a major Microsoft upgrade where Microsoft's systems were overloaded. Shortly thereafter, Skype’s distributed systems were hammered and overloaded as well, and eventually everything was shut down.
It is alleged that just after Skype was hammered due to the outage, the NSA approached them, and pressured them to allow the NSA to read Skype texts and listen in on conversations. Again, this is not verified, but rumors do exist among the security community.
All Skype users were forced to download a new version, and the older versions were disabled. Obviously, NSA involvement is conjecture, but the timing appears to be spot on. A year later, Microsoft acquired Skype, and from May 2011 to present, Skype can not be trusted for secure computer to computer chats, voice or Video.
SIP applications
There are obviously a lot more VOIP apps out there, and once the SIP (Session Initiation Protocol) became in common use, a number of other applications were released. However, the implementations for the Mac lagged behind. Most of the Apps available were proprietary, and some took the liberty to diverge from the normal SIP protocol. An example would be X-Lite, which was not written as a native app, so it had a lot of “Baggage” and hogged resources on the Mac. There is still a lack of good SIP compatible apps out there, and the SIP servers used by these apps do not completely comply with the official SIP standards.
With the release of the iPhone and other smart phones, it didn’t take long for Skype to support them. Once people realized how aggressively the NSA works to “own” your conversations, and tap into your life, it didn’t take long for other applications to start appearing.
I’m listing these apps in order of my own personal discovery of them, starting with my first experience using secure apps.
Wickr
I was first introduced to Wickr in 2012. I had a very early OS on my iPhone, so newer apps wouldn’t run. Since Wickr runs on the earlier versions of IOS, it’s the one I recommend as long as you just want to use text communications. I do not find this limiting because IMHO most people seem to prefer texting rather then using full duplex telephony, which Wickr doesn’t support. According to recent reports, Wickr has a score of 5 out of 7, but according to my conversations with them, I think this might change. EFF states that Wickr is not open to independent review, and the security design is not properly documented, but they did send me this URL, which might address these two issues.
https://www.wickr.com/wp-content/uploads/2015/11/Wickr_Whitepaper_Final.pdf
The above white paper has no publication date, but I suspect this is pretty recent.
Wickr deploys end-to-end encryption, and until the message is read by the recipient, the message stays encrypted. Wickr cannot read it even when requested by law enforcement. Therefore Wickr is a good choice for privacy. Your Wickr password is not recoverable. However, if you lose your device and happen to remember your password, the entire profile can be restored to your new device. Which means messages can be decrypted now on both devices. There is a method to verify if your messages exist on two devices (if you trust Wickr servers), but this scenario points to keys actually being stored at the server level regardless of what the the documentation states.
Wickr was founded in 2012 by a group of security experts and privacy advocates. Nico Sell was the CEO until May 2015, when she became the co-chairman of the Wickr Foundation.
One of the best features of Wickr is the ability for it to set an expiration date of encrypted messages decrypted locally on your phone. So if your phone falls in the wrong hands, all your decrypted messages are deleted within a specified time, specified in individual message settings.
Wickr generates a new key for each message you send, so no one can decipher messages except the recipient, not even Wickr or the NSA.
As of December 1st 2015, Wickr has passed a recent independent security audit. This shouldraise their score to 6, assuming EFF’s final review.
Wickr employs the Industry standard AES256 Encryption protocol to secure your data. Another Scrambler is deployed to protect header parameters, between the App and the servers, so not even MetaData can be extracted. This is due to the multiple layers of encryption, making it one of the best (and most prolific) apps out there. Wickr not only runs on Android and iPhone, but it also runs on laptops, desktops, Linux (Ubuntu, I think), as well as Microsoft and Apple OS.
All user content is forensically wiped from the device after it expires. Your Unique Device Identifier is never uploaded to the Wickr servers, and all user communications are cleared of any MetaData, thus the NSA cannot even know who you talk to.
A complete description of whats under the hood is fairly complex and out of the scope of this article, but this link
https://www.wickr.com/wp-content/uploads/2015/11/Wickr_Whitepaper_Final.pdf
gives a much better and very technical details on how it works for those interested.
Wickr has a "Bug Bounty" program that offers rewards to those who can hack it. But other than some minor forensic issues that have been found and fixed none have been found.
Wickr is one of the most prolific apps out there, and reaches a very wide audience of users. This was one of the first Apps I became familiar with and is still one of my MAIN means of communication. I take Wickr incoming messages first before checking any other instant messaging protocol.
Wickr is FREE to download and to use. Wickr also takes a very small data usage “footprint” for Text. For voice, wickr can “store and forward” voice messages up to one minute, and Video message up to 10 seconds. Wickr is also just as easy to use as SMS messages and other Apps. Unlike PGP, where new users find it daunting to manage public keys for the individuals they want to contact, PGP is a lot more robust and has a lot of additional features. But for people who wants to communicate privately using text, or leaving short audio messages, it’s excellent for most people, and runs on just about anything.
There were times I wanted to contact some of my friends visiting China, and it appears to be blocked in China in some places, so using VPN services like Golden Frog or Vyper VPN does work, but China seems to be pretty good at shutting down Golden Frog at times. It’s not blocked everywhere.
Telegram
Telegram is a messaging app, very easy to use, focusing on speed and security. Its simple to use and free. It’s available on Android, IOS (iPhone), Windows Phone, Ubuntu, Windows Desktop, Mac Desktop, and Linux. It can exchange photos, text messages, video, and files up to 1.5 GB in size. It provides end-to-end encryption with self destruct timers. It was written and supported by the Russian born entrepreneur Pavel Durov. The Client side is Open Source, but the server side is proprietary. Pavel, was working for a Russian social network (VK) but had to leave after it was taken over by Russian government.
Telegram is based on the MTProto protocol developed by Nikolai Durov, funded by the Digital Fortress fund. Telegram is registered LLC in the UK and USA, and does not disclose where it rents their offices citing the need to “Shelter the group from outside influences”.
The service says it’s headquartered in Berlin Germany, but in actuality, it has no “Headquarters” in a normal sense, but it is widely used in the EU, especially Germany, with a lot of use in South Korea. The application now has approximately 60 million active users.
Telegram is tied to Telephone numbers, and verified by SMS or a phone call. A user can add multiple devices on receives messages on each one. A user can also setup an alias that allows them to send and receive messages anonymously. Telegram has a unique feature called “Secret chats”. These chats have to accepted by an invite, upon which the chats encryption keys are exchanged. It deploys Perfect Forward Security, and can be setup for Auto-deletion. NOTE: There is Normal text messaging that is not secure, so always “invite” your contact to use it, and exchange keys. Using Secret Chat, Telegram is 7 out of 7 (Perfect score from EFF).
Telegram uses a symmetrical encryption scheme called MTProto, where one of several layers of encryption uses AES256, the industry standard.
https://core.telegram.org/mtproto
describes more details on this protocol.
In Dec 2015, two researchers Aarhus Univ. published a report that demonstrated MTProto does not achieve Indistinguishability, this means that is possible to turn any Ciphertext into a different cipher text that decrypts to the same message, but experts don’t see any way of turning the attack into a full plaintext recovery attack, but this is something to consider.
Telegram is licensed under the GNU General Public License Ver 2 and 3. In June 2015, Telegram launched a platform for 3rd party developers to allow developers to embed it’s features into other applications, as well as offer a Web App that supports FireFox, Safari, and Google Chrome.
The EFF lists Telegram as a 4 out of 7 on it’s score card, unless they use “Secret Chats”. Points like Having encryption in Transit, Open source for public scrutiny. Telegram’s default chat function is missing points because the communications are not encrypted with keys the provider doesn’t have access to, so users can’t verify contact’s identities, and past messages are not secure if the encryption keys are stolen.
Like any of these apps I wrote about, it is obvious they are used by terrorists, but in Sept 2015, Telegram’s Pavel Durov stated he had no issues with terrorists using the software, as it is well known, they (the evil ones) already have a wide choice of other encryption software to use. Although Telegram has been recommended for use by ISIL, in Nov 2015, Telegram announced they had blocked 78 public channels operated by ISIL, which were used to spread propaganda and mass communication, however they do support free speech and expression.
Telegram, like Wickr, is just as easy to use as SMS text, but there is just a little bit of complexity when first getting setup to use it. After downloading, the user is requested to enter in their phone number, which they will call or text you back with a confirmation code, then after entering the code, you have your account. Also, it offers you the option to tie it to your contact list, so if any other contacts you have in your list, they will appear in the Telegram’s contact list, and identify others in your list that can receive Telegram messages.
There is one thing you should know about Telegram, is that they do store all normal messages on their servers, with the exception of “Secret chats” which are OTR, as long as you negotiate an “Invite” to one of your contacts to use it.
Their servers are proprietary. This is most troubling, because not knowing anything about their servers, then how can you trust them. Whereas Wickr, does not store individual messages on their server, and are thus OTR (Off the record).
When it comes to Storage, Telegram’s regular chat are LESS secure than WhatsApp. But Telegram’s SECRET chats are far more secure than WhatsApp. Telegram uses an open non-standard protocol, and is not designed by Cryptographers. Besides the Protocol issues, the app itself is not very secure. In Feb 2015, Zimperium published a detailed analysis
https://blog.zimperium.com/telegram-hack/
describing Telegram’s local vulnerability, allowing the attacker to get full access to plain text messages. The Telegram team never responded to their vulnerability notification.
Facebook acquired WhatsApp, their policy regarding message storage may change, as Facebook’s main revenues relies on data mining. Telegram is non-profit, but they are backed by vk.com, a popular social network primarily used in Europe, Russia, and other countries.
So, as far as TRUST factor is concerned, I rate Wickr just a notch above Telegram, especially since they don’t store a lot of info on their servers, other then to negotiate a connection between clients long enough to pass messages.
Signal
Signal is developed by Open Whisper systems, is published by the GPLv3 license, and is Open Source. On the Android, Red Phone and an encrypted texting program called TextSecure, are all wrapped up into a single App, and has recently become available on iPhone. In Nov 2015, TextSecure and RedPhone were rolled into one app available on the Android, and iPhone called “Signal”.
In Nov 2011, Whisper Systems announced that it had been acquired by Twitter. Shortly after the Acquisition, Whisper systems Red Phone service was made unavailable. After much criticism, Twitter released TextSecure as Free and Open Source software, and Red Phone became available again in July 2012. Signal was the first IOS app to enable easy. and strongly encrypted voice calls for free. After a call is connected, special key words are present to confirm the identity of the person you are talking to, which helps identify “Man in the middle” attacks.
I’ve used Signal all through Europe, and it was the ONLY way I could contact the key TOR User people in Berlin while I was in Germany. It barely works on a 3G connection, but European Cell phone providers do not allow pre-pay service on 4G or LTE, at least not until the iPhone 6 was released. So, you are better off using it on a WIFI connection. It does work on the newer and faster speed european cellular networks, and it even works in China.
All communications to other Signal users are automatically end-to-end encrypted. The keys that are used to encrypt the user’s communications are generated and stored at the endpoints (IE: on the device, and not the server). Signal implements perfect forward security.
Signal displays two words on the screen, if the words match on both ends, the call is secure. For messages, signal users can compare key fingerprints or QR codes “Out of band”.
Signal require that the user has a phone number for verification, the number does not have to to be the same as on the device’s SIM card, it can also be a VOIP number. However it should be noted that even hashed this number does allow for possible gathering of meta data.
Signal is OTR (Off the record), and voice calls are encrypted with the RedPhone protocol, based on ZRTP, the voice encryption protocol developed by Phil Zimmerman of PGP fame.
Signal does not leave Metadata about who called who and when because the servers do not keep call logs. The server does NOT have direct access to the users contact list. Crypto hashes are used to determine which user, and uses SHA256 hash codes for identifying individual users. However, in order to run it also requires full access to your contact list. It checks numbers in your contact list against the Signal servers to see if they have a Signal account. Previously this was not required but in newer versions it is. So you must be aware that even if your communication is encrypted, your meta data can be collected. Anyone monitoring the Signal servers could gather this data even if Signal it's self is not storing it.
Remember that even hashed a 10 digit number is not that hard to crack as there are a limited number of phone numbers. I find it interesting that contact list access is required when it would be easy enough for people who know each other to exchange signal ID's out of band and maintain them in a signal contact list. I also find it significant that a verification text is required to be sent to a phone number. This alone speaks of monitoring regardless of what the documentation says.
I am sure like all other encrypted apps pressure has been applied to them by the NSA
To partially bypass this problem get a throw away phone. Use that number to register Signal. Then ditch the phone.
After that only install it on a device that is not a phone like a tablet and make sure the contact list is empty except for other people who use signal with you.
Even in that environment some meta data can be collected but at least it will be more difficult. And of course both parties need to do this not just one.
The complete source code of the Signal client s
oftware for IOS and Android is on Github and is free software license.
Signal received a perfect 7 out of 7 in EFF’s secure messaging scorecard, and is recommended for use by Edward Snowden. In June 2012, the NSA deemed RedPhone as a MAJOR THREAT to it’s mission, and was called “catastrophic” in the eyes of the NSA.
In March 2015, Edward Snowden said that Signal is “Very good” and that he knew the security model, and strongly recommends it.
So, in my humble opinion, Signal is the one to use, but personally, I have ALL of the secure apps on my iPhone, just because certain people prefer certain secure apps.
Chadder
Chadder was launched by John McAfee of Anti-virus fame. Like the other Text messaging apps, Chadder uses ECDH with SecP256k1 to derive a 256 bit key, AES256 bit encryption in all messages and pictures within a conversation. Pictures are encrypted with a key, which is stored in the original message, then encrypted.
User data is stored on the device using SQLCipher, a main database contains necessary contents for every user logged in on that device, and is encrypted with a static key.
The server only stores users, devices, and relationships who is friends with whom. Can you say METADATA? Messages are destroyed after the device Server client communication is performed using ASP.NET Web API and SignalR over SSL, ready for a client custom implementation.
Like Wickr, Chadder has a feature to automatically delete the decrypted messages on your phone. Chadder is new, so doesn’t have a large user base yet. I did download it to my iPhone, but lack a lot of people who use it. Chadder doesn’t seem to allow connection to my address list. There is little information on Chadder, ad as of yet, they have not contacted me.
WhatsApp Messenger
This is a proprietary cross-platform Instant messaging client for smart phones under a subscription business model. Users are keyed to their Phone number. It allows for free phone calls over the internet, as well as text. As of Sept 2015, the user base is up to 900 million. WhatsApp was acquired by Facebook on Feb 19, 2014. I might add that the quality of the call is excellent, far exceeding that of Cellular service.
WhatsApp uses a customized version of XMPP (Jabber), [phone number]@s.whatsapp.net
WhatsApp follows a “store and forward” mechanism for exchanging messages between 2 users. When a user sends a message, it first travels to the WhatsApp server where it is Stored, so WhatsApp is NOT OTR (Off the record), which means it can be intercepted by law enforcement, hackers, etc. But as soon as the receiver acknowledges receipt of the message, it is no longer available in database of server. In May 2011, a security hole was reported which left whatsApp user accounts open for session hijacking attacks.
On Nov 18th 2014, Open Whisper Systems announced a partnership with WhatsApp to provide end-to-end encryption by incorporating the encryption protocol used in their TextSecure application. The secure protocol was implemented for android-to-android messages, but messages to and from iPhone are still not end-to-end encrypted.
As of Dec 1, 2015, WhatsApp has a score of 2 out of 7 in the EFF secure messaging scorecard.
Another major security concern was that WhatsApp required users to upload their Mobile Phone’s entire address to WhatsApp servers. This is very troubling, because you now have no control over your private address list, and since WhatsApp was bought out by Facebook, who knows who has your contact list.
IMHO, I would assume that WhatsApp still has a number of vulnerabilities, and that the NSA is fully exploiting these vulnerabilities. Although it’s nice for making FREE phone calls, I wouldn’t trust it as far as I can throw it, although I still have it on my iPhone, I use it ONLY for insecure communications. And since it is proprietary, bug fixes take longer.
LINE
Line is based in Japan. More recently, it brings end-to-end encryption for voice and video, but not text based messages. Line declares that is does not share user data with government of Thailand. LINE has NO EFF Score at present, but for voip calls, and video calls, assuming you don’t care about privacy, it’s pretty good privacy, and I use it to talk to my friend for free in Thailand. There is no published data on the method of encryption LINE uses, or whether or not it is OTR.
Asians really get off on Emoticons, and LINE sure has a huge supply of them, and shows the Asian mindset. It appears that LINE is marketed towards gamers, and young people.
Line was designed by 15 members of NHN Japan a subsidiary of the Korean Internet search giant Naver, from their WIKI entry. It was first launched in Japan in 2011, reaching 100 million users within eighteen months and 200 million users only six months later, so it has a huge user base, mostly in Asia. I first heard about it when my old friend and partner living in Thailand told me about it, and we had some pretty good conversations over it. In 2013, LINE became Japan’s largest social network, but was developed for the iPhone and android initially. Line has a hidden chat feature, which can hide and delete a chat history after a time set by the user.
Line accounts can be accessed on only one mobile device (running the app version), plus one personal computer (running the version for those). Additional mobile devices can install the app but require different mobile numbers or e-mail addresses for the Line account.
Line security is abysmal at best. it was possible to intercept a LINE chat session at the network level using packet capture software and to reconstruct it on a PC.
Line is not listed in EFF’s scorecard, nor do I trust it.
Messages were sent in clear text to LINE’s server when on cellular data but encrypted when using Wi-Fi most of the time. In October 2015, LINE Corporation announced that they would be deploying end-to-end encryption as an opt-in feature for LINE users. But I don’t see this option in my version, so I presume an update has not yet been released. Line suppresses content to conform with government censorship in China.
Viber
Is yet another VoIP application it a huge list of products for the smart phone. Viber was developed by Viber Media. Viber is available for Apple iOS, Android, BlackBerry OS, Nokia Series 40, Symbian, Bada, Windows Phone, Mac OS, and Microsoft Windows. Viber works on both 3G/4G and Wi-Fi networks. Viber has over 100 million monthly active users from its 280 million global registered users, according to WIKI.
Viber was founded by four Israeli partners: Talmon Marco, Igor Magazinnik, Sani Maroli and Ofer Smocha, with Marco as its CEO.
According to WIKI, On November 4, 2014, Viber scored 1 out of 7 points on the Electronic Frontier Foundation's secure messaging scorecard. Vibes lost points because communications are not encrypted with a key the provider doesn't have access to (i.e. the communications are not end-to-end encrypted). Users can't verify contacts' identities, past messages are not secure if the encryption keys are stolen.
The quality of calls is far better then cellular, provided you have the bandwidth to support it. Viber also allows calls to POTS (Plain Old Telephone service), called Viber Out. Calls to landlines and non-Viber mobile phones around the world are charged at varying rates per minute, requiring users to buy credit.
Threema
More popular in Europe then Asia and the USA. It rates 6 out of 7 on EFF’s Score card, failing on the fact it is not open source.
In my travels to Germany, I found a lot of people referring to it. Threema is developed by the Swiss company Threema GmbH. As of June 2015, Threema had 3.5 million users, most of them from German-speaking countries.
In Summer 2013, the Snowden leaks helped create an interest in Threema, boosting the user numbers to the hundreds of thousands, not surprisingly. But I argue with my German friends that due to it not being Open Source, it’s not the best.
Threema uses a user ID created after the initial launch of the application. It is possible to find other users by phone numbers if the user allows the app to synchronize their address book. face to face contacts can be verified by QR code when they meet. The QR code contains the public key for the user.
Threema uses end-to-end encryption. During the initial setup, a public/Secret key is generated, where the public key is sent to their server, where the private key is stored on the owners device. Once a message is delivered to the recipient, its deleted from their servers. The Encryption is based on the open source library NaCl library. Threema uses asymmetric ECC-based encryption, with 256-bit strength. According to WIKI, Threema was ranked first in a study evaluating the security and usability of instant messaging encryption software, conducted by the German PSW Group in June 2014.
In Conclusion
Obviously, there are a lot more Secure apps, and most of these I’ve written about, I’ve had personal experience with. I’m sure more and more will be available as long as our government is using Mass Surveillance. And most importantly, I don’t believe the malarky that if people aren’t doing anything illegal, they have nothing to worry about.
A lot of peoples lives are private. Conversations with your kids and family, sending passwords to those that need it, financial details, your location (which in these days and times may be hard to mask). But you can always turn off your phone if you are going to places you don’t want your adversaries to know about. Perhaps I can dig up some information on that for a future article.
コメント