We send a lot of communication over messaging services that send a few characters of text per message. Have you ever considered how easy (or difficult) it would be for someone to spy on these communications? What if the messaging service provider wanted to spy on you? The Electronic Frontier Foundation (EFF), a non-profit organisation dedicated to “civil liberties in the digital world” has some answers.
The EFF has checked a number of messaging apps against security concerns. It continues to update the list as the app owners / developers make updates to the respective apps. Things that you might want to watch out for: Skype, Whatsapp, Facebook chat and Snapchat are all built with their customers’ security and privacy as afterthoughts. Even the once-popular Blackberry Messenger is terrible at security.
The page explains each criterion in detail. I shall explain two of them right here: “Encrypted so the provider can’t read it” – consider the fact that Google scans through your conversations to know what advertisements to serve you. How about the fact that any of these providers could be served with a subpoena to have a conversation of yours made available. Properly encrypted, this becomes impossible.
“Is the code open to independent audit” – it is possible to make the claim that one has built a secure system. It can be verified that the system is reasonably secure only if the code is open to investigation by independent parties. Trusting the maker to have done it right is not something that we do in the security world.