The Electronic Frontier Foundation (EFF) has tested a range of call and messaging services, like WhatsApp and Facebook Messenger to find out which are the most secure and private. In the wake of the various government spying and criminal hacking scandals, it’s good to know which apps make life tough for snoops, and which are an open invitation to invade your privacy.
We took a look at the EFF’s list, and have boiled it down to the best and worst messaging apps around. Sadly, it seems most of us don’t choose communication apps based on security.
Each app is tested on 7 criteria:
Is your data:
– Encrypted in transit?
– Encrypted so the provider can’t read it?
– Can you verify contacts’ identities?
– Are past communications secure if your security keys are stolen?
– Is the app code open to independent review?
– Is security design properly documented?
– Has the code been audited?
Top secure messaging apps:
All of these have a perfect result 7/7 from the EFF, meeting every criteria.
Perhaps the most flexible of them all, Cryptocat is available on Chrome, Firefox, Safari, Opera, OS X and iOS. There was a Kickstarter campaign to create an app for Android, but it didn’t meet its goal.
Signal / RedPhone / Textsecure
These free call and chat apps are all made by Whisper Systems, and get a top rating from the EFF. Signal is an encrypted call app available on iOS, while RedPhone offers the same for Android. TextSecure is for Android, and offers encrypted messaging.
Silent Phone / Silent Text
These are apps by Silent Circle, allowing you to make encrypted phone calls and send messages on iOS and Android. The apps are free, but require a subscription to use them. It’s worth remembering that often ‘free’ means you are actually paying for a service with your data, so there is some comfort in paying cash instead.
The biggest apps don’t score highly
WhatsApp, Facebook, Skype and Google Hangouts all score 2/7. None of them leave your communications secure if someone gets access to your security key or password. They are not the worst offenders, but are still very weak in terms of privacy and security.
Here are the worst performers
These apps meet either zero or just one of the EFF security criteria:
Secret, which bills itself as a secret way to post messages, is perhaps the worst offender here. The others don’t make such strong privacy claims, but Secret does, so it’s particularly worrying that it fails to meet almost all security criteria.
Source: Electronic Frontier Foundation
Follow Jonathan on Twitter: @jonathanriggall