21 October 2014

Encrypted Chat Apps: Which is Best?


It’s been said that sending an email is like sending a postcard—you should assume that it’s viewable by many others. While this is true, it’s only true because trusted third parties—that is, the email providers—have been discovered to either be viewing message contents themselves, or revealing them to additional third parties (e.g. governments or advertisers). It’s a classic result of the “problem of trust.”


For those of us who value privacy (and privacy isn’t just for people with “something to hide”), it’s become necessary to go one step further in our communication: encryption.


Encryption is a mathematical process, and it’s one of the features that makes the Bitcoin blockchain secure against attackers. In addition to the blockchain, encryption can also be used to secure the contents of a simple message. If you know what a Bitcoin payment address looks like, then you know what an encrypted message looks like: gibberish (also called “cyphertext”).


The encryption of emails, however, is notoriously difficult. In fact, it’s been reported that when Edward Snowden was preparing to send his leaked NSA documents to The Guardian, he first had to make a 12-minute instructional video on email encryption for recipient Glenn Greenwald.


Private communication is beholden to the “network effect”—that is, the more people who use it, the more valuable it is (just like Bitcoin). When trying to communicate securely, you’re not likely to get many takers if you and everyone you know have to be confused by a 12-minute video first. That’s where far easier to use encrypted chat apps come in.


An explanation of my review criteria:


Open Source: Ideally, an encrypted chat app (or any software, for that matter) will be completely open source. This means that all the code used in the program is published and available for review and even improvement. This is also the only way to ensure that a given program really does what it claims to do and nothing more. It’s the only way to ensure that there are no “backdoors” in the software. Backdoors are pieces of code that would allow the developers to access your private information without your knowledge.


Information Required: You may know the feeling—you make it all the way through a website with a single goal, only to get “infowalled”: you’re required to create an account and give a bunch of personal information before proceeding. It’s annoying and decidedly non-private.


Peer-to-Peer: Part of the beauty and strength of peer-to-peer software is that it removes a central server as a single point of failure (or corruption). Bitcoin and all cryptocurrencies are peer-to-peer, and some encrypted chat apps are, as well.


Here are the (current) best and brightest in encrypted chat apps (click table to enlarge):


encrypted chat apps


[Gliph, Telegram, Bitmessage, Tox, TorChat, TextSecure, surespot]


As a final note, it’s worth mentioning that there is also an encryption protocol called OTR (Off-The-Record), which can be applied to several popular instant messaging clients including Facebook and Google Talk. There are many providers of OTR.


So stop sending all your messages on the equivalent of postcards. Download an app or two listed above, tell all your associates about it, and take back the joy that is unobserved human communication.


Oh, and did I mention? All of these apps are free.



October 21, 2014 at 06:17PM