(In)Secure Messaging

Criminals, government officials and privacy conscious citizens share a fondness for secure communications.

Users of secure messaging apps may be plotting election campaigns, planning terrorist acts, conspiring other illegal activities or simply require some assurance of confidentiality in their lawful and well-intended communications, and fulfil their human right to privacy online.

Secure messaging apps, also known as encrypted messengers, have grown in popularity. The demand has tremendously increased following the Snowden revelations in 2013. The demand is fuelled by concerns over government mass surveillance programs, state sponsored espionage, snooping from ISPs, intelligence and law enforcement agencies, and simply by a rightful appetite for privacy.

Secure Messaging Apps

Secure messaging apps are often used in the form of mobile apps that essentially provide a means to communicate with instant messages, voice or video in a format that is encrypted end-to-end. The end-to-end encryption means that only the legitimate parties of the communication can decrypt the messages destined to them. No other parties, not even the developer of the apps, should be able to eavesdrop in communications. Some apps provide additional controls such as message expiry (i.e. self-destructing) and progressive reveal to reduce the risk of screenshots.

There is a wide and growing number of secure messaging apps available, such as Signal, Wickr, Confide, WhatsApp, SudoApp, ChatSecure and Telegram just to name a few. Most of them are free.

Encrypted Political Turmoil

Some top government officials fervently use secure messengers amongst themselves, at the risk of breaching regulations and arguably at the risk of putting their nations at risk. Yet, some of those fervent users also ironically lobby for a crackdown on encrypted communications.

“We need to find a way to have an encrypted messaging service that is not encrypted by the United States or Russia”, French government spokesperson.

The French government finds no further appeal in free and foreign encrypted messenger apps such as WhatsApp, owned by Facebook which privacy practices have been severely exposed and questioned (e.g. Cambridge Analytica case), and Telegram, an app based on a proprietary encryption service created by a Russian entrepreneur and reported to be pressured by Russian government entities.

The French government is resisting, and it is taking the lead in protecting the communication of its officials and public servants.

Macron, the French president, has reportedly grown fond of the Telegram app, which he would have used to securely communicate with his inner circle to plot his rise to power and his presidential election campaign last year. Reuters reports that since then, most of Macron’s lawmakers would have joined the app and Macron himself could often be seen online on Telegram.

However, Reuters reports that the French government has identified a key risk on the protection of its communications. None of the world’s major encrypted messaging apps are based in France and would raise the risk of data breaches at servers outside France. Privacy concerns have grown, and security tools installed on French officials’ work smartphones would now prevent the use of apps such as WhatsApp or Telegram.

The French government still acknowledges the need for secure communications, but within risk tolerance. France is now building its own encrypted messenger service and app, to ease fears that foreign entities could spy on private conversations between top officials.

Reuters reported that about 20 French government officials and top civil servants would be testing the new app which an anonymised state-employed developer would have designed based on open source technology, with the aim that its use will become mandatory for the whole French government by the summer of 2018. The upcoming app is also considered to be later available to all French citizens.

A French government spokesperson also commented that: “We need to find a way to have an encrypted messaging service that is not encrypted by the United States or Russia”, and “You start thinking about the potential breaches that could happen, as we saw with Facebook, so we should take the lead.”.

French government officials are not the only politicians having grown fond of encrypted messengers and to be scrutinised for it.

In the Land Down Under also known for its ambiguous definition of communication metadata (Brandis) and where the laws of cryptographic mathematics would not prevail (Turnbull), the government has been grilled over the subject.

“Turnbull government risking national security, cabinet material by using WhatsApp”, Dreyfus (2016).

In March 2015, the ABC reported that Turnbull, at the time Communications Minister, had confirmed he used secret messaging apps including Wickr and WhatsApp for being “superior over-the-top messaging platforms”. Anecdotally, Business Insider Australia reported a few months later that Wickr downloads had increased by 700% following news that Turnbull was using it.

However, in October 2016, Mark Dreyfus alleged that the Turnbull government was risking national security by using WhatsApp for communications supposedly involving cabinet material. The government was reported to be grilled on the subject. Dreyfus added that the government was “treating security with contempt”.

At the time, the Australian Signals Directorate (ASD) was reported to advise that “encrypted over-the-top applications such as WhatsApp provide users with significant amounts of privacy” and that they had no concerns with such applications being used for unclassified communications, but only unclassified information.

The Office of the Australian Information Commissioner (OAIC) had also warned Federal ministers that their smartphone app messages could be released publicly under Freedom Of Information (FOI): “All communications or records of a minister which relate to his or her duties are potentially subject to FOI” and added the case applied independently as to whether the communications were transmitted via a government or non-government server.

The applicability of enforcing such a FOI request involving encrypted messengers would certainly remain to be seen.

In the USA, the Wall Street Journal podcast An App All the Rage Among Hack-Fearing Politicians reported in January 2017 a similar trend with the mobile app Signal used by top US politicians for the same reason as in Australia and France. Trump and aides were mentioned in the podcast. The download of the Signal app was also reported to increase by 400% during the 2016 USA presidential elections and was even further boosted following the DNC email server hack. In addition, Wired reported in February 2017 that Confide was also a popular encryption app amongst white house staffers and that the app would help in leaks and in breaking the law.

Australian, French and USA top government officials can rightly be scrutinised over using non-government-vetted secure messaging apps to communicate amongst themselves to mitigate risks of eavesdropping and politically damaging leaks. It would certainly seem that the option is better than using emails for them (lessons learnt from the DNC hack).

However, the issues include:

1. Complying with relevant data protection government requirements, especially for cabinet material and other classified data; and
2. Complying with Freedom Of Information requirements.

While avid seekers of secret instant messaging communication for themselves and their teams, and at the risk of breaching the data protection regulations of their own countries, Turnbull, Macron and other worldwide government leaders are lobbying for a crackdown on encrypted messengers to prevent terrorists, bikies and other criminals to evade intelligence and law enforcement monitoring.

For example, the idea of selective banning for secure messengers is making headways in Australia. In New South Wales, bikie gangs have been reported to using apps such as Snapchat for encrypted communications and evade law enforcement monitoring. Developing landmark crime prevention orders against 10 bikies would include a provision to forbid them the use of any encryption in communications.

The enforcement of such provisions would present challenges. After all, the laws of mathematics are universal and mainly open source, even in Australia.

How Private?

In my opinion, privacy is a dark side of secure messengers.

When so quickly installing and using secure communication apps, one may feel like entering a privileged super-private zone where we can freely and carelessly communicate, for free.

I would argue that there is no such thing as a free privacy and it is always a good idea to read apps’ privacy policies.

All private communication apps have their own specificity, in features, in how they secure messages, in being open-source or not for example. They however all have something in common. While the apps’ providers may not be able to know the content of the messages you exchange, being encrypted, they gather information about their users, including for example:

• Your personal information on registration (email address, phone number, etc.);
• Who you communicate with and additional metadata on your communications (e.g. date & time);
• Your address book (everybody in your contacts list); and
• A whole raft of other data.

The Confide app privacy policy includes:

• “When you access and use the Service, you will be asked to grant us the right to collect the data stored in the address bookon the Device from which you are accessing and using the Service…” – The policy then mentions the information is stored in an anonymised form, but it does not stipulate any controls or constraints on further processing the data; and
• “Like most organizations,we rely on automatic data collection …when you visit our Website or use our Service. These technologies may collect information on our behalfsuch as IP address…information about your device…”and a long list of other data.

The Confide Privacy Policy gave me a shiver, but to Confide’s credit their privacy policy is very well written, very clear and very easy to find. It is probably the clearest privacy policy I have come across amongst the secure messenger app providers that I have checked.

How Secure?

“Secure Messaging? More Like a Security Mess”, EFF

Erica Portnoy from the Electronic Frontier Foundation (EFF) argues that it would be challenging to achieve a consensus on what a “secure” messenger must provide, because people’s and community’s security needs are different. She also adds that “a messenger that’s perfectly secure for every single person is unlikely to exist”.

While the EFF does not provide any app benchmarking (which would be great), Portnoy identifies the following key criteria:

1. End-to-end encryption;
2. Code quality;
3. User experience; and
4. Service availability.

“There’s a big difference between the theoretical and practical security messengers provide”, Portnoy

Portnoy argues that encryption is the easy part because most algorithms are standards and using one or another of the key algorithms would not make much of a difference. However, the other criteria are hard to perfect. Programmers may make mistakes when translating the encryption math into actual code for the secure messaging apps.

In addition, Portnoy refers to examples of poor practices that may completely bypass the good security of encryption algorithms, such as apps storing conversation history unencrypted in the Cloud or not having secure auto-updating to patch vulnerabilities.

She also advocates for apps with:

• High popularity;
• Alias, and not phone numbers, as user identifier;
• Indicative of compromise; and
• Fingerprint verification to get assurance on the other person.

Conclusion

Whether you are a president, a prime minister, a criminal or a law-abiding citizen valuing your right to privacy online, secure messengers can provide you with a great means of communicating securely and privately, but only to a degree.

I personally look for secure messengers that minimally provide:

1. End-to-end encryption;
2. Satisfactory privacy policy (to my satisfaction);
3. Open source code;
4. High popularity; and
5. Self-destructing messages.

I would further value secure messengers originating from countries where privacy regulations are stronger, such as in the EU, and from home countries.

 

Featured Image, Photo by Rachit Tank on Unsplash