The Electronic Frontier Foundation (EFF) today released a report examining three dozen messaging services and ranking them based on what it deemed are seven “security best practices.” While Apple scored the best among what the EFF called “mass-market options”, it didn’t do as well when compared to all 36 messaging services included in the report. Specifically, EFF noted Apple’s iMessage and FaceTime services failed to offer “complete protection against sophisticated, targeted forms of surveillance.”
Apple’s iMessage and FaceTime products stood out as the best of the mass-market options, although neither currently provides complete protection against sophisticated, targeted forms of surveillance. Many options—including Google, Facebook, and Apple’s email products, Yahoo’s web and mobile chat, Secret, and WhatsApp—lack the end-to-end encryption that is necessary to protect against disclosure by the service provider. Several major messaging platforms, like QQ, Mxit, and the desktop version of Yahoo Messenger, have no encryption at all.
EFF used the following criteria in ranking the messaging services:
-Are messages encrypted in transit? -Are communications encrypted so the provider can’t read it? -Can you verify contacts’ identities? -Are past communications secure if your keys are stolen? -Is the code open to independent review? -Is security design properly documented? -Has the code been audited?
As highlighted in the graphic above, Apple’s iMessage and FaceTime services didn’t meet the criteria for making it possible to “verify a contacts’ identity,” as well as for not allowing independent reviews of its code. The top spots actually go to several services that met all of the criteria including ChatSecure, CryptoCat, Signal/Redphone, Silent Phone, Silent Text, and TextSecure, which were able to meet all of the EFF’s criteria for security practices.
You can check out the EFF’s full Secure Messaging Scoreboard report here.
FTC: We use income earning auto affiliate links. More.