Encrypted communication used to be too complicated for mainstream use, but approachable apps like WhatsApp and Signal have become a no-brainer for digital privacy. With all of their security-minded features, like disappearing messages and identity-confirming safety numbers, secure chat apps can rightfully give you peace of mind. You should absolutely use them. As the adage goes, though, there's no such thing as perfect security. And feeling invincible could get you in trouble.
WhatsApp was a messaging app first and added the security features later on. Signal was all about security first. Because of this, WhatsApp has more now-traditional chat features.
End-to-end encryption transforms messages into unintelligible chunks of data as soon as a user presses send. From there, the message isn't reconstituted into something understandable until it reaches the receiver's device. Along the way, the message is unreadable, protected from prying eyes. It essentially amounts to a bodyguard who picks you up at your house, rides around with you in your car, and walks you to the door of wherever you're going. You're safe during the transport, but your vigilance shouldn't end there.
'These tools are hugely better than traditional email and things like Slack' for security, says Matthew Green, a cryptographer at Johns Hopkins University. 'But encryption isn’t magic. You can easily get it wrong. In particular, if you don’t trust the people you’re talking to, you’re screwed.'
On one level it's obvious that both you and the person you're chatting with have access to the encrypted conversation—that's the whole point. But it's easy to forget in practice that people you message with could show the chat to someone else, take screenshots, or retain the conversation on their device indefinitely.
Former Trump campaign chair Paul Manafort found this out the hard way recently, when the FBI obtained messages he'd sent over WhatsApp from the people who received them.
'Encryption isn’t magic. You can easily get it wrong. In particular, if you don’t trust the people you’re talking to, you’re screwed.'
Matthew Green, Johns Hopkins University
In another current investigation, the FBI was able to access Signal messages sent by former Senate Intelligence Committee aide James Wolfe, and had at least some information about the encrypted messaging habits of New York Times reporter Ali Watkins, after the Justice Department seized her communications records as part of a leak investigation. Though it's unknown how the FBI gained access to these encrypted chats, it wouldn't necessarily have taken a crypto-breaking backdoor if investigators had device access or records from other chat participants.
You also need to keep track of how many devices you've stored your encrypted messages on. If you sync chats between, say, your smartphone and your laptop, or back them up in the cloud, there are potentially more opportunities for the data to be exposed. Some services, like iMessage and WhatsApp, either have cloud backups enabled by default or nudge users toward it to streamline the user experience. Manafort provides a useful illustration once again; investigators accessed his iCloud to access some of the same information informants gave them, as well as to glean new information about his activity. The chats were encrypted in WhatsApp; the backups were not.
'Digital systems strew data all over the place,' Green notes. 'And providers may keep metadata like who you talked to and when. Encrypted messaging apps are valuable in that they tend to reduce the number of places where your data can live. However, the data is decrypted when it reaches your phone.'
That's where operations security comes in, the process of protecting information by looking holistically at all the ways it could be obtained, and defending against each of them. An 'opsec fail,' as it's known, happens when someone's data leaks because they didn't think of a method an attacker could use to access it, or they didn't carry out the procedure that was meant to protect against that particular theft strategy. Relying solely on these encrypted messaging tools without considering how they work, and without adding other, additional protections, leaves some paths exposed.
'Good opsec will save you from bad crypto, but good crypto won't save you from bad opsec,' says Kenn White, director of the Open Crypto Audit Project, referencing a classic warning from security researcher The Grugq. 'It's easy for people to be confused.'
The stakes are especially high in government, where encrypted chat apps and disappearing message features are increasingly popular among officials. Just last week, sources told CNBC that investigators for special counsel Robert Mueller have been asking witnesses to voluntarily grant access to their encrypted messaging apps, including Dust, Confide, WhatsApp, and Signal. CNBC reported that witnesses have cooperated to avoid being subpoenaed.
'It's easy for people to be confused.'
Kenn White, Open Crypto Audit Project
Several encrypted messaging apps offer a disappearing message feature to help ensure that neither you nor the person you're chatting with keeps data around longer than necessary. But even this precaution needs to come with the understanding that the service you're using could fail to actually delete the messages you mark for erasure from their servers. Signal had a recent problem, first reported by Motherboard, where a fix for one bug inadvertently created another that failed to delete a set of messages users had set to disappear. The app quickly resolved the issue, but the situation serves as a reminder that all systems have flaws.
'Encrypted communication apps are tools, and just like any other tool, they have limited uses,' says Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation.
In fact, simply choosing an encrypted messaging service may cary unknown risks. Some services like Confide and Telegram haven't allowed an independent auditor to evaluate their cryptography, meaning it's difficult to know how trustworthy they are, which of their promises they keep, and what user data they actually retain. And iMessage may collect more metadata than you think.
Signal, WIRED's secure messaging recommendation, is open source, but it also proved its trustworthiness in a 2016 case where the service was subpoenaed. Developer Open Whisper Systems responded to a grand jury subpoena saying it could only produce the time an account was created and the most recent date that a user's Signal app connected to its servers. The court had asked for significantly more detail like user names, addresses, telephone numbers, and email addresses. Signal had retained none of it.
While end-to-end encryption is a vital privacy protection that can thwart many types of surveillance, you still need to understand the other avenues a government or attacker could take to obtain chat logs. Even when a service works perfectly factors like where messages are stored, who else has received them, and who else has access to devices that contain them play an important role in your security. If you're using encrypted chat apps as one tool in your privacy and security toolbox, more power to you. If you're relying on it as a panacea, you're more at risk than you realize.
More Great WIRED Stories
- Finally, a real world grading system for autopilot tech
- Potential pitfalls of sucking carbon from the atmosphere
- Star Wars and the battle of ever-more-toxic fan culture
- Meet Germán Garmendia, the aggressively normal YouTube superstar who wants it all
- Does it matter if China beats the US to build a 5G network?
- Looking for more? Sign up for our daily newsletter and never miss our latest and greatest stories
Related Video
SecurityHow to Get Started with Encrypted Messaging
It’s time to start using an encrypted messaging app. Why? Using end-to-end encryption means that no one can see what you’re sharing back and forth.
Stop me if you've heard this before. You text a friend to finalize plans, anxiously awaiting their reply, only to get a message from them on Snapchat to say your latest story was hilarious. So, you move the conversation over to Snapchat, decide to meet up at 10:30, but then you close the app and can't remember if you agreed on meeting at Hannegan's or that poppin' new brewery downtown. You can't go back and look at the message since Snapchat messages have a short shelf life, so you send a text, but your friend has already proven to be an unreliable texter. You'd be lucky if they got back to you by midnight.
All of this illustrates a plain truth. There are just too many messaging apps. As conversations can bounce between Snapchat, iMessage, Skype, Instagram, Twitter, and Hangouts/Allo or whatever Google's latest attempt at messaging is, they're rendered confusing and unsearchable. We could stick to SMS, but it's pretty limited compared to other options, and it has some security holes. Rather than just chugging along with a dozen chat apps, letting your notifications pile up, it's time to pick one messaging app and get all of your friends on board. That way, everyone can just pick up their phones and shoot a message to anyone without hesitation.
Here comes the easy part. There's one messaging app we should all be using: Signal. It has strong encryption, it's free, it works on every mobile platform, and the developers are committed to keeping it simple and fast by not mucking up the experience with ads, web-tracking, stickers, or animated poop emoji.
Tales From the Crypto
Signal looks and works a lot like other basic messaging apps, so it's easy to get started. It's especially convenient if you have friends and family overseas because, like iMessage and WhatsApp, Signal lets you sidestep expensive international SMS fees. It also supports voice and video calls, so you can cut out Skype and FaceTime. Sure, you don't get fancy stickers or games like some of the competition, but you can still send pictures, videos, and documents. It's available on iOS, Android, and desktop.
But plenty of apps have all that stuff. The thing that actually makes Signal superior is that it's easy to ensure that the contents of every chat remain private and unable to be read by anyone else. As long as both parties are using the app to message each other, every single message sent with Signal is encrypted. Also, the encryption Signal uses is available under an open-source license, so experts have had the chance to test and poke the app to make sure it stays as secure as what's intended.
If you're super concerned about messages being read by the wrong eyes, Signal lets you force individual conversations to delete themselves after a designated amount of time. Signal's security doesn't stop at texts. All of your calls are encrypted, so nobody can listen in. Even if you have nothing to hide, it's nice to know that your private life is kept, you know, private.
WhatAbout WhatsApp
Yes, this list of features sounds a lot like WhatsApp. It's true, the Facebook-owned messaging app has over a billion users, offers most of the same features, and even employs Signal's encryption to keep chats private. But WhatsApp raises a few concerns that Signal doesn't. First, it's owned by Facebook, a company whose primary interest is in collecting information about you to sell you ads. That alone may steer away those who feel Facebook already knows too much about us. Even though the content of your WhatsApp messages are encrypted, Facebook can still extract metadata from your habits, like who you're talking to and how frequently.
Still, if you use WhatsApp, chances are you already know a lot of other people who are using it. Getting all of them to switch to Signal is highly unlikely. And you know, that's OK—WhatsApp really is the next-best option to Signal. The encryption is just as strong, and while it isn't as cleanly stripped of extraneous features as Signal, that massive user base makes it easy to reach almost anyone in your contact list.
Chat Heads
While we're talking about Facebook, it's worth noting that the company's Messenger app isn't the safest place to keep your conversations. Aside from all the clutter inside the app, the two biggest issues with Facebook Messenger are that you have to encrypt conversations individually by flipping on the 'Secret Conversations' option (good luck remembering to do that), and that anyone with a Facebook profile can just search for your name and send you a message. (Yikes!) There are too many variables in the app, and a lot the security is out of your hands. iMessage may seem like a solid remedy to all of these woes, but it's tucked behind Apple's walled iOS garden, so you're bound to leave out your closest friends who use Android devices. And if you ever switch platforms, say bye-bye to your chat history.
Signal isn't going to win a lot of fans among those who've grown used to the more novel features inside their chat apps. There are no stickers, and no animoji. Still, as privacy issues come to the fore in the minds of users, and as mobile messaging options proliferate, and as notifications pile up, everyone will be searching for a path to sanity. It's easy to invite people to Signal. Once you're using it, just tap the 'invite' button inside the chat window, and your friend will be sent a link to download the app. Even stubborn people who only send texts can get into it—Signal can be set as your phone's default SMS client, so the pain involved in the switch is minimal.
So let's make a pact right now. Let's all switch to Signal, keep our messages private, and finally put an end to the untenable multi-app shuffle that's gone on far too long.
Related Video
SecurityHow to Get Started with Encrypted Messaging
It’s time to start using an encrypted messaging app. Why? Using end-to-end encryption means that no one can see what you’re sharing back and forth.