How to choose a “secure” messenger.
Yesterday, a user on our forum opened a thread asking about the differences between secure messengers. Rather than listing a bunch of different messengers and their features, I thought I should start off by defining “secure”, and other key terms in the context of instant messaging. This is because a messenger that is “secure” for me, does not automatically mean it is “secure” for someone else.
First of all we need to deconstruct the meaning of security, let’s start with the acronym CIA: confidentiality, integrity, and availability. Confidentiality means that only the intended parties were able to read the message. Integrity means being sure that your message is not modified before it arrives, this is something most people take for granted. Lastly comes availability, which means to ensure that all parties receive proper access to your messages. You can read more about this here if you are interested.
So we want a “secure” messenger, what should we look at?
The answer to that is four things: security, privacy, anonymity, and usability.
Security: Remember CIA. In summary security means that only the intended recipients got your message, that they have proper access to it, and that the message has not been modified by third parties.
Privacy: Privacy is protecting the content of communications from external parties, but not necessarily the identities of those communicating. An example is two colleagues at work going into another room to speak to each other: you know who is in there and that they are talking, but not what they say; the conversation is private.
Anonymity: Anonymity is protecting the identities of the communicating parties, but not necessarily the content. An example here is an anonymous whistle-blower leaking a document to the public; the contents of the leak are known and no longer private, but you don’t know who leaked it; they are anonymous.
Usability: Usability is about how easy it is to use something; it is often the most overlooked element of secure messaging. If an application is too difficult or frustrating to use, many people will simply settle for less secure, more usable alternatives. Poor usability is the reason why PGP encrypted email never took off for the masses: it is a pain in the ass to use. Roger Dingledine of the Tor Project wrote a nice paper on why usability is so important in secure systems.
Now we understand the most important facets of secure messaging, we have to talk about threat modeling.
Threat modelling is something you have to do before choosing your messenger; this is because there is no one ultimate messenger that works universally for everyone. Few people seem to understand their threat model well. To start threat modelling there are a few questions you can ask yourself:
What am I protecting? Are you protecting your message content? Your identity? The metadata? Your location? Perhaps a combination or all of these?
Who am I protecting against? Are you protecting against advertising companies? Governments? Hackers? An abusive spouse? Each of these have their own weaknesses and strengths; a government has more funding, but a hacker can break the law. These are often referred to as adversaries.
What is the impact if the thing I am protecting is available to my adversary? The messengers that best protect your message content and metadata are often the least convenient to use, so consider how much usability you are willing to give up to protect it. Is this about you hiding your secret passion for flashlights, or is it a life or death situation?
Once you have threat modeled, and know what you are protecting from whom, we can start looking at some of the messengers out there. Let’s consider two examples:
Signal: Signal is an open source, end-to-end encrypted, private messenger. It is very easy to use and does not require users to know anything about cryptography or security in general. It provides privacy by end-to-end encrypting messages and calls, and because it is so darn easy to use, it will make the task of moving your contacts over to a new messenger a bit easier. However, since Signal requires a phone number to register it is not, and has never claimed to be, anonymous. Note that it is possible to setup signal anonymously, but this is generally a hassle and also requires your contacts to do the same.
Briar: Briar is an end to end encrypted messenger which utilizes the Tor network to stay anonymous. Briar works as a peer-to-peer messenger (meaning there are no servers forwarding messages between users) inside Tor, your metadata and message content are protected. The downside of Briar’s peer-to-peer nature, is that both parties must be online at the same time to send messages, which harms usability.
Now, picture if you or a contact believes you may be targeted by government agencies, Briar would be a better choice to keep your identities safe. This is because while Briar is not the most convenient service, it will not expose metadata that could reveal your who, when, or even whether you interacted with another user at all.
Or imagine you are an average citizen conversing with friends or family about non-sensitive topics, Signal would probably be more appropriate. Conversations in Signal are end-to-end encrypted and private, but due to the use of phone numbers it is possible to identify users’ contacts and other metadata. The key benefit of Signal is that it is extremely easy to use, essentially the same experience as WhatsApp, so less privacy/security conscious users are more likely to stick with it.
Okay, so we have a threat model and know the difference between security, privacy, anonymity, and usability. Now how do I know which messenger provides what?
Good question! There are a few things one can look out for when choosing a messenger:
End-to-end Encryption: this mean that only you and the person you send your message to can read the message content.
Open Source: This means that the source code of the application is available to read, allowing those with the time and knowledge to verify it is as secure as advertised. (Bonus points if reproducible builds are available. This means you can copy the source code, follow the build instructions and end up with an exact copy of the application distributed by the developers. This allows us to ensure that the app in use is actually the same as the source code.) note though that open source is no guarantee for security, but it IS however, a requirement.
P2P: P2P (also known as peer-to-peer) means that your messages go directly to your contacts device, and that there is no third party involved. Warning: while this means that no central entity is collecting your metadata and messages on their server, without IP protection anyone watching your connection will be able to see who you message and for how long, potentially breaching your anonymity. As mentioned above, Briar achieves this by using the Tor network.
Metadata: Metadata is all the information about a message except for the content of the message. Some examples of metadata are: sender, recipient, time sent, and sender location. You could describe metadata as “activity records”. Depending on your threat model, it may be important to ensure certain metadata is not available to your adversary.
Registration Information: What information does the service require before you can use it? Where a phone number is required, like Signal, achieving anonymity will be hard because phone number are usually tied to your real identity, so if anonymity is part of your threat model, look for a messenger with minimal requirements to register.
Remember, sometimes it is better to settle for a less than perfect solution, if it offers superior usability that will help keep your contacts away from less secure alternatives. For example, getting your family to join Signal, or even something as bad as WhatsApp is a huge improvement over SMS, this is because SMS is send in plain text. Sure, it's not anonymous. Sure, you will leak metadata, but it's already a big step up in security, and you’re better off with that, than trying to get them to use your ultimate secure anonymous private messenger that is a pain in the ass to use, and watching them run back to using SMS instead. As Voltaire put it: Perfect is the enemy of good.
Well, this post turned out longer then I thought it would! Anyway, I hope you now have a clearer picture of how secure messaging works, what the differences are, and how you can pick a secure messenger according to your needs. Oh and if you want to join the discussion on this topic and future topics. you can find me at our Mastodon instance or at our new forum
That’s it for today folks, see you later!