What is a secure messenger. User misconceptions.

After reading the posts of “supposedly” cyber security experts in messengers, I was shocked … People are not correctly forming even a list of security criteria. I came across the following criteria:

1. The degree of centralization – (for the user it does not matter)
2. The possibility of anonymous registration and use – (not by phone number but by email) – complete nonsense, email when registering mail saves so much of your data that it is easier to use an unregistered SIM.
3. The presence of End-to-End Encryption (E2EE) – (publicized delirium)
4. Synchronization of E2EE chats – (just a security hole, after hacking your mail or SIM card clone, all your chats will be accessible to attackers)
5. Prohibition to take a screenshot of a secret chat – (straight funny)
6. Group E2EE chats – (and where does security)
7. Protection of the social graph (none of the users will ever know what and how to collect, transmit, the messenger you use and how it stores it. All statements on this subject are empty words)

I am a little versed in the protection of information and I can say the following: you can intercept any of your messages from any messenger or mail! The question is in what form to intercept it. Only encrypted messages will save your information. Do not believe the slogans “your chat is encrypted”, etc., if you can not verify it. This is usually a lie. And now the end-to-end encryption algorithm used by viber, whatsapp, telegram, etc., together with your message, passes the public key to decryption, and as a rule it is very small (for decryption speed). Now let’s recall the mathematics of grade 5: 2 +? = 9 out of the three components of 2a do you know how long you will look for 3e? So with messages, there is your cipher message and public key, you need to pick up the closed key than it was encrypted.

Check out the Dating Messendger app.
Dating uses a different mechanism, it is linear encryption. Your message is encrypted on your phone and decrypted only on the recipient’s phone, if the password for decryption is set on this phone. All the way to the recipient, the message passes in encrypted form. If your message is intercepted, it will remain useless.
There are no 2 keys for decryption, except for the encrypted message, nothing is transmitted to the recipient. Of the 3 unknowns, at best you will get 1! Encryption is easily verified by writing from one application to another! Draw conclusions, use the right products, not untwisted! Good to all.

  • ru
  • en