Recently, for reasons, I had occasion to examine the current state of the market for encrypted messaging apps on phones.
Tested: Wickr, BBM, Threema, Confide, Cyber Dust, Cyphr, Telegram. Thoughts to follow:
-All of these apps start off wanting access to your contacts. You should always say no and invite the people you do want to communicate with manually.
-I have no way to check the cryptographic reliability of any of the below apps. So, one could be a pleasure to use and be using a joke of encryption. In addition, if your life depends on security, please don’t use a phone at all to pass messages. Buyer beware. )
Wickr: Hysterical intro copy. Stunningly ugly. Nuttily tricky to set up. Seems to work.
BBM: Amazingly, even more ugly design than Wickr. Appears to hate users, and does everything it can to stop them. On android: don’t install. Over-reach on permissions, including your call & text history, demands for your location etc. Blackberry, you are a zombie.
Threema: A bit fiddly to set up, quite like whatsapp once you’ve succeeded. Has a nice face to face verification thing too.
Confide: Text only, unlike the others. Only reveals one word at a time, so can’t be screen shot. If you want to send a private private text made of just text, seems like a good bet. Update: Neither I nor my Android co-tester actually received each other’s messages. Though very secure, this is not very useful.
Cyber dust: a much better interface than most of the others. You don’t get an archive or record of your conversations- they vanish from your screen after a few minutes. You can keep your own messages, if you like, by tapping on them, but you can’t keep the other people’s.
Cyphr: Easy set up, easy use. Uses a central server. Makes saving pictures you’ve received very easy, which could be a pro or a con depending on how you want to use it.
Telegram: similar to Threema in set up, slightly cleaner design. Seems to have the larger installed user base.
This is important, because the major barrier to adoption of encrypted apps or messaging is that both sides need to agree to use a particular, non-mainstream, programme to communicate.
This is why the suggestion that Whatsapp, with its tens of millions of users, may encrypt all its messages from end to end is so significant.
(UPDATE: It turned out WhatsApp didn’t really effectively protect its users.)
My criteria was that the app had to offer to encrypt text (and, ideally, any videos or pictures uploaded) and not store a hackable copy on servers (as Snapchat allowed happen to its users).
Let me know if I’ve missed an option