Encrypted messaging, Secure email: No magic but important
Encrypted communication is often thought to be too complicated for a mainstream use, but open apps like Signal have grown to be a no-brainer for data privacy. With different security-minded features, like identity-confirming safety code, disappearing messages, secure chat applications can duly give you that peace of mind. Using them should have no second thoughts. Having said that, though, there is no such thing termed as perfect security, feeling invincible is no good option as it can get you in trouble.
End-to-end encryption renovates communications into garbled pieces of code the moment user presses the send option. After this, the text is not re-formed into its understandable form until it is received by the recipient. While it’s on its way, the communication is in unreadable form, safe from those prying eyes.
What are the criteria for choosing safe mail? It’s determined by the following factors:
- Protection of mail from hacking and interception by third parties;
- Confidentiality – protection of information from the developers themselves;
- Failure of developers to cooperate with the special services and government.
Does your mail fit all these factors?
In order to secure your personal correspondence by e-mail, you need to know a few important truths. All your electronic communications are as protected as the weakest link. If you use a sophisticated encrypted mail, and your interlocutor is using some simple webmail service without any protection, it means that your letters will be sent to his mailbox through an open channel. So,
"These end-to-end encrypted platforms are immensely better than those traditional messaging methods. the famous cryptographer, Matthew Green at Johns Hopkins University says "But encryption isn’t magic. You can easily get it wrong. In particular, if you don’t trust the people you’re talking to, you’re screwed."
At a point it becomes obvious that both the sender and the recipient have access to the encrypted communication—that’s the goal. But it is quite easy to forget that user you are messaging can show the messages to somebody else, retain the conversation on the device, or take screenshots.
Former Trump campaign leader, Paul Manafort found this ugly truth the hard way, when the FBI tracked messages he shared over WhatsApp from those who received it.
It is also very important to keep track of the number of devices your encrypted messages are stored on. If you sync the chats between, your smartphone and laptop, or have a backup in the cloud, there holds a higher potential of your data being exposed. Services, like WhatsApp and iMessage, either have nudge users or cloud backups set by default to streamline the user experience. Manafort offered another useful illustration, where investigators had access to his iCloud to match the previous information, along with gleaning new information about the activities. All the chats were encrypted by WhatsApp, but the backups weren’t.
Criptext – the most safe mail service guarantees mail encryption without any interruptions in work, special services and the exchange of user data with the third persons. Earlier, ProtonMail was considered the most reliable service, but technologies go ahead and more advanced services appear.
Yes, ProtonMail uses pass-through encryption – this means that sent messages will be encrypted, and only the recipient with the secret decryption keys will be able to open and read the message. But not everything is so simple, the company’s location in Switzerland forces them to comply with the regulations to provide data at the request of the EU government services. Consequently, information can be disclosed at any time if a third party wishes.
Criptext guarantees to preserve the privacy of your personal correspondence. By e-mail we share personal secrets, conduct business negotiations, do many other things. But most of the letters are sent in plain text and stored in a format that is easy to read. Services with encryption have a higher level of confidentiality. Your letters in Criptext will be encrypted and nobody can read them except you and the recipient (s).
Kenn White, director of the Open Crypto Audit Project stated "Good opsec will save you from bad crypto, but good crypto won’t save you from bad opsec," while referencing the classic warning from The Grugq, "It’s easy for people to be confused."
So what are you waiting for? Download Signal now!