The Electronic Frontier Foundation (EFF) has launched the first phase of a new campaign tasked with determining which secure messaging products are actually true to their word. Out of 39 popular messaging apps, only six received positive marks in each category the EFF checked.
Those categories include whether or not communications are encrypted in transit, whether or not they’re encrypted so the provider can’t read it, the ability to verify contacts’ identities, if past communications are secure if keys are stolen, if the code is open to independent review, if security design is properly documented and whether or not the code has been audited.
The six platforms that passed the test are ChatSecure + Orbot, CryptoCat, Signal / RedPhone, Silent Phone, Silent Text and TextSecure. Only two messaging products – Mxit and QQ – failed in every category.
The EFF reiterates that their scorecard represents only the first phase of the campaign. In later phases, the foundation plans to offer closer examinations of the usability and security of the tools that scored the highest in the first phase.
That said, the EFF warns that the scorecard results don’t endorse individual tools or guarantees of their security. Instead, it simply indicates that the projects are on the right track.
How secure is your go-to messaging application? Do you plan to make any changes in light of the EFF’s findings?