Use a secure messaging app: Difference between revisions
Line 7: | Line 7: | ||
== Reasons to avoid using WhatsApp == | == Reasons to avoid using WhatsApp == | ||
* Requires phone number and contacts list to function | * '''Requires phone number''' and contacts list to function (However, there are [https://www.wikihow.com/Use-WhatsApp-Without-a-Phone-Number ways around] using your actual phone number) | ||
* Backups (especially iCloud) may be vulnerable to surveillance | * '''Backups (especially iCloud) may be vulnerable to surveillance''' (Source: [https://freedom.press/digisec/blog/icloud-security/#:~:text=If%20not%20encrypted%2C%20law%20enforcement,case%20showing%20subpoenaed%20WhatsApp%20messages. Freedom of the Press Foundation]) | ||
* | * '''Privacy of content sent via WhatsApp is questionable''', and there are reasons to not trust Meta and their contractors with your content (Source: [https://www.theregister.com/2021/09/07/whatsapp_privacy_propublica/ The Register]) | ||
* '''Hackers can break WhatsApp''' by tricking users into giving away verification codes, using spyware, sending malware as attachments, or even cloning your phone or WhatsApp account. (Source: [https://www.bitdefender.com/blog/hotforsecurity/how-scammers-gain-access-and-hack-your-whatsapp-account-and-what-you-can-do-to-protect-yourself/ BitDefender blog]) | |||
* Hackers can break WhatsApp by tricking users into giving away verification codes, using spyware, sending malware as attachments, or even cloning your phone or WhatsApp account. (Source: [https://www.bitdefender.com/blog/hotforsecurity/how-scammers-gain-access-and-hack-your-whatsapp-account-and-what-you-can-do-to-protect-yourself/ BitDefender blog]) | * '''Unofficial versions of WhatsApp are almost indistinguishable from the real version of WhatsApp'''. Unofficial versions of WhatsApp are insecure and compromise the privacy and security of communication. Having one person using an unofficial version of WhatsApp within a group makes all group communications vulnerable. [https://faq.whatsapp.com/1293093778117781 Here's how to know if you are using the official WhatsApp program]. | ||
* Unofficial versions of WhatsApp are almost indistinguishable from the real version of WhatsApp. Unofficial versions of WhatsApp are insecure and compromise the privacy and security of communication. Having one person using an unofficial version of WhatsApp within a group makes all group communications vulnerable. [https://faq.whatsapp.com/1293093778117781 Here's how to know if you are using the official WhatsApp program]. | |||
== Tip: use automatic disappearing messages == | == Tip: use automatic disappearing messages == |
Latest revision as of 19:09, 18 December 2024
Recommendation: Use Signal
If you are trying to decide between using Signal, WhatsApp or Telegram, most sources would say that Signal has a better reputation for security then the others. Here are a few reasons to choose Signal (source: The Best Secure Messaging Apps for 2024 PC Mag)
- All of your messages are secured with E2EE and Signal is a nonprofit, so there's no reason to harvest any user data.
- The underlying technology of Signal is so successful it has been implemented by Google and Meta.
Reasons to avoid using WhatsApp
- Requires phone number and contacts list to function (However, there are ways around using your actual phone number)
- Backups (especially iCloud) may be vulnerable to surveillance (Source: Freedom of the Press Foundation)
- Privacy of content sent via WhatsApp is questionable, and there are reasons to not trust Meta and their contractors with your content (Source: The Register)
- Hackers can break WhatsApp by tricking users into giving away verification codes, using spyware, sending malware as attachments, or even cloning your phone or WhatsApp account. (Source: BitDefender blog)
- Unofficial versions of WhatsApp are almost indistinguishable from the real version of WhatsApp. Unofficial versions of WhatsApp are insecure and compromise the privacy and security of communication. Having one person using an unofficial version of WhatsApp within a group makes all group communications vulnerable. Here's how to know if you are using the official WhatsApp program.
Tip: use automatic disappearing messages
Disappearing messages (also known as Vanish mode) is a feature that makes your messages disappear once a recipient reads them or after a certain period of time. It’s a great tool for privacy protection and chat hygiene. It's an excellent feature to use if there's a risk that your phone will be viewed by someone who may be against your human rights work.
Disappearing messages in Signal
Use disappearing messages (in Signal) to keep your message history tidy. The message will disappear from your devices after the timer has elapsed. This is not for situations where your contact is your adversary — after all, if someone who receives a disappearing message really wants a record of it, they can always use another camera to take a photo of the screen before the message disappears.
- Disappearing messages can be managed by anyone in the chat.
- The setting applies to any new messaging after the timer has been set or modified.
- Changes to the timer will sync with your linked devices.
Disappearing messages in WhatsApp
Disappearing messages is an optional feature you can turn on for more privacy. You can set messages to disappear 24 hours, 7 days, or 90 days after they're sent unless that message is kept. The duration you choose only affects new messages in the chat, not messages you've already sent or received.
Disappearing messages in Messenger (Facebook)
Vanish mode on Messenger automatically clears messages after the recipient has viewed them and closed the chat. This advanced feature offers Messenger users more private communication and media sharing and limits what Facebook knows about you.
Online courses
Totem course on Secure messaging apps (available in EN, FR, ES, RU)
You should walk away from this course knowing
- What secure messaging actually is
- How to choose which secure messaging app is the best for you
- How to activate security measures, including:
- End-to-end encryption
- Disappearing messages