Shares in this article
Signal checked by security researchers and found to be safe
According to the monthly magazine Spektrum, most messengers use Signal’s protocol. The publicly available code has already been intensively checked by independent security researchers and found to be secure. However, the messenger is not completely anonymous. To register with Signal, you have to provide your telephone number, which is also visible to members in chat groups. For Signal itself, however, the telephone number is only visible in encrypted form. In principle, however, the messenger cannot save any user data due to the encryption. As soon as there is a request from authorities, Signal can only share the date on which an account was started and the time and date when it last connected to the server. According to the company, Signal’s chats are end-to-end encrypted and personal data or content is not sold, rented or monetized. Since the messenger is operated by a private foundation and financed by donations, the service does not depend on advertising.
WhatsApp and Threema
The famous messenger service WhatsApp also encrypts communication with the Signal protocol, according to Spektrum. However, this does not apply to the so-called metadata. This includes everything beyond the content of the exchanged messages and is particularly interesting for authorities and advertising companies. The data collected, such as a user’s contacts in the address book, information on who chatted with whom and when, and data about the smartphone used, are passed on to Instagram and Facebook. The data collected is then evaluated and sold to advertising companies. In addition, Meta Platforms is obliged to pass on the metadata in the event of inquiries from US authorities.
Threema is a messenger service from Switzerland and does not use the Signal protocol for encryption, but the NaCI library. According to the company, as little data as possible should be stored on the servers in Switzerland. For this reason, contact lists or group chats are managed on the users’ devices. “The Threema servers have the function of a relay station; messages and data are forwarded, but not stored permanently – because where there is no data, they cannot be misused,” says Threema on his website. To provide complete transparency, the messenger’s code is public.
iMessage and Telegram
According to Spektrum, Apple also uses its own protocol for its iMessage messenger app. Similar to WhatsApp, according to the technology magazine CHIP, iMessage uses end-to-end encryption, in which messages are encrypted locally and only then leave the device. Metadata is not encrypted here. In 2016, Johns Hopkins University professor of computer science Matthew Green and his students found security issues in the iMessage protocol. “In fact, using a central key server is still one of iMessage’s biggest weaknesses, as an attacker who controls the key server can use it to inject keys and perform man-in-the-middle attacks on iMessage users,” said Green in a blog post.
The instant messaging service Telegram, developed in Russia, has repeatedly been the target of public criticism. According to SWR2, right-wing networks in particular have used the service to disseminate fake news and conspiracy myths in the past. Many associate Telegram with a secure means of communication, but when it comes to data protection, Messenger does even worse than WhatsApp. The chats are not encrypted end-to-end and your own telephone number can be hidden, but not completely separated from the account. According to the spectrum, you can only protect yourself from potential readers if you choose the “secret chat” option. However, this is not possible for group chats, which can contain up to 20,000 people. According to their own information, anyone can check Telegram’s source code, protocol and developer access.
Tim Adler / finanzen.net editors
Image Sources: Michele Ursi / Shutterstock.com, Gil C / Shutterstock.com
–
