Its innovative encryption architecture runs to multiple endpoints-your iPhone, iPad and Mac, for example, as fully-fledged apps not scrapes from the phone’s database. There’s more to iMessage than encrypting 1:1 or group messages within Apple’s ecosystem. When Google’s RCS rollout gained traction last year, one cybersecurity firm warned that RCS did nothing to resolve SMS vulnerabilities, and as such “exposes most mobile users to hacking.” The lack of security improvements with Android Messages “enables hackers to intercept and manipulate communication through a DNS spoofing attack.” Google did not respond when asked whether any of these issues have been addressed. And, Haaretz recently reported on another sophisticated attack on an Israeli network to intercept SMS traffic. Last year, a cyberattack on global carriers was found searching for SMS messages inside the networks at will. But once that message disappears into the network-to-network SMS architecture, all bets are off. So, why is SMS so bad security-wise? With SMS, your messages are encrypted between your phone and your network’s cell tower, preventing simple over-the-air interception. WhatsApp does not provide an option to become the SMS messenger on Android, which would have been ideal given its huge install base. Providing it with your SMS data makes little sense. Facebook is the hungriest data acquirer on your phone. That said, using Facebook Messenger by default is a bad idea for different reasons. Yes, whenever a recipient is only on SMS this becomes moot, but you’ll find many more of your contacts on Facebook Messenger than Signal. While Facebook Messenger is not end-to-end encrypted by default, it is more secure than the fragmented SMS architecture operated by the networks. Many Facebook Messenger users on Android have already set it as their standard messenger. More importantly, Facebook-owned WhatsApp is the world’s leading end-to-end encrypted platform and has all the functionality offered by iMessage and Google’s RCS rollout. And while Facebook Messenger (ironically) is nowhere close to adding this by default, its “ secret conversations ” are available. When even Facebook strongly advises you to use end-to-end encrypted messengers, you should take note. Signal used to be clunky but that has now changed, as it targets the mainstream with enhanced functionality, making it a viable default messenger when it was not before. But Signal itself has the same rich chat functionality as other mainstream messengers, and you can encourage close friends, family and contacts to install the app. SMS within Signal is just the SMS basics. In shifting from Android Messages, you’ll lose the ability to send RCS messages to other RCS users. But the desktop Signal app will work just fine for your encrypted messages. “We want to encourage users to move away from insecure legacy protocols,” it says. Signal does not offer its desktop option for this integration. Just like iMessage, you’ll be able to see when your contacts are Signal-enabled or when you’re limited to what it calls “Unsecured SMS.” This integration is only available on your smartphone.
0 Comments
Leave a Reply. |