Nothing really compares to a tet-a-tet dialogue. Especially in the means of confidential talk, despite whatever international paranoia says about all hearing walls (not without a reason, though). But the modern world is unimaginable without technologies, emails, and messengers. Long-distance cooperation and simple colleague communications are both thriving for a certain level of privacy, no matter what’s the subject of the talk.
The fact that is frequently overlooked even by the best of us — privacy is not all about personal space. Often portrayed even selfish and the opposite of secure, but in the nemesis act it works very well in the groups’ best interests. Internet history is evidence itself.
Starting from the basics.
Cluster I: personal to self
Making your own decisions without unwanted external interference or influence is a fundamental right to privacy. It provides a safe space for self-expression and exploring other ideas so that a person can decide for themselves and observe freely.
Individual development is impossible without own understanding, moreover, it influences dignity a lot. Acknowledging individuals’ right to determine what information about themselves they’d like to disclose is also self-respect. Boundaries are essential. This practice alone is pretty enough for bringing mental health back to life a bit, to the place where eternal anxiety and stress from feeling unsafe are no longer caused by government surveillance or intrusion, only by Angst*.
Cluster II: personal to group (interpersonal)
Once a person respects their own rights — it means at least they know about some. Solid social relationships are fostered by trust, and trust is basically the same old feeling safe while exchanging and sharing information with someone else. Intimacy, if we’re talking friendship and family. So the means of communication participants using are crucial for each other’s privacy and trust. To put it in simpler words: trust can’t be built where information privately shared with another individual or a small group constantly discovers itself in undesirable hands.
One more thing interconnected with the first cluster is the fact, that the freedom of learning and dissecting different ideas gives an opportunity for new to grow and be discussed.
Sensitive information should stay this way, but protection of it once said/sent/shared is from this very moment the responsibility of the other side to provide. And it’s a pie of different information shared either with the inner circle or institution. Personal contacts, addresses, health records, financial data, and intimate details. The harm that can be caused by third-party access and misuse is brutal sometimes. It gives reputational risks, family loss, and different others.
Cluster III: personal to mass (national, multinational, worldwide)
Democracy longing for free speech can be satisfied only with compliance with the basics of personal privacy. Taking into account everything told above. This way people bonding together stronger and healthier can provide a huge role in the security of the masses. And from the government’s “best intentions” too. Surveillance programs, usually leading to abuse of power, discrimination or censorship can’t be passed easily where privacy is really respected.
Even Hegel** would be satisfied a bit (not really).
Bonfire
All and all, the Earth is rioting, technologies are tracking every tiny step, misleading people to share their private information by just logging into a social network, and questions about individual and group privacy are intensely raised.
Guerillas, partisans, activists, and journalists need secure messengers, but so do civilians living in peaceful places. If sensible information can leak from a private conversation, then there’s no point to maintain it the way it loses wealth. PGP offspring evolved a lot since the ’90s. Their slowly but steadily growing E2EE number had already frightened governments. To be precise, by “threatening national security” with the prevention of data interception. The audacity!
Back to reality, this can be just one of the many reasons responsible for the common misconception of privacy lots of people share. Undermining the need for personal security and private messaging in particular. But why do individuals and companies need it and do they really?
The following reasons to care are just icebergs’ tips peeping from this mirror-like surface deep into us.
- Conversation privacy: for communication to remain private and to be accessed not by third parties harvesting information about your social patterns and activity, your means of communication should be encrypted
- Data breaches: almost everyone once was leaked due to one. Some seemingly innocuous (or not) information of yours exposed in plain sight
- Identity theft or fraud: some of us really underestimate these doppelgangers’ ability to fake their way to credit, bank account, or even physical privacy invasion
- Business Confidentiality: does anyone burns with a desire to share trade secrets, financial data, or intellectual property? Anyone?
- Regulation compliance: required by company regulations (why isn’t it required everywhere already?) and there’s a need to comply with strict data privacy and security regulations to protect sensitive data and provide trust
- Protection from cyber-threats: malware, spyware, spam, you name it
- Human rights and free speech: is there even a need to elaborate on that one?
Considering changes: what to look for?
How to distinguish secure messenger from others is a whole science. Joking, but there are certain criteria to watch for while deciding which one to use.
End-to-end encryption
End-to-end encryption or E2EE plays one of the main roles in the security of private conversation, and almost all modern messengers claim to use it. The question is how properly they manage it and make users aware of their responsibility too. Because even the main role can’t play long without others.
The core of the end-to-end encryption mechanism is a cryptographic key, two pairs of which every participant has, and authentification isn’t going together with default encryption. Communication safety is threatened if keys are compromised or broken. And though E2EE is protecting transmission between devices, which is very helpful while using public networks, it has nothing to do with the devices on both sides. So, if one of them is compromised, sorry.
Better to look for those with authentification in a pack or be cautious with ensuring the right person is on the other side.
Independent security audits
Do they provide regular and transparent security audits? An audit represents an examination of the messenger’s services’ reliability conducted by an independent third party. This can be an expert in cybersecurity, who can meticulously inspect vulnerabilities and whether the service genuinely provides end-to-end encryption. To make sure that communication encryption is correctly implemented. Then they issue a report outlining the findings.
When looking for privacy and security, a service that undergoes independent audits is definitely winning some points. You know, offering greater confidence in reliability and trustworthiness is already a lot. But why not ask for more?
Open-source code
What is more clear than open access to code, where you can make sure of concerns with your own eyes? Trust builds bit by bit and this kind of transparency and nothing-to-hiddenness can be a terabit. Moreover, it’s an underrated way to keep it up and running due to users’ involvement and participation in finding and reporting weaknesses. Bug-hunting programs can really help both sides.
Privacy policies and data collection practices
Lesser the better. For either safety purposes or better performance services shouldn’t harvest and keep too much information. Metadata in particular. Look if their terms and conditions are crystal (or at least just) clear. Ensure what content and metadata are collected and only necessary for legit purposes. It shouldn’t be kept or in any way exploited by the service.
And of course, better be confident if the terms and conditions document isn’t just a text to pull the wool over users’ eyes. They should be appropriately followed.
User-friendly interface
The criterion that divides many secure and popular messengers is a user-friendly interface. It mostly seems to be so easy to create an intuitive interface that will satisfy most users, but it isn’t. Private conversations don’t have an inherently pleasurable design. Though it’s getting better.
And sure, it is really a very individual preference, so you definitely know better if it’s counterintuitive or not.
“Top secure messaging apps”
Many sources are putting Facebook Messenger, WhatsApp, and Viber in the top lists of secure messengers, though it is a very well-known fact they aren’t. Sometimes the least evil to choose, maybe. What makes them popular? Due to their wide spreading and familiar interface, if your mama, boyfriend, boss, and playmates are using the same messenger… who will resist its convenience to reach everybody you need on a daily basis? The mass market can be wild.
Once again, let’s start with You.
Watchdogs: encrypted communication
Discord
Available on: Windows, macOS, iOS, Android, Linux, Web
Famous for its game-centric community, Discord pays a lot of attention to the privacy and security of its users. Except for cooperation with law enforcement “only when are in receipt of enforceable legal process”, they don’t let third-party involvement.
It provides a reasonable level of privacy for direct communication between users, but server-based communications are left without E2EE.
Supported security features: 2FA, client-server encryption, IP location lock, virus scanning
Telegram
Available on: Windows, macOS, iOS, Android, Linux, Web
We mentioned Facebook Messenger and WhatsApp (both owned by Meta btw) earlier not to bring a shadow on mass-market as is. There are plenty of other alternatives like Telegram supporting confidential chat. Based on Media Transfer Protocol (MTP) it supports two layers of encryption: server-to-client and client-side (including E2EE in secret chats).
Telegram claims to have no interest in selling users’ data. Since June 2022 Durov brothers switched their business model from not-for-profit to freemium with the launch of their Telegram Premium. Though, their bug-bounty program ranging from 100$ to 100 000$ is still active since 2014.
Supported security features: 2-layer encryption, secret chats, self-destructing media, 2FA, proxy, deleting messages both ways
Signal
Available on: Windows, macOS, iOS, Android, Linux, Web
What gives a better advertisement than controversial figures like Elon Musk and Edward Snowden publicly claiming to use it?
Signal is definitely a celebrity among private messengers. It is a solid choice. Free, open-source, and liberated from tracking and ads due to being paid through donuts and grants.
Asking for your mobile number (for a friend), though.
Supported security features: self-destructing messages, E2EE, screenshot prevention, incognito keyboard, view-once media
Line
Available on: Windows, macOS, iOS, Android, Linux, Web
The Tōhoku earthquake and tsunami in 2011 brought not only sorrow in its aftermath. Most popular in Asia, Line was developed as an answer to situations where the internet is the only communication possibility.
It doesn’t put letter sealing (basically it’s E2EE) by default, so users should enable it themselves in personal conversations. A bit dangerous for those who are unaware.
Supported security features: E2EE, ISO 27001 certification, SOC2 & SOC3 certified, PCI DSS Level 1 certified
Dust
Available on: Windows, macOS, iOS, Android
“Safer place to text”, ex Cyber Dust claims to be one of the most secure messengers out there. It is not your all-in-one mass-market app with video calls, voice messages, and whole films being uploaded to share, Dust is concentrated on text and encrypting messages, helping them to disappear in thin air. Nothing is stored on its servers, nothing can be saved from the chat by a message beneficiary.
Supported security features: E2EE, private search, permanent message-deleting (100 seconds seen, 24 hours unread)
Threema
Available on: Windows, macOS, iOS, Android, Linux, Web
For the desert, we left today leader. Private communication isn’t complete without confidentiality. Threema gives you an anonymous use many people struggle to find. You can keep personally identifiable information (PII) to yourself. As many others presented in our list it collects no user’s data and ads won’t threaten your precious time.
Moreover, open-sourced Threema has regular audits and is definitely worth a try.
Swiss quality, you know.
Supported security features: anonymous use, E2EE (NaCl library), decentralized architecture, on-premise hosting, metadata restraint
But…
…nothing works perfectly, especially when used wrong. Better always remember the basic rules:
- update your devices and apps frequently
- use 2FA wherever it is supported
- use strong passwords (better generated)
- limit to the possible minimum sensitive information you share
**[email protected] *****
In the end, the importance of secure messaging apps cannot be overstated. They are a crucial part of a world that is increasingly under surveillance. Nothing can be trusted blindly, and so are even the most private and secure apps. Before the system is changed it’s the responsibility of everyone to make it a safer space starting with their own protection.
Do you know the infamous airplane crash rule? Put your oxygen mask before your kids.
For example, you can start with Sidekick. Privacy-focused and totally user-friendly it also supports integration with secure messaging apps. So you can have it all, once basic safety rules will be engraved on the back of your head.
*Martin Heidegger refers to angst or anxiety a lot in his MO Being and Time e.g. “Anxiety in the face of death is anxiety “in the face of” one’s ownmost nonrelational and unsurpassable possibility for being. That which this anxiety is “in the face of” is being-in-the-world itself.”
** Philosophy of Hegel’s writing turns to relations between personal and social a lot like personal self-understanding is tied to the roles and responsibilities they have within the social institutions.
*** the email address used by the fictional character Agent Mulder from the X-files TV-series
FAQ
Key features to consider include end-to-end encryption, regular independent security audits, open-source code, clear and minimal privacy policies and data collection practices, and a user-friendly interface.
Sidekick browser is designed with privacy and security in mind, offering features like tracking prevention, automatic ad-blocking, and anti-fingerprinting. These features help protect your online privacy and ensure that your browsing experience is as secure as possible.
End-to-end encryption plays a crucial role in providing people with the reality of secure conversations by ensuring only the intended recipients can read the messages. However, it’s essential to note that encryption alone cannot protect if the devices on either end are compromised.
Best practices include frequently updating your devices and apps, enabling two-factor authentication, using strong (preferably generated) passwords, and minimizing the sensitive information you share.
Sidekick surely enables integration with secure messaging apps, allowing you to access your messages and communicate securely while browsing the web.