Let’s talk about instant messaging communication. Since smartphones have become more and more embedded in our lives, instant messaging apps have taken a primary role in how we communicate. They are simple, they are fast, and they allow for photos and videos and even video calls over the internet, taking a huge step forward from the SMS/MMS capabilities of phones in the past.
But technology has more to it than accessibility, and instant messaging apps are not all created equal. In the next instalments of this series, we will talk about the apps we recommend and those that we advise against, but for now, we would like to define a few concepts that are very important for you to choose how you communicate with friends.
SMS/MMS texts are a decades-old protocol to send texts or media. They are reliable, but they are completely visible to telecommunication companies and governments as well as anyone with sufficient knowledge to connect to a telecommunications antenna. Stay away from them!
End to End Encryption BY DEFAULT should be the gold standard. Encryption is a process where the text sent is scrambled and can only be transformed into plain text by the recipient, who possesses a private key able to understand the “language” of the scrambled text. Many apps have encryption features, but only those that are encrypted by default (not as a “private conversation” feature) should be used.
Metadata is the information about the text, image or video you are sending. The metadata of a message could be the time and date it was sent, who the sender is, who the recipient is, the location of the sender and whatever other information an app collects and sends with the actual message. Applications that do not leak metadata are of course preferable when communicating with others.
Centralised, Decentralised and P2P Networks are different ways that your messages travel from your phone to your friend’s phone.
Centralised networks work as follows: You send a message, it travels (hopefully encrypted) to a centralised server, and the server then sends that message over to your friend. The problem with Centralised networks is that there is one single location that has all the power. It means that the government can enforce censorship by blocking the servers, and even simply by raiding the servers and taking them away. There is a second problem with centralised networks. Even if your message is encrypted, depending on the app you are using the server will have various degrees of metadata knowledge. That means that if someone can access that centralised server, they can tell who is sending and receiving messages, at what time and even locations. Signal app is an example of an Encrypted, Centralised Messaging App.
Decentralised networks solve this problem. They use multiple nodes, so your message travels from you to a node, from that node to another and so on until it arrives in your friend’s app. This fixes a couple of problems. The first one, you cannot simply take down one server to stop someone from communicating with somebody else. In the second one, you can add extra layers of encryption on each node (like a TOR network), rendering any leftover metadata useless). The drawback of decentralised networks is that they are slower than centralised ones (sometimes by nanoseconds, but sometimes it’s a lot more noticeable!). Session App is an example of an encrypted, decentralised instant messaging app.
P2P or Peer2Peer is more of a connection than a network. When you use an instant messaging app with P2P the users will synchronise without the need for a secondary server or multiple nodes. This method makes things a lot safer. There is no risk of a compromised server, or of someone running multiple malicious nodes attempting to either deanonymize you or somehow collect metadata. There is one big problem with this. Both you and your friend need to be connected at the same time for that message to travel from your device to their device. If you send a message when your friend is offline, and then you go offline, even if your friend connects that message will still sit on your phone, as you are no longer attempting to send it. A second problem with encrypted P2P connections is that they do not anonymise you. Your friend could be able to tell information about your device and network as you are both connected.
Now that you know a few of the parameters you should consider before messaging someone, we will be able to talk about which apps we would advise to uninstall and then set on fire, and which apps are recommended to use, but we will do that on future instalments to not bore you to death with technical knowledge!
PRIVACY IS A HUMAN RIGHT!
UA Tech&Sec Department.
PS: UA is a collaborative, not for profit project that never makes enough money to cover costs. If you enjoy our content, please consider donating. We have crypto addresses on our website (for ultimate privacy we advise you send through Monero, not Bitcoin), but there is also Paypal and Patreon.
Please consider sending even if it is a single coin, it all helps!