Editor’s note: This article is the second in a series focusing on the best encrypted apps and services available. Content has been provided by an anonymous security and privacy professional. Readers are encouraged to confirm this information on their own.
What Should You Look for in an Encrypted Communication App/Service?
It should be independently audited for privacy/security. Many are open source, meaning that anyone can audit the source code (though an amateur being able to audit the product is not a substitute for an expert actually having done so), and that future companies’ development teams will be able to specialize on whatever feature makes their own product unique – in addition to OpenPGP, several services/apps listed are based on the relatively new Signal Protocol.
It should have a transparent business model, free from conflicts of interest. Ad-supported online businesses (e.g., most of the internet) are predicated on exchanging their service for information about you – i.e., if you aren’t the customer, you’re the product. Look at the permissions that apps require – are they strictly what the app’s function requires? And as seen above, end-to-end-encryption of message content, but not metadata, doesn’t really protect you from companies like Google or Facebook.
It is preferably based in a privacy-friendly jurisdiction; many countries spy on their own citizens/businesses and share intelligence. (Hushmail is Canadian.) This doesn’t guarantee anything, but one more layer of protection is always good. (I hope I’m not aiding any criminals by writing this, but protection from mass surveillance and subpoenaed records are essentially the same, in this case.)
It should be as fully featured and easy to use as an unencrypted app/service. Or else you may not use it, and certainly won’t get anyone else to.
A common, but not universal, feature of encrypted communication is ephemeral messaging, in which messages can be automatically deleted on one or both ends after a period of time. The time period can be as little as seconds, for the most sensitive of instant messages, and generally tops out at four weeks, which is more practical for most people. Ephemeral messages for “IM” or “Chat” type apps can have odd implementations, in which settings are specific to the conversation and the device, but this is getting better.
For email, “alias” addresses are also common, since end-to-end encryption makes linking accounts impractical. (Or, cynically, it’s another feature to sell to you.) Aliases are useful, so that you can limit how often you give out your regular email address (which probably indicates your name and is how you log into a lot of services), without needing to trust a forwarding service like Blur or 33Mail with a sensitive use or risk an important email going unseen in a separate inbox.