Editor’s note: This article is the fourth in a series focusing on the best encrypted apps and services available. Content has been provided by an anonymous security and privacy professional. Readers are encouraged to verify this information on their own.
Each of the apps and services mentioned in this article serve different but overlapping purposes.
Wire was created by former Skype employees, who wanted to create a better product from the ground up. Wire is free for personal use and only a few dollars per month for businesses with up to 256 users. Wire has apps for all major operating systems, plus browser extension, and supports, text, audio, and video, plus file and screen sharing, with good audio and picture quality. What sets Wire apart from some other products is that it uses usernames (you can have multiple) which allows you to compartmentalize communications easily. Wire is open source and audited. Reported call quality and reliability are excellent, which makes sense, considering how it was made. Since Wire’s paid versions are aimed at business, Wire goes so far as to include file and screen sharing and even GIFs in messages. Wire is Swiss, open source, and audited. Ephemeral messages can be deleted in 10 seconds, five minutes, one hour, one day, one week, or four weeks, which some may find a little annoying—but it works.
Wire flaws (but not deal-breakers):
Signal is the OG encrypted messaging app and namesake of the “Signal Protocol.” Signal is open source, audited, and supported by donations, mostly through the Freedom of the Press Foundation. Signal is also cross-platform, and supports text, audio, video, and group chat, but, crucially, uses your phone number as your username. The downsides of this are that you can’t compartmentalize your encrypted communications, and you can be identified by your metadata easily unless you’re using a prepaid plan, paid for with cash, which you probably aren’t. (Being identified by metadata is a remote risk for most people, The upsides are that it’s easier to get friends and family to switch to Signal than other apps (It’s a favorite of news organizations for getting sensitive tips.), and the Android app can function as your text message app, as well, which makes the transition seamless and means that your phone’s copies of text messages are encrypted.
Signal includes tools for verifying that you’re reaching your intended contact without encryption keys being tampered with, and has per-contact notification settings. Ephemeral message times are more incremental within a day than Wire, but top out at a week.
Signal flaws (but not deal-breakers):
In May, it was revealed that ephemeral messages received by the Mac OS app weren’t being correctly deleted. Although the next update fixed the issue for subsequently received messages, pre-update messages may still be recoverable, pending a second update. This is a pretty darn big bug, but it’s not quite as bad as it sounds: It was limited to one app. Manually deleting the messages still made them irretrievable, and the community response was as good as could be expected. This is just life with free and open source software.
MySudo is currently iOS only and can be used for encrypted intranetwork communication. Its main function, however, is much cooler. MySudo gives you multiple avatars called “Sudos,” each with a VOIP number and email address, that you can use to compartmentalize even your standard phone network communications. That is, your friends and family have a different phone number for you than your business associates, who have a different number for you than your doctor, who has a different number for you than business—you get the idea. This may seem like a silly thing to get excited about, but phone numbers are substituting Social Security numbers as the accidental and dysfunctional universal ID number, so this is really great for privacy and security. There are various cost tiers for how many “Sudos” and “SudoOut” minutes per month you can have and resetting a VOIP number costs $0.99. They’re never reused. MySudo is the successor to a free prototype version and pricing has changed several times—they seem settled on the current cost tiers, but if they don’t appear worth it to you check it again in a couple of months. Encryption may not be the main feature of Sudo, but if your friends and family all use iOS, the versatility of MySudo might make it easier to get people to join you in an encrypted network.
(Tip: The next time you travel, tell people you will only use these apps because you don’t want to pay for roaming calls.)
You can use a Sudo number as your Signal number. There are also “SudoPay” virtual credit cards, but masked payments are a topic for another day.
MySudo flaws (but not deal-breakers):
Sudo is closed source, and probably unaudited. Anonyme Labs earned the privacy and security community’s trust by building their product so that they know nothing about users that they don’t need to know. They have, by all appearances, succeeded. Sudo’s problems are reliability and call quality. Some people report problems with using it over WiFi (though others buy iPod Touches, just to use Sudo as a cellphone over WiFi) and/or VPNs. Given how useful Sudo is, the complete lack of competition, and the opportunity to be grandfathered in with all the current free features, I think every iOS user should get Sudo, and deal with the periodic poor connections. Again, Sudo is currently iOS only, but web and Android apps are planned. (The Android app has been a long time in the making because Android is very “leaky,” Google not valuing privacy or users’ security.)
What you should NOT use under any circumstances:
WhatsApp is owned by Facebook. Your metadata is data-mined. Facebook’s security is pretty damn bad. So, your account may be at risk of being hacked, which could compromise the messages. And while the transmission of the messages is encrypted, backups, allowed by default, are not, making for a very large attack surface or multiple ways to accidentally share messages. And Facebook is evil. You benefit from network effects—but it’s not worth it.
Google Allo “Incognito”
Google Allo is owned by Google. Again, your metadata is data-mined and they’re evil. Google’s security, however, is generally thought to be pretty good, though.
Editor’s note: This article was updated on October 9, 2018 to correct a statement that indicated Wire does not have key verification. Wire does in fact have key verification.