“Is this line secure?”
Well, for most of us, the answer to that has traditionally been “no” — at least outside of work. However, in recent years, there has been a proliferation of encrypted communications applications available for computers and mobile phones. These applications take advantage of the adoption of digital, packet-based communication standards for cellular systems (i.e., LTE) or wired/wireless internet connection to provide a plethora of communications functions.
Thanks to these apps, users can send secure text messages, share files, or even have voice or video calls — all encrypted and, ostensibly, impervious to eavesdropping from unwanted third parties. Big promises, right? However, not all apps are created equal.
In this article, I’ll explore criteria for evaluating a “secure” communications app, describe a few of my favorites, and briefly cover findings discussed in a leaked FBI assessment regarding the challenges posed by many popular encrypted chat apps to law enforcement and the intelligence community.
What Makes a Good COMSEC App?
There are many factors that go into a selection of an application for communications security (COMSEC). Some of these relate directly to the security and safety of the app itself, but some are more general.
The first, most general requirement is if it’s something that you can easily get other people to adopt. It takes two (or more) to communicate, after all, and if no one else is on the platform you select, or the barrier to entry is too high, then you’re not going to have too many people to talk to. This
