Secure Messaging Apps: The Pros and Cons of Each Platform

By: Christopher Guess | 07/07/2016

Meeting in a parking garage at 4 a.m. in trench coats — while still effective in certain circumstances — works less in the era of CCTV and mobile phone tracking. When it comes to secure communication, phone calls are out, normal email is laughably awful and SMS is only worse.

Enter: secure messaging apps.

These apps, operating under the same principles as PGP email encryption, are the new front line in securing communications between journalists, sources and contacts. All of these apps offer end-to-end encryption. If the company running the servers is ever subpoenaed, the only thing they can hand over to prosecutors is essentially gibberish.

However, the problem with some of these services is that you have to trust that your data is secure, as proprietary companies usually do not open source their software.

I’m going to discuss a few of the pros and cons of several secure messaging apps and offer a few suggestions for which ones journalists should use. Please remember that there is no right answer for everyone. Depending on who you’re hiding from, some apps are more practical or useful than others.

1.) iMessage

Pros Cons
  • Built into every iPhone and Mac.   
  • Completely seamless. If the text bubble is blue, it’s being sent securely.                
  • If an iMessage doesn’t send, the iPhone will send it through SMS as the fallback, potentially allowing it to be sent unencrypted. However, this can be disabled.
  • Most of your friends, colleagues and sources already use it.

 
  • Ties your personal phone number and device.

2.) Signal

Pros Cons
  • Designed from the ground up to be nothing but a secure messaging platform.
  • Buggy, especially on iOS.
  • It’s not oddly hacked onto an existing platform.
  • The user interface and some of the user experience design can have some, let’s say, interesting glitches. However, none of these problems affect security.
  • Fully open source.
  • Not widely used or known.
  • Extremely familiar, intuitive interface.
  • Requires your phone number for contact discovery.
  • Allows audio chat, with verification.
  • Anyone intent on tracking your internet use can see you’re using Signal. However, they won’t be able to read your messages.

3.) WhatsApp

Pros Cons
  • Built end-to-end by same team as Signal.
  • Not fully open source.
  • More than 1 billion users.
  • Owned by Facebook.
  • The default security settings are very good, as every message is encrypted automatically.
  • How much do you trust Facebook?
  • Users receive notifications if anything is wrong.
  
  • Everyone you’d want to talk to already uses it.
  

4.) Tox (a Skype “replacement”)

Pros Cons
  • Completely decentralized.
  • Usernames are 77 random numbers and letters. Mine is 1EFD9FE2EC7D30065AB
    E5E5C9C93908057608622D94020C952C
    1A7A61D1D0F622E59F5DF41C0.
  • There is, for all intents and purposes, no company that can be attacked.
  • It’s slow.
  • User lists are distributed and shared across the network itself.
  • Finding a user on the network can take time since there is no central repository.
  • No personally identifiable information — phone number, email address, etc. — is needed to make an account.
  • The actual chatting and voice services are still very buggy.
  • Fully open source, so developers can take the Tox protocol and build upon it as they like.
  • Other apps that have adapted Tox’s protocol are difficult to use and ugly to look at.
  • Very few users overall.

5.) Allo (Google’s newest messaging platform. Yes, another one)

Pros Cons
  • Created by Google, so you know the user experience will be pleasant.
  • It’s brand new.
  • The team behind Signal implemented Allo’s end-to-end encryption.
  • Closed source.
  • Extremely accessible on many devices.
  • For now, none of your messages are encrypted by default in Allo’s security settings.

The takeaway

If you’re reporting on the big boys (U.S., Russia, Israel, China), then even these services may not help you. The encryption protecting your messages probably won’t be broken, but the possibilities of malware on your device — or a very sophisticated man-in-the-middle attack — are much higher. In this case, there are many other internet security issues to be considered as well.

However, if you’re only worried about securing your standard day-to-day communication, I’d recommend Signal. Broadly speaking, if you’re a step below international espionage, iMessage, WhatsApp or Signal all fit the bill.

The biggest key to successfully using any of these tools is normalizing their use. If your team is using Signal, use it for everything. As the adage goes, those on the offensive only have to be lucky once; defenders have to be lucky all the time.

This post was also published on IJNet, which is produced by ICFJ.

Related Programs
ICFJ Knight Fellowships
Topics
Media Innovation
Country/Region
Worldwide

Latest News

Valeriya Yegoshyna: Keeping Eyes on Ukraine

In the face of dire threats to their safety, Ukrainian journalists have put their lives on the line to document the atrocities of Russia’s invasion of their country, and amplify the stories of those most impacted. Among these fearless journalists is 2024 ICFJ Knight International Journalism Award winner Valeriya Yegoshyna, a reporter at Schemes, the investigative project of the Ukrainian service of Radio Free Europe/Radio Liberty. Her reporting has revealed alleged Russian war crimes and corruption in her native Ukraine.

Covering Elections and a New Administration in a Fractured Media Landscape

Maria Ressa joined White House correspondents Peter Baker and Eugene Daniels to reflect on the challenging environment for the journalists who covered the 2024 elections and their aftermath. The panel, led by Kristen Welker, moderator of NBC News’ “Meet the Press,” was part of ICFJ’s 40th Anniversary Tribute to Journalists, held Nov. 14 in Washington, DC.

Highlights from ICFJ's 40th Anniversary Tribute to Journalists

Last night we celebrated the best in journalism globally at ICFJ’s 40th Anniversary Tribute to Journalists in Washington, DC. We recognized our 2024 ICFJ Knight Award winners – three inspiring journalists who have made a mark with their courageous investigative journalism.