Everyday you read or hear about new stories about Social Engineering Scams, Data breachs, Personal Information Records Thefts, Credit Cards scams, new kind of attacks like Voice Phishing, CryptoLocker, Dino, Duqu; and vulnerabilities like StageFright, POODLE, BEAST, FREAK, and more.
But there is a new shift for hackers right now: Mobile devices and apps; and every second, if you are in the Cyber Security industry, you see that the attacks are becoming more targeted and sophisticated with time. We are using our Mobile devices right now for almost everything: browse the web, to make payments, to chat with friends and family, but many of us are not aware of the dangers and worries about privacy and security when we do that through Mobile; and we need to take advanced measures to protect us from scammers and hackers. I always talk with my family about these issues and I show to them real threats about this. Some have heard my advice, others just ignored me until they are victims of one of this kind of attacks. One of my cousins was one of these victims and he told what he could do today to keep Mobile communications private and secure, and this is the objective of the post: to provide world-class apps and tools to achieve this. Let’s start.
This was one of the hardest category to convince to my friends and family, because almost everyone use right now WhatsApp, Facebook’s Messenger, WeChat, LINE; and it was difficult because many of their friends, colleagues use the same tools, and they wanted to be in touch with everyone; but some of them heard why I had to say about them, and changed their behaviour. One of the strongest points I keep saying to everyone is simple but powerfull: Facebook uses your profile data to make profits and Mobile platforms like WhatsApp (they paid $19 Billion USD in cash and stocks for it, and they have 900M Monthly Active Users) and Messenger are key drivers for its strategy (they even hired to David Marcus, the former CEO of PayPal to manage the team, and they have 700 million active users), so I made a simple question to them: Are you worried about this? Many of them (they are a lot of my friends they are not part of the tech world) didn’t know that WhatsApp is part of Facebook. So, I tried all apps and I kept with just one: Telegram Messenger, and I will tell you why.
The three reasons why I selected Telegram Messenger? Security, Speed and Cross-Platform.
Telegram is Secure
The core of its security features is the MTProto Mobile Protocol, which was designed to provide encryption in every layer of communication in the platform, and if you ask for more, there is an additional layer of encryption for Secret chats, using end-to-end encryption. Even, to test its Security, they created two Cracking Contests for it: one for $200,000 USD and another for $300,000, and until this date, none has broken the platform. So, security is important to them, and of course, our privacy; and you don’t have to worry about the technical specifications if you are a non-tech user (if you are in tech, I encourage you to read everything), you just will use the app like other Messaging app, but you will be sure that your messages will not be read by anyone, and your data will be always belong to you.
Telegram is Fast
Yes, until this date, I never has lost a sent message through Telegram, and they keep everything synchronized for you wherever you use the app. You can chat with several people at the same time, and the platform just works !!! This is not the case for others IM apps, where many hang my old Android phone.
Telegram is Cross-Platform
You can use Telegram almost in every available platform: Android, Windows Phone, iPhone/iPad, PC, Mac, Linux (my most used app) and in the Web browser too. So, you don’t have any excuse to say to me that you can’t install Telegram and use it today. It’s ready for you, wherever you stay. And if you are worrie about reliability, just read this from VentureBeat, where Pavel Durov (@durov), the founder and CEO of Telegram said that they deliver 12 Billion messages pey day, an increase of 2 Billion since August, and they has 62 Million Monthly Active Users, so they are doing an incredible work managing its large-scale infrastructure. Many people is talking about why they use Telegram and why they feel it’s important, but I found this incredible article from Toby Coppel, Partner at Mosaic Ventures, that you should read too.
This is one of the most common ways of communications today, and I think it will keep relevant (even with the rising usage of apps like Slack), and for that reason, attackers will keep using the same or more sophisticated methods to breach Enterprise networks or personal accounts using email. That’s the main reason that we need to change our thinking about Email privacy and protection of our data. So, I began to test some Emails apps focused on Security, and my favorite is ProtonMail.
The message from Protonmail is simple: “The Email provider that NSA can’t spy”. And you should be wondering why. ProtonMail is based in Switzerland, so none government could request any information hosted in this country. But if you read with detail all Security’s features that ProtonMail provides, you will change your account in the next 5 minutes:
- Even, the ProtonMail’s team doesn’t have access to your data
- All data related to your inbox is encrypted with the highest security standards, using Hardware Encryption Modules
- All email messages are self-destructive by default
- They have a password to login in your account, and other password to decrypt your Inbox
Did I mention that ProtonMail is free?
They are available for Android and iOS for $29 USD, so use it and after, you can thank me; and it seems that there are a lot of people interested in the platform:
Encrypted Text Messaging
This is another area where many users lack of experience, or simply because they are not aware of the dangers. Personally I love RedPhone and Secure SMS apps from Whisper Systems team. With RedPhone, you can make private call, yes, actually private calls, where anyone can’t hear what you are saying:
And with Secure SMS, you can send encrypted SMS, using end-to-end encryption, so anyone can’t read your messages. If you see the page of the team, you will see that I’m not the only one who recommends these apps; Edward Snowden, Laura Poitras, Bruce Schneier and Matt Green are some of people who recommend them:
When you use free apps, there is a mantra for it: “If the product is free, you are the product”, and I’m tired of this. There are a lot of companies doing the right thing for the sake of its customers; like Apple, with Tim Cook taking the lead on this:
“I’m speaking to you from Silicon Valley, where some of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. They’re gobbling up everything they can learn about you and trying to monetize it. We think that’s wrong. And it’s not the kind of company that Apple wants to be.”
Yes, my friend, your privacy is under attack, and your Mobile communication is a key part of that, so with these apps, you can protect to yourself from everyone, of course, any application is not 100% secure, but they are doing a great job to maintain to everyone out of your communications, so just take a look to the apps, and you will see that you will improve your life, with a strong thinking in security and privacy. If I can’t convince, just see the amazing speech of Andy Yen, CEO of ProtonMail at TED, and think again about these issues:
or all videos from The Dark Site of Data’s playlist at TED. All talks are incredible.