Back to blog

secure communication on your smartphone

12/11/2018 - Posted in internet , minimal security , privacy , security Posted by:

Tags: , , ,

reading time: 2 minute

Welcome back to minimal security! This post is about how to communicate securely with your friends on your smartphone. I am sure we are all worried about sending our cat videos through insecure channels. Fear not! There are messaging apps that will protect you with minimal effort on your side. There is a myriad of choices on the Play store / App store and while there are some hacky nerdy choices out there, people generally should opt for Signal.

 Signal supports not only text messages but also audio and video calling, group chats and some other neat security features. Signal protects your messages in transit and the only people able to read the messages are you and your recipient. To be absolutely sure no one can listen in, you should verify each others safety number. To do so follow these steps (shamelessly taken from the Signal FAQ):

  • Open a conversation thread with a contact.
  • Tap on the conversation header or navigate to the conversation settings.
  • Select view safety number.
  • Scan your contact’s QR code (and vice versa)

Now you are all set to communicate securely with your chat partner. Now matter how funny the cat video, it is all private between you and the recipient! Awesomiau!

additional information

The reason why you should verify the safety number is that if you fail to do so, it is possible that someone is eavesdropping on your communication. This is generally very unlikely and might only be a problem if you are targeted by some capable attackers. Nonetheless, it is wise to do so. It will drastically increase security and you get a nice check mark next to your communication partners name. I think everyone gets all warm and cozy inside if you can check some boxes!

Alternatives to Signal would be apps based on Matrix. Signal is very monolithic and does not allow federation or running your own servers. Moxie, the leading head of the Signal foundation, makes some good points in his blog post. However, not everyone agrees with him and others strongly advocate for federation (running your services on multiple servers – possibly allowing everyone to run their own). 

Maybe the future is with Matrix and its’ client Riot. For now, I will still recommend Signal for its ease of use and its strong security to everyone who consults with me. Signal gives many strong security guarantees with minimal effort and I think until Matrix is being usable enough, Signal should be preferred.

Leave a Reply

Your email address will not be published. Required fields are marked *