The big players: EFF examined them on seven factors, like whether the message is encrypted both in-transit and at the provider level, and if the code is audited and open to independent review. not of the big players, all shown here, scored aperfectly.
In the wake of Edward Snowden's revelations, a San Franciso privacy group has revealed that all of the major messaging apps have fundamental flaws. The Electronic Frontier Foundation (EFF) released its Secure Messaging Scorecard today, evaluating dozens of messaging technologies on a range of security best practices. The scorecard includes more than three dozen tools, including chat clients, text messaging apps, email applications, and technologies for voice and video calls - and found all of the major players were left wanting. 'The revelations from Edward Snowden confirm that governments are spying on our digital lives, devouring all communications that aren't protected by encryption,' said EFF Technology Projects Director Peter Eckersley. 'Many new tools claim to protect you, but don't include critical features like end-to-end encryption or secure deletion. 'This scorecard gives you the facts you need to choose the right technology to send your message.' EFF examined them on seven factors, like whether the message is encrypted both in-transit and at the provider level, and if the code is audited and open to independent review. Six of these tools scored all seven stars, including ChatSecure, CryptoCat, Signal/Redphone, Silent Phone, Silent Text, and TextSecure. Apple's iMessage and FaceTime products stood out as the best of the mass-market options, although neither currently provides complete protection against sophisticated, targeted forms of surveillance. Many options—including Google, Facebook, and Apple's email products, Yahoo's web and mobile chat, Secret, and WhatsApp—lack the end-to-end encryption that is necessary to protect against disclosure by the service provider. Several major messaging platforms, like Mxit, and the desktop version of Yahoo Messenger, have no encryption at all. 'We're focused on improving the tools that everyday users need to communicate with friends, family members, and colleagues,' said EFF Staff Attorney Nate Cardozo. 'We hope the Secure Messaging Scorecard will start a race-to-the-top, spurring innovation in stronger and more usable cryptography.'
|
爱德华·斯诺登(Edward Snowden)的爆料唤起了我们对信息安全的警觉。来自美国洛杉矶的一个隐私团队透露,绝大多数的通信应用都有根本性缺陷。 电子前沿基金会(Electronic Frontier Foundation)今天发布了一种信息安全评分卡,它通过一系列最佳安全检测方法来评估几十种信息技术的安全性。 这种卡检测了三十多种通讯工具,包括聊天客户端,信息应用,电子邮件应用程序,以及语音视频通话技术等等所有绝大多数用户都需要的助手。 “斯诺登的爆料有力地说明了政府正在监控我们的信息生活,还在逐步控制所有没有加密保护的通信,”电子前沿基金会技术总监彼得·埃克斯利(Peter Eckersley)这么说道。 “很多新技术宣称能保护你的隐私,但都没有诸如整个信息交流过程信息加密或信息安全删除等关键性的功能。” “而这张卡能很清楚地告诉你选择什么样的技术渠道与别人通信才是安全的。” 电子前沿基金会通过七道关卡检测那些通讯工具,包括信息在传送中以及接收者手上是否有加密,以及信息的代码是否会被审查,接收者看到的信息有没有被其他人看到。 有六项工具通过了以上检测,分别是聊天安全器(ChatSecure),加密猫(CryptoCat),警觉机(Redphone),潜伏机(Silent Phone),潜伏通讯(Silent Text),以及信息安全器(TextSecure)。 苹果公司的iMessage和FaceTime产品成为大众市场的最佳选择,虽然它们目前还无法提供对复杂的目标性监控的防护措施。 目前很多大众选择——谷歌,Facebook,苹果的电子邮件产品,雅虎的桌面和移动聊天,Secret,还有WhatsApp,在信息流通的加密上都存在漏洞,这可是防止服务提供商窃密的必要技术。 几个最主要的通讯平台,如Mxit,雅虎Messenger的桌面版,完全没有加密措施。 电子前沿基金会法务专员内特·卡多佐(Nate Cardozo)说:“我们致力于提高用户随时和亲友、同事的通讯需求的技术。” “我们希望信息安全积分卡可以促进通讯技术相互竞争发展,激励密保技术实现更有力的改革,走向更实用的道路。” (翻译:佳木China 编辑:Julie) 扫一扫,关注微博微信
|
|