Each secure messaging app requires a self-destruct button – TechCrunch



[ad_1]

The increasing presence of encrypted communication applications makes many communities safer and stronger. But the possibility of physical device seizure and coercion by the government is also increasing, which is why every application of this type should have some kind of self-destruct mode to protect its user and contacts.

End-to-end encryption like the one you see in Signal and (if you accept it), WhatsApp prevents governments and other malicious actors from accessing your messages during their transit. But as with almost all cybersecurity issues, physical access to a device, a user, or both greatly changes things.

For example, take this Hong Kong citizen who were forced to unlock their phones and reveal their followers and other email data to the police. It is one thing to do this with a court order to see if, for example, a person is secretly using the cyber-harassment of someone in violation of a restraining order. It is quite another thing to use the dragons of political dissidents.

This protester directed a telegram chain that has had a number of followers. But it could just as well be a Slack room to hold a protest, a Facebook group or anything else. For groups threatened by oppressive government regimes, the content or contacts of these individuals or their contacts would be revealed to the police.

Just as you should be able to choose exactly what you say to the police, you should also be able to choose what your phone can say. Secure messaging applications should be at the forefront of this feature.

There are already dedicated applications of the "panic button" type and Apple has wisely developed an "emergency mode" (activated by pressing the power button five times quickly) that locks the phone to biometrics and l & # 39; It clears it's not unlocked certain period of time. This is effective against "Apple pickers" who are trying to steal a phone or at border controls or police stops when you do not want to prove your property by unlocking the phone with your face.

These are useful and we need to be more like them – but secure messaging apps are a special case. So what should they do?

The best case, where you have all the time in the world and Internet access, is not really important. You can always delete your account and your data voluntarily. What needs work is to delete your account under pressure.

The next scenario is that you may have a few seconds or at most a minute to delete or protect your account. The signal is very good about this: the delete option is in the foreground in the options screen, and you do not need to enter data. WhatsApp and Telegram requires you to enter your phone number, which is not ideal; if you do not do it correctly, your data is kept.

Signal, left, allows you to continue. You will need to enter your number in WhatsApp (right) and Telegram.

Obviously, it is also important that these applications do not allow users to delete their account irreversibly and irreversibly. But perhaps there is an intermediate way to lock it temporarily for a predefined period, after which it deletes itself if it is not unlocked manually. Telegram has automatic destruction accounts, but the shortest time you can delete is one month.

What really needs improvement is the emergency removal. when your phone is no longer under your control. This could be a case of seizure of the device by the police, or perhaps forced to unlock the phone after your arrest. Whatever the case, a user must have the possibility to delete his account outside the usual means.

Here are some options that might work:

  • Remote deletion of trust: The selected contacts have the possibility, via a one-time code or another method, to delete the accounts or conversations of each, remotely, without asking any questions or creating a notification. Thus, a friend who knows you have been shut down remotely removes all sensitive data from your device.
  • Self-timer: As the function of Telegram, but better. If you are going to an event or if you have been selected "randomly" for a selection or additional questions, you can simply ask the application to delete itself after a certain length of time (maybe as little as 39, one minute) or at a certain time of the previous day. day. Disable it at any time or stop it for five minutes.
  • Poison PIN: In addition to the normal unlock PIN, users can set a PIN that, once entered, allows you to select various effects. Delete some apps, delete contacts, send preset messages, unlock or temporarily lock your device, and more.
  • Customizable panic button: Apple's emergency mode is excellent, but it would be nice to be able to associate conditions such as poison PINs. Sometimes, all that one can do is break that button.

Of course, these new avenues also open up new avenues for calamity and abuse, which is why they should be carefully explained and perhaps initially hidden in "advanced options" and so on. But overall, I think we'll be safer with them.

Finally, these roles can be filled by dedicated applications or by the developers of the operating systems they run on, but it makes sense that the most secure application class on the market is the first on the ground.

[ad_2]

Source link