One of the main uses of Internet nowadays is definitely communications. From chats in cellphone apps such as Whatsapp to E-Mails, Snapchat Videos and Tweets. Let me define it as “every singe interaction that can is meant to be read by another internet user“.
Now, obviously not every communication can be defined as the same, a Whatsapp message to your mom containing your current location contains sensitive information and should be delivered from one device to another in the most secret way possible. That’s different from your tweet about the new Britney Spears single, which will appear in a public page on the web.
But as we know, the internet is open in concept, so is any communication channel really secure?
Not by itself.
The internet is a public and open protocol, so your direction, as well every “package” of information you’re sending through it is completely public. Imagine you send a real life package from Canada to Mexico. The public address of both the sender and the destination are literally pasted over the box so anyone with access to the physical box can read both, and anyone with ulterior motives could open the box, see what is inside, steal it, document it or even change it and even plant a bomb.
And just like in the real world, in parallel universe of internet communications those labels are public and data can be read, stolen or changed. Which by the way destroys the three measurements for security, if you remember my last post.
So how can I keep my spicy pictures of those hot peppers I bought secure?
Hmm, hot peppers. A true Mexican delight. Well, thankfully we nowadays have a crazy little thing called End to End Encryption.
Remember computers work with data, thanks to the fact that in the internet everything is just a set of ones and zeroes, and no actual peppers are going through it, we can manipulate the insides of package and scramble it in a way no one could ever read it.
To solve this, someone came up with this wonderful security protocols.
Secure Shell. It allows secure communication over insecure networking, it gives a security layer trough public key encryption. SSH is commonly used to access remote terminals, tunneling (See other’s country Netflix) and transferring files trough SFTP, a secure version of the standard File-Transfer Protocol.
Transport Layer Security, a successor of SSL, works in a similar way, but for different purposes. TLS encrypts the communications in both server-client and client-client communications. This kind of encryption can be found in your browser, emails, faxes (if there is any left) and now on chats and instant messaging.
Companies, or servers can be certified into having this encryption, aside from installing into their machines the service to make this option available, a third-party company must issue a TLS certificate before a server gains the “trust worthy” status.
Have you ever seen that green lock on the beginning of your URL? It means that your connection is secure, no one will be lurking into your in-transit information.
Now, I must advice you, and for must advice I mean: really read this…
This only guarantees that there is no one peeping into your coms, this never guarantees that the site you’re in is safe. The website could be certified and still have ill intentions, beware.
There are some specific applications, besides browsers that allow you to have IM end to end encryption. Whatsapp lately introduced a system-wide encryption system that works for every conversation. But still let’s remember the fact that a few days ago Facebook showed their real motives for buying the messaging company and send a disclaimer (with a opt-out option which was really hard to find) in which they announced that they’ll be reading our data to boost Facebook’s ad system. So I wouldn’t recommend it so openly.
Instead, Telegram gives you an open alternative to messaging, giving you even the “secret chat”mode which shines in its encryption methods and also feature some cool things such as message auto destruction and screenshot notifications.
In conclusion, secure messaging is nowadays highly available, keep an eye on who has this kind of security measurements in order to keep your safe sites list updated. And please remember that communication security doesn’t guarantee that the other end of the communication doesn’t have ulterior motives.
Thank you for reading, stay safe.