|
In the wake of Edward Snowden's revelations, a San Franciso privacy group has revealed that all of the major messaging apps have fundamental flaws.
The Electronic Frontier Foundation (EFF) released its Secure Messaging Scorecard today, evaluating dozens of messaging technologies on a range of security best practices.
The scorecard includes more than three dozen tools, including chat clients, text messaging apps, email applications, and technologies for voice and video calls - and found all of the major players were left wanting.
'The revelations from Edward Snowden confirm that governments are spying on our digital lives, devouring all communications that aren't protected by encryption,' said EFF Technology Projects Director Peter Eckersley.
'Many new tools claim to protect you, but don't include critical features like end-to-end encryption or secure deletion.
'This scorecard gives you the facts you need to choose the right technology to send your message.'
EFF examined them on seven factors, like whether the message is encrypted both in-transit and at the provider level, and if the code is audited and open to independent review.
Six of these tools scored all seven stars, including ChatSecure, CryptoCat, Signal/Redphone, Silent Phone, Silent Text, and TextSecure.
Apple's iMessage and FaceTime products stood out as the best of the mass-market options, although neither currently provides complete protection against sophisticated, targeted forms of surveillance.
Many options—including Google, Facebook, and Apple's email products, Yahoo's web and mobile chat, Secret, and WhatsApp—lack the end-to-end encryption that is necessary to protect against disclosure by the service provider.
Several major messaging platforms, like Mxit, and the desktop version of Yahoo Messenger, have no encryption at all.
'We're focused on improving the tools that everyday users need to communicate with friends, family members, and colleagues,' said EFF Staff Attorney Nate Cardozo.
'We hope the Secure Messaging Scorecard will start a race-to-the-top, spurring innovation in stronger and more usable cryptography.'
|
愛(ài)德華·斯諾登(Edward Snowden)的爆料喚起了我們對(duì)信息安全的警覺(jué)�。來(lái)自美國(guó)洛杉磯的一個(gè)隱私團(tuán)隊(duì)透露,絕大多數(shù)的通信應(yīng)用都有根本性缺陷���。
電子前沿基金會(huì)(Electronic Frontier Foundation)今天發(fā)布了一種信息安全評(píng)分卡,它通過(guò)一系列最佳安全檢測(cè)方法來(lái)評(píng)估幾十種信息技術(shù)的安全性�����。
這種卡檢測(cè)了三十多種通訊工具���,包括聊天客戶(hù)端����,信息應(yīng)用,電子郵件應(yīng)用程序�����,以及語(yǔ)音視頻通話(huà)技術(shù)等等所有絕大多數(shù)用戶(hù)都需要的助手��。
“斯諾登的爆料有力地說(shuō)明了政府正在監(jiān)控我們的信息生活�,還在逐步控制所有沒(méi)有加密保護(hù)的通信,”電子前沿基金會(huì)技術(shù)總監(jiān)彼得·??怂估≒eter Eckersley)這么說(shuō)道。
“很多新技術(shù)宣稱(chēng)能保護(hù)你的隱私��,但都沒(méi)有諸如整個(gè)信息交流過(guò)程信息加密或信息安全刪除等關(guān)鍵性的功能�。”
“而這張卡能很清楚地告訴你選擇什么樣的技術(shù)渠道與別人通信才是安全的�����?���!?/p>
電子前沿基金會(huì)通過(guò)七道關(guān)卡檢測(cè)那些通訊工具���,包括信息在傳送中以及接收者手上是否有加密,以及信息的代碼是否會(huì)被審查�,接收者看到的信息有沒(méi)有被其他人看到。
有六項(xiàng)工具通過(guò)了以上檢測(cè)�����,分別是聊天安全器(ChatSecure)�,加密貓(CryptoCat),警覺(jué)機(jī)(Redphone)���,潛伏機(jī)(Silent Phone)��,潛伏通訊(Silent Text)�����,以及信息安全器(TextSecure)����。
蘋(píng)果公司的iMessage和FaceTime產(chǎn)品成為大眾市場(chǎng)的最佳選擇�,雖然它們目前還無(wú)法提供對(duì)復(fù)雜的目標(biāo)性監(jiān)控的防護(hù)措施。
目前很多大眾選擇——谷歌����,F(xiàn)acebook,蘋(píng)果的電子郵件產(chǎn)品��,雅虎的桌面和移動(dòng)聊天�,Secret,還有WhatsApp�����,在信息流通的加密上都存在漏洞�,這可是防止服務(wù)提供商竊密的必要技術(shù)。
幾個(gè)最主要的通訊平臺(tái)�,如Mxit,雅虎Messenger的桌面版�,完全沒(méi)有加密措施。
電子前沿基金會(huì)法務(wù)專(zhuān)員內(nèi)特·卡多佐(Nate Cardozo)說(shuō):“我們致力于提高用戶(hù)隨時(shí)和親友����、同事的通訊需求的技術(shù)?!?/p>
“我們希望信息安全積分卡可以促進(jìn)通訊技術(shù)相互競(jìng)爭(zhēng)發(fā)展,激勵(lì)密保技術(shù)實(shí)現(xiàn)更有力的改革�����,走向更實(shí)用的道路?����!?/p>
(翻譯:佳木China? 編輯:Julie)
掃一掃����,關(guān)注微博微信
 
|
