EFF’s Secure Messaging Scorecard

BreakingModern — On November 7, 2014, the Reporters Committee for Freedom of the Press, the Freedom of the Press Foundation and the New America’s Open Technology Institute hosted a conference in Washington, D.C., that looked into the effects of widespread government surveillance on news gathering. It also had panels to teach techniques reporters can use to employ safer encryption tools.



The conference used the hashtag #EncryptNews on Twitter and streamed it live via the Reporters Committee for Freedom of the Press website. And, a few days prior to the conference, the Electronic Frontier Foundation (EFF) published a Secure Messaging Scorecard detailing a whole list of messaging apps and platforms, including AIM, Facebook Messenger, Snapchat, TextSecure, the formerly popular Blackberry Messenger and even WhatsApp, to name a few.

The project is far from complete, but it’s a huge step in the right direction. As the EFF notes in the website, there are a ton of allegedly secure messaging apps out there, all touting basically the same thing. How does the public discern what is legit and implemented properly, and what is snake oil? We can’t look at the code and make any sense of it, but there is a community out there who can, and when the code is open source, they conduct audits. If the code is closed, well, then you have to trust the word of the company who is publishing the app. Why do that when you have open source alternatives? More and more companies are starting to figure this out.


The Electronic Frontier Foundation

The EFF is a group of super-intelligent people, and they know this is a Herculean undertaking. From the Secure Messaging Scorecard,

“This scorecard represents only the first phase of the campaign. In later phases, we are planning to offer closer examinations of the usability and security of the tools that score the highest here. As such, the results in the scorecard below should not be read as endorsements of individual tools or guarantees of their security; they are merely indications that the projects are on the right track.

So, where are we right now? The current scorecard looked at seven different aspects of each secure messaging app. I’ll summarize them here, but for a more-detailed look at how this was set up, scroll down to the Methodology section on the Scorecard page. The seven criteria examined were:

  1. Is your communication encrypted in transit?
  2. Is your communication encrypted with a key the provider doesn’t have access to?
  3. Can you independently verify your correspondent’s identity?
  4. Are past communications secure if your keys are stolen?
  5. Is the code open to independent review?
  6. Is the crypto design well-documented?
  7. Has there been an independent security audit?

Out of the almost 40 apps examined, only six came out with a perfect score. They were: TextSecure, CryptoCat, Silent Text, Silent Phone, Red Phone, and Chat Secure + Orbot. This makes me really happy because it includes the app I’ve been recommending for the last few years as a secure SMS alternative. The app actually does what the developers say it’s supposed to do, which is refreshing. Also, the more the public recognizes these secure messaging tools the more people will actually start using them, and we’ll all be safer in the end.


We know that technology makes communication so much easier, but we also have to understand that we become easier to monitor and track. For some that’s a small price to pay for the convenience, and for the rest of us, we will always have awesome tools like TextSecure and CryptoCat to keep our messages private.

A lot of people will ask: “If you have nothing to hide, then why are you so worried about it?” I’m not worried about it, and I have nothing to hide from the people I trust. The government is a whole ‘nother story. There are a ton of great resources to keep you safe and informed online. Here’s a few links to get you started.


The EFF Surveillance Self-Defense page is a nice collection of tutorials and other helpful information regarding online privacy and encryption communication technology.

The EFF Secure Messaging Scorecard is here. If you are using Android, definitely check out TextSecure and the rest of the Open Whisper Systems offerings. I’ve heard there’s an iOS version coming soon.

For the rest of the #EncryptNews info, follow it on Twitter.

And, lastly, check out the rest of the EFF. They have been doing great work like this for quite a while now.

Stay safe.

For BMod, I’m

All screenshots: Mat Lee

Mat Lee

Author: Mat Lee

Based in Kalispell, MT, Mat Lee is a senior contributor at aNewDomain.net. He writes hip hop, makes podcasts, and dabbles in gaming in his spare time. Follow Mat Lee on Twitter, Google+, and Facebook.

Share This Post On

1 Comment

  1. Mat

    It should also be noted that the new version of what’s app incorporates text secure open source protocol, so it’s now supposed to be encrypting.

    Personally, I’ve used Text Secure for so long I’ll stick with it.

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>