Posts tagged Secure

Your Messaging App Probably Isn’t As Secure As You Think

More than a few messaging apps aren’t doing everything they can to keep your nude photos from leaking on to the Internet or The Man from eavesdropping on your personal conversations, the Electronic Frontier Foundation reports.

In fact, after  evaluating three dozen communication tools for its new Secure Messaging Scorecard, the EFF found that there there are only a handful of truly secure messaging apps. And odds are good that most people aren’t using them. 

You might not be familiar with the top scorers, which include ChatSecure, CryptoCat, Signal/Redphone, Silent Phone, Silent Text, and TextSecure. These are the six apps that met the EFF’s seven-point criteria for secure messaging:

  1. Messages are encrypted in transit
  2. Messages are encrypted so the service provider can’t read them
  3. Contacts’ identities can be verified
  4. Past communications are secure if keys are stolen
  5. Code is open to independent review
  6. Security design is properly documented
  7. The code has been audited

Apple’s iMessage and FaceTime products stood out as the best of the mass-market options, although neither currently provides complete protection against sophisticated, targeted forms of surveillance. Many options—including Google, Facebook, and Apple’s email products, Yahoo’s web and mobile chat, Secret, and WhatsApp—lack the end-to-end encryption that is necessary to protect against disclosure by the service provider. Several major messaging platforms, like QQ, Mxit and the desktop version of Yahoo Messenger, have no encryption at all.

Apple’s iMessage and FaceTime did best among mainstream apps, “although neither currently provides complete protection against sophisticated, targeted forms of surveillance,” the EFF said in a statement

If you’re looking to keep your service provider out of your communications, forget about Secret, SnapChat and WhatsApp, as well as Apple, Google and Facebook’s email services and Yahoo’s mobile and Web chat. None offer end-to-end encryption necessary to keep your conversations from being accessed by the company sending them. 

Of course, it could be worse. According to the EFF,  QQ, Mxit and the desktop version of Yahoo Messenger, “have no encryption at all.”

Lead illustration courtesy of Shutterstock

 

 

 

View full post on ReadWrite

Snapchat Claims It Can’t Afford To Keep Your Photos Secure

Snapchat is valued at $10 billion, with its 24-year-old CEO Evan Spiegel paying himself a $10 million salary. Yet in the wake of a third-party breach which allowed hackers to post hundreds of thousands of private Snapchat photos on the Internet, the company now claims it has neither the time or money to keep its customers secure.  

“It takes time and a lot of resources to build an open and trustworthy third-party application ecosystem,” the company wrote in a Snapchat blog post. “That’s why we haven’t provided a public API to developers and why we prohibit access to the private API we use to provide our service.”

See also: Hacked Site Takes Blame For Snapchat Leak

Hackers dumped hundreds of thousands of user photos—about 13GB—onto Internet forum 4chan on Sunday, a breach Internet joke smiths call “The Snappening.” Snapchat traced the hack to a third-party app named SnapSaved, and promptly blamed the victims:

“Snapchatters were allegedly victimized by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security.”

Snapchat blames users, but it’s hard to believe users realized that Snapchat’s third party apps were insecure in a time when third party apps for most social networks are not. Places like Twitter and Facebook, for example, provide a public API for developers interested in creating third party apps. When an API isn’t available, developers are forced to use a less secure workaround of accessing user credentials, and that’s what happened with SnapSaved.

See also: Snapchat Blames Victims In Nude Photo Leak

What’s especially interesting is Snapchat’s insistence that the company doesn’t have the time or resources to build a secure API, given the site’s current $10 billion valuation. Asked about his newfound wealth at a Vanity Fair event, CEO Evan Spiegel said:

“It’s all fake money still. We generally have the feeling there is a lot more work to do.”

It’s unclear what Spiegel meant, whether he was stating that going from rags to riches felt like monopoly money, or whether the money was somehow still inaccessible—another staggering leap of illogic given that he gave himself a $10 million salary last year.

Don’t listen to Snapchat’s victim blaming. The company indeed has the resources to ensure a hack like this doesn’t happen again, and it ought to begin taking responsibility.

Lead photo by Snugg LePup.

View full post on ReadWrite

Navigating Secure Search: From Keywords to Content [BrightEdge Share 14]

In a session at BrightEdge’s Share 14 event, brands discussed how they’ve shifted their approach in a keyword “(not provided)” world.

View full post on Search Engine Watch – Latest

Live @ SMX East: How To Secure Your Site For Google’s HTTPS Algorithm

Google wants everyone to secure their websites, to make the browsing experience on the web safer for everyone. Google has even gone so far as to say that sites that implement HTTPS — adding an SSL 2048-bit key certificate on your site — will give it a minor ranking boost. What’s not to like…



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

HTTPS Sites Secure Ranking Boosts in Google

Google announced HTTPS would be used as a signal in its search ranking algorithm. Starting it as a “lightweight” signal, affecting fewer than 1 percent of global queries to give sites “time to switch,” Google said the signal may strengthen over time.

View full post on Search Engine Watch – Latest

Google Starts Giving A Ranking Boost To Secure HTTPS/SSL Sites

Google To Give Secure Sites A Ranking Boost Google has announced (the blog post hasn’t gone live yet, actually) that going HTTPS — adding a SSL 2048-bit key certificate on your site — will give you a minor ranking boost. Google says this gives websites a small ranking benefit,…



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Russian Search Engine Yandex Goes 100% Secure Search, Referrer Data Now “Not Provided”

Yandex announced (in Russian) today that they have now went 100% secure, encrypting all search queries, resulting in a huge jump in the [not provided] count. This was first reported by Anna Oshkalo who shared a screen shot of her analytics detailed the bulk of her Yandex keyword data now shows [not…



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Google’s Motives Behind Secure Search: Interview with Marcus Tober of Searchmetrics by @murraynewlands

I caught up with Marcus Tober, CTO of Searchmetrics, to discuss the recent news of Google’s keyword data for paid search becoming ‘not provided’. Marcus shared his thoughts on this shift and provided some insight about what it means for the future of paid search. In my interview with Marcus I asked him what are Google’s motives behind this change, and how it’s going to affect the industry. I also asked if there’s any possibility of those who are unhappy with Google moving over to Bing instead. For my full interview with Marcus, please see the video below: Here are some key […]

The post Google’s Motives Behind Secure Search: Interview with Marcus Tober of Searchmetrics by @murraynewlands appeared first on Search Engine Journal.

View full post on Search Engine Journal

SMX Advanced Early Bird Expiring – Register by Friday, Secure Your Spot & Save

The Early Bird rate for Search Marketing Expo – SMX Advanced expires end of day Friday, May 2. Register now, save $200, and guarantee you’re seat at the search marketing conference of the year. SMX Advanced features one-of-a-kind sessions for experienced search engine marketers. See the agenda….



Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

Rank Still Matters in the Age of Secure Search

Rank is about the user experience. If rank is the doorway to success in search engine optimization, conversion is the ultimate success. The more you can use rank metrics to inform your conversion efforts, the more successful you will be.

View full post on Search Engine Watch – Latest

Go to Top
Copyright © 1992-2014, DC2NET All rights reserved