5 free and secure messaging tools

1: ChatSecure

ChatSecure (Figure A) is an open source chat app for both Android and iOS that uses Off-the-Record (OTR) Messaging over XMMP. You can use this app to chat via your preexisting accounts (Google Chat, Facebook Chat, VKontakte, Yandex, Hyves, Odnoklassniki, StudiVZ, Livejournal, Jabber, and more).

It allows you to set a master password to keep prying eyes out of the chat app itself, supports WiFi Mesh Chat (chatting with others on the same local wireless or mesh network ─ no server required), and even enables you to create anonymous “burner” chat accounts. If you have to do anonymous chatting, and you’re behind a firewall, you can install the Orbot proxy tool, which will get you through. (Orbot is also required to create “burner” accounts.) With ChatSecure, two-way encryption cannot take place until a user has been verified (done through the app). Once verified, you can encrypt conversations and each sent message will indicate if it is encrypted or not.

2: Cryptocat

Cryptocat (Figure B) is a secure open source messaging extension for the Google Chrome browser. All messages are encrypted before they leave your computer, so there’s no concern that plain text is being sent and then encrypted on a third-party server.

One interesting Cryptocat feature is the ability to join what is called the “lobby.” Within the lobby you can chat with any other Cryptocat users who happen to be hanging out. To start a chat, you enter a name for the chat, create a username, and click Connect. Once you’re in, tell the other users the name of the chat room and have them join. Cryptocat is a bit of a nod to old school IRC chats, but it gets the job done quickly and easily.

3: Surespot Encrypted Messenger

Surespot Encrypted Messenger (Figure C) is an end-to-end symmetric encryption messaging tool (using 256-bit AES-GCM encryption) that creates keys using 521 bit ECDH shared secret derivation. It’s private — period. The best thing about Surespot is that all the privacy is built-in, so you won’t even notice the security layer.

When you first run Surespot, you create a username and password. It is important that you not forget this password, as there is no way to recover it. You’ll also want to back up your Surespot identity once created. If you don’t do this, and you need to re-install the app, you won’t be able to log back into your Surespot account. With this locked down system, it’s nearly impossible for someone to steal your Surespot identity. One nice touch is that you can’t even take a screenshot of an in-progress chat.

Surespot is free, but you can purchase an encrypted voice messaging feature. (It’s free to receive and play messages; it costs only to record and send voice). The cost for the voice is $1.99 USD and is an in-app purchase. Surespot is available for both Android and iOS.

4: Tox

Tox is somewhat new to the world of secure chatting. It was created as a reaction to concerns of Skype’s privacy (or lack thereof). Tox uses dispersed networking and strong cryptography to create a secure (using NaCl crypto library) messaging system for everyone. Users are assigned a private and public key and connect to one another directly — no middleman or third party involved.

With Tox, you can do text, phone, and video, all secure. Tox is free, open source, and available on Linux, Windows, and Mac. Its interface is incredibly easy to use (anyone of any skill level can start using right away) and doesn’t require you to connect with your Facebook, Google, Twitter, or any other account.

5: ChatCrypt

ChatCrypt (Figure E) offers another nod to old-school chatting tools, with a web-based system that encrypts all messages before they leave the browser (so they can’t be read on the server side). You enter the site, create a room and username, set a password for the room, share the password to anyone you want to join, and start chatting.

Figure E

The system works by utilizing the AES-256 algorithm in CTR mode. So long as the secret (strong ─ hint, hint) password created for the chat doesn’t end up in the hands of the wrong people, the chat will go off securely and no information will be leaked. The only caveat with ChatCrypt, is that you get text chatting only. But at least you can invite as many people as necessary into the chat.

Leave a Reply

Your email address will not be published. Required fields are marked *