The growing presence of encrypted communications apps makes a lot of communities safer and stronger. But the possibility of physical device seizure and government coercion is growing as well, which is why every such app should have some kind of self-destruct mode to protect its user and their contacts.
End to end encryption like that you see in Signal and (if you opt into it) WhatsApp is great at preventing governments and other malicious actors from accessing your messages while they are in transit. But as with nearly all cybersecurity matters, physical access to either device or user or both changes things considerably.
For example, take this Hong Kong citizen who was forced to unlock their phone and reveal their followers and other messaging data to police. It’s one thing to do this with a court order to see if, say, a person was secretly cyberstalking someone in violation of a restraining order. It’s quite another to use as a dragnet for political dissidents.
@telegram @durov an HK citizen who runs a Telegram channel detained by the police was forced to unlock his phone and reveal his channel followers. Could you please add an option such that channel subscribers cannot be seen under extreme circumstances? Much appreciate. https://t.co/tj4UQztuZ2— Lo Sinofobo (@tnzqo7f9) June 12, 2019This particular protestor ran a Telegram channel that had a number of followers.
But it could just as easily be a Slack room for organizing a protest, or a Facebook group, or anything else. For groups under threat from oppressive government regimes it could be a disaster if the contents or contacts from any of these were revealed to the police.Just as you should be able to choose exactly what you say to police, you should be able to choose how much your phone can say as well.
Secure messaging apps should be the vanguard of this capability.There are already some dedicated “panic button” type apps, and Apple has thoughtfully developed an “emergency mode” (activated by hitting the power button five times quickly) that locks the phone to biometrics and will wipe it if it is not unlocked within a certain period of time.
That’s effective against “Apple pickers” trying to steal a phone or during border or police stops where you don’t want to show ownership by unlocking the phone with your face.Cybersecurity 101: Five settings to secure your iPhone or iPadThose are useful and we need more like them — but secure messaging apps are a special case.
So what should they do?The best case scenario, where you have all the time in the world and internet access, isn’t really an important one. You can always delete your account and data voluntarily. What needs work is deleting your account under pressure.The next best case scenario is that you have perhaps a few seconds or at most a minute to delete or otherwise protect your account.
. Signal is very good about this: The deletion option is front and center in the options.....