Most Instant Messaging, Chat Apps Not Secure: Report

Brandon Dimmel's picture

Several of the world's most popular messaging applications have failed a security test carried out by the Electronic Frontier Foundation (EFF), a non-profit organization dedicated to helping defend civil liberties in the digital environment. In essence, the EFF found that messaging apps like Facebook Chat and Yahoo Messenger just don't do enough to protect user data.

The EFF, which published its findings earlier this week, studied 39 messaging applications. The list included voice and video calling programs, mobile texting applications, and instant messaging services.

Only Six Messaging Apps Meet EFF's Standards

In evaluating these apps and services, the EFF asked the following questions: do the apps offer features capable of protecting users from hackers -- including government surveillants? Do the apps in question encrypt all data in transit? Are the messages encrypted in a way that blocks access to the service provider? Do communications remain encrypted over the long term? And, finally: have the messaging apps been subjected to an independent security audit in the past year?

Of the 39 applications reviewed, only six -- including CryptoCat, ChatSecure, TextSecure, RedPhone, Silent Text, and Silent Phone -- met the EFF's standards. Some, like Mailvelope, RetroShare, Subrosa, and Pidgin, came close. (Source:

Also scoring well were two Apple products, iMessage and FaceTime, which failed only two of EFF's requirements, including the availability of code for independent audit and contact identity verification. In other words, neither outsiders nor Apple can read your messages sent using these apps, but the applications won't verify your contacts' identities, and Apple doesn't release their programming code for independent review. (Source:

Popular Messaging Apps Fail to Encrypt All Data

Perhaps the most shocking results involved the world's most popular messaging apps and services. The EFF found that Google Hangouts, Facebook Chat, Yahoo Messenger, Snapchat, WhatsApp, Viber, AIM, and BlackBerry Messenger all failed to provide users with end-to-end encryption features, making it relatively easy for an attacker to intercept communication.

The most frightening findings involved mobile social network Mxit and China-based instant messaging service QQ, neither of which provide any encryption features. As a result, EFF named Mxit and QQ the least secure messaging products of the 39 apps they evaluated.

What's Your Opinion?

Which messaging app do you use? Are you concerned that your communications may be accessed by others? Will the results of this study lead you to change your preferred messaging application?

Rate this article: 
Average: 4.9 (7 votes)