Here Is Why Consumer-Grade Private Messengers Are Not Private Enough
3 Oct 2019
TL;DR: SSL/TLS is full of vulnerabilities, and attackers don’t even try to break AES 256, instead going straight for the keys.
Modern private messengers for the general public may draw inspiration from a 150-year-old communication solution.
In 1854, English engineer Josiah Latimer Clark came up with a bizarre way of exchanging messages.
Clark needed to obtain the stock prices and telegraph them to service subscribers as quickly as possible. To achieve that, he needed to either hire trained telegraph operators or hire runners who could hand-deliver messages to the Telegraph Company.
The solution he came up with was unheard of at the time.
Josiah Clark installed a 200-meter pneumatic tube system between the London Stock Exchange and the offices of the Electric Telegraph Company. This pipeline system enabled quick delivery of messages enclosed in a capsule directly from the office and into the telegraphers’ hands without hiring new employees.
In 2019, nearly every consumer-grade ‘secure’ messaging application uses the digital version of Clark’s system.
These applications place your confidential messages into AES 256-encrypted ‘capsules’ and send them down SSL/TLS-encrypted ‘pipelines’.
Simple… and effective?
Only if your security boils down to protection from curious teenagers who are itching to practice their hacking skills.
How Secure Are Consumer-Grade Private Messengers?
SSL/TLS has vulnerabilities and the AES 256-encryption is not bulletproof, albeit stable enough to withstand computing attacks for a long time.
Hackers have learned to exploit SSL/TLS a long time ago, so retrieving the encrypted ‘capsule’ is virtually a non-issue.
The only roadblock is breaking the AES 256-encryption and, while it is strong, quantum computers are arriving to the scene. It is well-known that security always comes down to the volume of sacrificed resources.
But here is the shocker. Ready?
The attackers are not even trying to crack the encryption.
Instead, they target the flaws of key distribution mechanisms to get full access to encrypted communication. And when they intercept the keys, listening to your calls and reading your messages is a non-issue.
What Makes StealthTalk Different?
StealthTalk comes from a different league.
It is based on patented Stealth Technology that was developed to secure military telecommunications and was repurposed for commercial use. Here is the link to a 300-page document that explains how it works, if you are into that sort of thing: https://patents.google.com/patent/US20160219024A1/en
For those of you who can’t be bothered to go through the technical nuances, this is what StealthTalk brings to the table:
- Multilayered, military-grade encryption used in Stealth Technology renders ‘brute force’ attacks ineffective. This approach guarantees a dozen quantum computers won’t compromise your data. We will cover encryption in StealthTalk in the following articles.
- Encryption keys cannot be intercepted as they are generated and managed only on your device. One of the main benefits of Stealth Technology is a unique system that eliminates encryption keys exchange and thus the necessity of an encryption key server.
- Messages are broken up into pieces, scrambled, separately encrypted, scrambled again, sprinkled with junk data, and then sent down an untraceable chain of random servers (nodes). That’s why you can be sure that everything said or written will stay between you and your contact, as message interceptions and wiretapping become useless.
- Low-latency calls and lag-free messaging despite the heavy-weight encryption performed behind the scenes. You can enjoy crisp, clear audio quality of your confidential calls. No need to yell or repeat yourself or awkwardly ask your contact to “come again”.
Privacy and Security Are Basic Human Rights
Most messenger users forget about their rights or don’t even realize that their rights are violated, so they stick to the usual apps.
If you want to change the landscape and surround yourself with privacy-oriented people, then it makes the most sense to use StealthTalk today and tell your associates about it. To get familiar with privacy, you can start your free 30-day trial today.
After that, if StealthTalk proves yourself in your eyes, a five dollars monthly investment would not seem like a lot of money for the secret agent-like protection.“Are You Handicapping Your Own Security Efforts?” article will help you learn if you are on the right track in your pursuit of privacy.