WhatsApp, Viber, Telegram, Skype. Users of these and other popular Internet messengers send billions of messages a day. Fast and free apps have become so popular that they are gradually replacing traditional text, audio, and video communication. However, should you trust them with your deepest, darkest secret? Or should you conduct business on them? Digital Report asked this question to experts to whom secure communications are a professional necessity.
Anatoly Streltsov, Professor of Information Security, Moscow State University:
If you don’t want your information known to third parties, use proper cryptography or other information security tools.
Ruslan Leonenko, Marketing Director, Ukrainian company Star de Lux:
As a businessman, I don’t feel any discomfort about confidentiality for one obvious reason: the cost to analyse all the information flowing through all the messenger services to find valuable and confidential financial information would be much more expensive than the profit from possessing this information. However, when talking about major companies, then yes, this may be a very sensitive issue for them. In this case, the problem has been solved long ago: corporate messengers for use only on their Intranet. Any major company has them.
Yury Gursky, Businessman and Head of Maps.me, recently sold to Alisher Usmanov (Russian tycoon and founder of USM Holdings which also owns popular social-networking site VK):
Only Telegram in secret chat mode.
Roman Blishchov, Head of InfoMediaService, former-Director of the ISP Aychyna (Belarus):
It’s already possible to monitor Skype messages although conversations still seem untouchable. We’re really not sure about Viber at the moment, but many of my friends try not to hold confidential conversations on it. From a technical standpoint, all messengers may be vulnerable if the need is great enough. To me, the most secure means of communication is still meeting in person, leaving even your phones outside the room. To ensure confidentiality of online conversations and correspondence, one must use technical means and lesser-known methods of encryption.
Alexander Skrabovsky, Chairman of the Board of Social Weekend (Belarus):
I basically stopped using Skype after its purchase by Microsoft. But I’m not worried about Viber: their security level is no worse than Telegram’s. Nevertheless, I do realize that my PC, tablet, smartphone or my right palm may give access to anything in my life to Department K of the Belarusian Ministry of Interior. (Department K is responsible for investigating cyber crimes. -ed)
Nikolay Voronkovich, Developer and project manager (Moscow):
I use Skype, Viber, and Facebook messenger for business correspondence without any worries (various partners use various tools). I’m sure that the legality and transparency of business is the best cure from fear of tapping. In any case, there are much more numerous and serious sources of information leakage than messengers.
Nikolay Shchetko, IT-reporter:
I don’t trust all messengers equally, but I have to use nearly all the popular ones, both for business and my personal life. Of course, I have more trust in open-code (even if only partially open) services with full encryption, like Telegram, although there is no full guarantee of security in this case as well. Anything can be intercepted; it all depends on how strong the other person’s interest is in you and your data.
It all depends on the level of confidentiality. In 99.99% cases Viber, Skype, Telegram are enough. Intelligence agencies would not try to intercept the conversations of regular citizens going about their businesses. Well, in any case, they wouldn’t spend huge resources to monitor and then decrypt the traffic. In Belarus, it is much simpler to just go into an office and confiscate all the computers with their information. If you’re afraid that someone may have access to your traffic and could decrypt it, you’d better think about other solutions or about using the above-mentioned applications through a VPN.
If you’re completely paranoid, then you should encrypt not only your traffic, but also all the contents of your communication tools. For example, Skype stores all correspondence by default. My experience shows that encrypting everything is impossible for an average user. I guess that the number of those using strong passwords stored in a password manager like KeePass is not large. In any case, the owner of the password will tell it to the interested parties if the ‘correct’ approach is taken, if you know what I mean.
I try to use two-factor authentication for my business communication. Someone would not be able to log into my Twitter account without access to my personal mobile device at the same time. It is the same thing for email, which does not let anyone in without permission from my mobile. And of course there are always personal meetings. It is always better to discuss confidential matters in person.
You really can’t trust any of the messengers completely. Skype is the property of Microsoft, which doesn’t only officially work in the Russian and Belarusian markets, but also has the certificates from the Operative and Analytical Centre (The intelligence service under the President of Belarus. -ed) and Roskomnadzor (The Russian media watchdog. -ed) respectfully. I doubt very much that Microsoft would have obtained those if it had not provided the Skype encryption keys.
Viber is a great app but again it is a tool with proprietary code and, from the very start, Belarusian and Israeli developers were working on it. We can’t view the source code and thus we can’t know what is inside. Also, one of the authors could be cooperating with the KGB (In Belarus, the Committee for State Safety still goes by the old Soviet Union title. –ed) or Mossad.
Telegram, of course, pushes its image as a fully secure messenger, but its codes are also proprietary. Project leader Pavel Durov is from Russia and used to work as the Head of the VKontakte social network, which would never become such successful if not for cooperation from the authorities. This could be a well-protected service, but the only proof of this is Pavel Durov’s word.
Conditionally, I’d call Google HangOuts (previously Google Talk) reliable. If someone were to obtain access to my correspondence, it would be the American NSA. Unlike from KGB or Russian FSB, I have no secrets from them.
Really, I’d call only the Jabber protocol completely reliable: it is completely open source, supports traffic encoding, and the source code of both client and server parts are available to anyone. No one could put a bug inside there.
Yuri Tsarev, TV Host:
You know, I use all types of messengers, depending on which the other person uses. I don’t have any big secrets and that’s why I don’t care a lot about confidentiality.
Alexander Amzin, journalist, Director Of Business Development MED MEDIA (Medportal.ru, Mama.ru, Doktor.ru):
I use messengers mostly for business: Viber, Skype, Telegram, iMessage, Facebook Messenger. It depends on whom I’m speaking with. My personal correspondence is in Telegram, and serious business correspondence I try to do through Outlook, which is based on Exchange.
Igor Loiko, businessman, CEO of Astra Media:
I don’t care much for messengers. I don’t know the technical details of Skype or Viber. All the information I’d like to keep secret may be extracted from my any person I’ve spoken with during the first interrogation. In my opinion, it’s not what means of communication you use, but rather with whom you speak.
Reading above, it is clear that the opinions of the individuals are different but there is one obvious general conclusion: there is no agreement that any one type of messenger provides 100% security. A user can increase the level of security using encryption, a VPN, two-factor authentication, reading user agreements thoroughly, and simply being well informed on the topic. However, in our digital era, when the value of information is ever rocketing skywards, it is best to always be alert.