**Update: **Threema support responded: traffic-data is deleted when the message is delivered, or after two weeks, whichever is earlier.
The popular WhatsApp messaging service has been bought by Facebook last week. It is reassuring to see that many people are worried about this. It means Facebook can collect and combine even more data about you than they already do. They now have the posts that you share with all your friends, but now they also have the messages that you share with your best friend, or with the small selected groups of friends. The worrying means that people are now looking for alternatives, and below is my personal take on some of the alternatives that I’ve seen.
By far the most heard alternative at the moment is Telegram, probably because it’s free. Telegram has been developed by two Russian guys, working for a German company based in Berlin. This means that they are bound by European privacy laws, which is encouraging. So some of the scares that using Telegram is trading the privacy threats of the NSA for those of mother Russia do not seem to be based on facts.
The strange thing about Telegram is that they have chosen to develop their own protocol and cryptography. This was already explained well by Telegram, AKA “Stand back, we have Math PhDs!” in December. The blog post has an update describing a flaw in the end-to-end encryption.
Another very popular choice is Threema, which costs €1,79. Threema is developed by a Swiss based company. Some of the European data protection applies, but importantly the data retention law is not in effect there. This means that metadata does not have to be recorded and handed over to law-enforcement.
The cryptography in Threema is based on the very sound NaCl cryptography library, developed by the well-respected Daniel J. Bernstein, Tanja Lange and Peter Schwabe. This library not only values strong cryptography, but also usability, making it hard for developers to shoot themselves in the foot.
Some of my students have also looked at the Threema application on Android, and have not been able to find obvious flaws in it, see also SSN Projects results. The students do recommend using a master-key in the application to secure your private key.
Another alternative making the rounds is MyEnigma, which seems popular because it’s free and because Threema is not available on all Android platforms. It is also by a Swiss based company and the only alternative which extends to the BlackBerry platform, and also allows secure SMS on Android and BlackBerry.
The security in MyEnigma is based on the common TLS encryption between client and server. An added layer is that users are verified in a two-step process using both SMS and email. This makes impersonation harder, but not impossible. There is no verification process possible for the end-to-end encryption between users.
MyEnigma requires access to your address book to find your contacts. However, they do hash these before sending them to the server. This means that the server does not have access to information about contacts that do not use MyEnigma.
A completely free and open alternative is surespot, which has shared their complete code on GitHub. Their encryption is based on SSL using the Crypto++ library. The encryption is standard public key encryption, using the server as a public key storage. The security depends on the hard-coded key of the server with which other keys are signed.
surespot does not synchronise your contacts in any way, they only allow you to send others invitations. They do however store on the server with whom you are talking, your IP address and some other statistics. surespot is based in the US and thus the above information is also vulnerable to the PATRIOT act.