This is installment #2 of our four part security series, which describes the four most important security tools for you to own and use. All are free. The first installment of the series is here.
This is one of our rare articles where we'll recommend strongly that you both watch the short video and read the entire blog text.
Let's explain messaging security by asking one simple question, then examining its implications.
What if you had sent Hillary a totally innocent email?
You are now a person of interest because of Hillary's bad security practices, attempts at evasion, and probably obstruction of justice. You are probably not as privileged against prosecution or investigation as Hillary is...
Hillary famously erased tens of thousands of emails in an attempt to avoid accountability for her practices, and even ran a forensic 'erase' program (Bleachbit) to try to ensure that her emails were really-really gone (beyond the reach of forensic investigators) from her bathroom server. Except the forensic guys remembered what Hillary's MS-certified Exchange Server admins forgot: MS Exchange server is really great at maintaining audit trails and making off-site backups. After all, it is certified for HIPAA compliance, government transparency compliance, and so forth. This means it tries to remember things even when people make mistakes and engage in bad practices.
Hillary's own actions made a lot of very uninteresting stuff suddenly very, very interesting to examine... to certain minds.
It's the same capability that allowed us to discover that Comey had started his draft memo exonerating Hillary five months before he even interviewed her.
So if you did send Hillary that totally innocent email, and as you expected, she never read it or responded to it... the fact that she tried so hard to 'erase' her cyber activities makes you a subject of high interest to the security/surveillance deep state.
In this postulated instance, has the NSA infested all your devices with spyware and malware? Probably not. But you will certainly be the drive-by victim of the occasional, probably rather casual, cyber-scan.
(I know I'm paranoid, but am I paranoid enough?? Since I corresponded in turn with you, now I am a person of interest, too - and I don't like that)
It wasn't your own activity (other than sending that innocent email) that made you a person of interest, it's just the fact that you have something in her inbox and you have no control over her unsavory or unwise activities and 'security' practices. The fact that you are in 'her network' now makes you worthy of observation and perhaps investigation.
My point: in most of the world, we cannot predict what is going to happen to the people that we correspond with. We cannot predict how they are going to handle traffic we have sent them. Are they going to forward something they should not forward? Will they CC someone they should have BCC'd? Are they simply backing up their emails in an off-site setup they have forgotten about? Do you want your traffic found in their inbox or archive if they are hacked, investigated or subpoenaed?
Time for a new vocabulary word: ephemeral.
In security practices, emphemeral means that I do not have rely on you engaging in best practices and immediately erasing everything I send you. It means that I do not have to trust your practices, good or bad. I do not have to guess if you are making off-site backups or not. I do not have to trust that you know or care about how your email server is set up. If tomorrow you are hacked or subpoenaed or investigated, I'm still breathing easy that my ephemeral traffic to you is already gone and my messages to you do not get entered into evidence.
Remember, your own behavior could be completely above reproach, but you could still be tainted in the cyber-world by someone else's untoward behavior.
I don't email sensitive stuff, I use Signal or Wickr me and I set 'disappear' times to five minutes to six hours after my correspondent has seen the traffic.
The messaging infrastructure itself allows ME to define how long a message to you is going to live on your device after you receive my message; when that time is expired, the message deletes itself based on settings that I control. You can be as careless as Hillary was, and I'm still pretty safe because I have control of how long my traffic is going to live on your device or computer.
First of all, why am I not recommending WhatsApp??? Well, it only takes one word to answer that question: Facebook. 'Nuff said. I love the 'secure' (sorta?) video chat that WhatsApp provides, but am under no illusions that I can regard it as really secure.
I should note at this point that Whatsapp, Signal and Wickr all rely on the same underlying technology (or similar) and that's the open source tech from Open Whisper Systems.
I was using Signal up until I learned about Wickr - Signal allows for the ephemerality I desire and most importantly, is not owned by Facebook. I regard it as fairly safe to allow the local Signal app to look at your phone book to discover your contacts who have Signal installed already - I know how they accomplish this (using hashes) and it's relatively safe. I *think* that Signal does require you to install on your phone in order to use the desktop version. Signal does show your contacts' real names on the screen, so if your communications are sensitive enough that it would be compromise to have someone walk up behind you and see your contact list (with real names as entered into your phone book) then exercise extreme care.
Wickr gives best support for teams or workgroups who need secure communications, and you can install and use Wickr on your computer withut installing on your phone, or install on your phone without disclosing your phone number if you wish - I really like that feature! You have a bit more granular control over ephemerality and can set your communications to disappear from your respondent's device in as little as 5 seconds after they view the message (I usually go for about 5 minutes). Finally, Wickr has additional security built-in that prevents screen overlays and screenshots from being taken in case you have malware installed that might compromise your security (these features can be disabled, but shouldn't be).
Finally, the max time your message can last on a remote device with Wickr is six weeks! Yes!
There is no perfect security solution for communications, but now that you are thinking about ephemerality as well as your other needs, you are just that much safer.