Messenger - How secure is it?

How secure is the UNA messenger? Can it be encrypted? If so, how?

  • Up vote
    1
    Down vote
  • View
    259
  • More
Replies (10)

    • Hello @Tajrebatee !

      Sorry, but your question is too vague. It would be nice to add some criteria, examples, and comparable parameters.

      • If you ask about end to end encrypted aka Signal - no. Only SSL is standard technology for securing an internet connection by encrypting data sent between a website and a browser (or between two servers). It prevents hackers from seeing or stealing any information transferred, including personal or financial data.

        • To encrypt messages end-to-end the messenger needs to run in a native app, with keys stored on-device. This is relatively straightforward for messenger-only native apps, but very cumbersome for a messenger that's part of a larger application. We use SSL of course to in-transit encryption, but P2P is more appropriate for a tailored implementation if needed.

          • @Rocco @Andrey Yasko @LeonidS

            Thank you all so much for your reply. The question came from some of the members who asked to compare "Una Messenger" compared to other common social media platform. They indicated now with Meta can now access and monitor FB, and may be even WhatsApp, they don't trust these platform for sharing personal information and their feel freedom of speech is being violated by Meta and those big boys. Of course, this is in addition to the usual risk of Cyber threats like hacking etc. Am interested in your thoughts about these concerns?

            • Thank you so much. The question came from some of the members who asked to compare "Una Messenger" compared to other common social media platform. They indicated now with Meta can now access and monitor FB, and may be even WhatsApp, they don't trust these platform for sharing personal information and their feel freedom of speech is being violated by Meta and those big boys. Of course, this is in addition to the usual risk of Cyber threats like hacking etc.

              • Thanks @Andrey Yasko for your reply. Can you kindly clarify what you mean by a "native app" vs. part of large application? and any guidance about that "straightforward" encryption, i.e., resources in una to show how to do it? thank you so much.

                • @Tajrebatee Read that information to understand how it can be in theory _https://m.facebook.com/help/messenger-app/786613221989782

                  • Will do. Thank you so much!

                    • Appreciate the clarification on my questions above. Thank you so much!

                      • A "native app" is our case refers to the new NEO ReactNative Apps. These apps can take full advantage of the device's capabilities, including secure storage for cryptographic keys.

                        The "part of a large application" implies that the messenger is just a feature within a broader system a whole a social network built with UNA. In this context, it's challenging to implement end-to-end encryption because the messenger is not standalone; it's tied to other functionalities that may require different data access patterns.

                        Now, full end-to-end encryption comes with trade-offs. Firstly, it does require native apps on both ends to securely store keys. Web apps are generally less secure for this because the browser environment is more susceptible to various attacks.

                        Secondly, end-to-end encryption effectively makes moderation really difficult. If you can't see the content, you can't moderate it. For a community platform, this could be a double-edged sword. On one side, you guarantee privacy; on the other, you open up possibilities for misuse without an easy way to curb it.

                        If your community members are more concerned about privacy and freedom of speech and less about content moderation, then end-to-end encryption could be a good fit.

                        Login or Join to comment.