“New Yorkers expect that their private text messages will be protected,” New York State Attorney General Letitia James warned on Thursday, “as we face a warning of coordinated attacks on our wireless networks.” Every New Yorker, she said, should be “empowered with the information they need to keep themselves safe and their messages private.”
Bottom line: Avoid texting and use a fully encrypted app. “Remember that most text messages, other than SMS, are not encrypted and can therefore be read by an attacker accessing your provider’s network. ” This follows similar national warnings from the FBI and CISA that Americans are using encrypted messages and calls wherever they can. As China’s Typhoon Salt hackers continue to roam the networks, the risk has not gone away.
James also warned New Yorkers that not all cryptocurrency platforms are created equal. “When deciding on a messaging app, be sure to consider what other data the app might collect or send, such as your location and profile photo, and whether that data They are also encrypted,” he said. recommended.
This echoes the advisory issued this week through the US Cyber Defense Agency that encryption alone is not the whole picture and that users also deserve to be aware of the metadata captured and collected through of those applications, even if the content itself is secure. CISA cited Signal as advice and did not mention WhatsApp, which is the world’s first secure messenger. WhatsApp collects metadata where Signal doesn’t, which may simply be this new progression in US government messaging.
While New Yorkers and all other Americans may avoid texting friends, family, and co-workers, there will obviously be the same old circular of text messages from elderly parents and marketing companies. But “if you must send text messages,” James warns, “avoid sending sensitive data, such as account numbers, medical data or sensitive photos, and be wary of anyone who asks you to do so. “
While those alerts primarily target popular SMS, a woefully insecure cellular messaging protocol, they have also highlighted vulnerabilities in much newer platforms. RCS is the successor to SMS, but its popular protocol also lacks the end-to-end encryption that protects user content. That’s why so many headlines have focused on the fact that Android and iPhone users text each other.
RCS was recently added to Apple’s iMessage platform, but without an additional layer of security. Currently, iMessage and Google Messages users can securely send messages to other iMessage or Google Messages users on the same platform, but not from one to another.
Despite the metadata caution, my advice remains to use WhatsApp as your daily messenger given its reach and to use Signal for anything more sensitive or secure. That’s not to say that WhatsApp can access any of your content, but Signal is materially more locked down.
A community. Many voices. Create a free account to share your thoughts.
Our network aims to connect others through open and thoughtful conversations. We need our readers to share their perspectives and exchange ideas and facts in one space.
In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.
Your post will be rejected if we notice that it seems to contain:
User accounts will be locked if we become aware that users are engaging in:
So how can you be a user?
Thank you for reading our Community Guidelines. Please read the full list of posting regulations discovered in our site’s Terms of Use.