Do You Need an Offline Messenger for Better Security?
End-to-end encryption works until someone plants a backdoor into a trusted software. Having complete privacy that is 100%-guaranteed is not even an option anymore. Anyone can still have physical access to your computer or mobile device despite you taking all precautions and installing all the cybersecurity software. But what’s the solution? Is an Offline Messenger the proper way to solve the issue? Let’s find out.
An App’s Backdoor? What’s The Deal?
You cannot know if an application you use does not feature a specifically designed backdoor. That in turn, enables anyone with access to this functionality to access your files and accounts as well.
It is not a problem of the average user being unable to determine whether there is a backdoor or not.
As far as an application is not open source, and most software is not, it becomes a challenge even for professional cybersecurity experts and software developers. They won’t be able to find a backdoor in the software for which they do not have access to its programming code.
Many whistleblowers around the world have firsthand experience with the matter. Third-parties intercept and track their communications through the exploitation of backdoors or malware installed on their device.
Only then comes the problem with government agencies being able to prevent access to certain social media platforms or online communication channels altogether.
Recent protesters in Hong Kong experienced all of the above problems and come to a solution that might work.
Trade the Internet for Secure Communications
Protesting Hongkongers realized their messaging apps are being snooped on. That’s when they decided to go off the grid to exchange messages without someone tracking them.
The solution comes with peer-to-peer mesh networking apps. We’re talking about the likes of Bridgefy and FireChat. These apps do not rely on the Internet to send and receive messages.
These apps work by utilizing communication protocols like Bluetooth or Wi-Fi phone radios. However, you can only communicate directly with other devices within short ranges of “between 60m to 100m”.
Using this technology, you can relatively fast send and receive messages in crowded spaces such as a modern megapolis. If you’re using mobile network and a sudden blackout occurs, it won’t affect you.
The method works for both public and private chat groups. Well, you must have a critical number of devices running the respective messaging software to operate.
For a public chat group, it could take some time until the message is delivered over long distances. Mainly, it’s because you need devices to be in physical proximity – but it still works.
How Wi-Fi Direct Works
You can replace office devices with smartphones, by the way. In the infographic below, you can get an idea of how Wi-Fi Direct works for online messaging.
It is actually a very secure method to exchange messages. The users in the middle do not have access to your message and their device transfers it automatically.
The person acting as an intermediary does not have to be in your contact list; the messaging application is not peer-to-peer communication but instead creates a mesh network to exchange messages.
Evidently, this is not a method for secure communication over very long distances in real-time. However, it is independent of any Internet servers or network servers, as your message is transmitted via radio waves or Bluetooth.
You still have no complete security to the extent that any end-user device can be compromised. But you do have the ability to exchange messages privately without relying on popular social networking apps such as Facebook, WeChat, Telegram or Skype. Even you have no Internet access altogether, you still can use such a messaging app.
Are Offline Messengers Secure?
Before we answer this question, we need to know the difference between a messenger app that is able to send messages without having an Internet connection and a messenger app that does not need an Internet connection to send messages.
WhatsApp, for instance, is a messaging app that saves the message locally on your device.
After that, it tries to connect to the WhatsApp servers to send it when you have a connection to the Internet.
Then, it tries to send the message repeatedly until the intended recipient connects to the Internet and gets your message.
This is an offline messaging service in the sense that you do not need to be online to send a message. But you need Internet connectivity for the messages to be exchanged, though.
On the other hand, apps like Bridgefy, FireChat, Signal or The Server Mesh do not need the Internet to exchange messages through Peer-to-peer Wi-Fi Direct or Bluetooth.
You only need to find a nearby device that is ready to communicate using one of these protocols and you are good to go.
That said, the chance of someone snooping on your offline messenger that needs an Internet connection to send and receive message is equal to the chance of someone intercepting your communications over any Internet other communication channels. It is not a problem of encryption or security; it is a problem of the very connectivity method.
End-to-end encryption solves the problem of someone accidentally or intentionally reading your messages. However, it does not solve the fundamental problem of exchanging messages when someone turns off the Internet servers within a certain location. Therefore, we go from the problem of privacy to the next level problem where you have the right to communicate.
Alright! But Are They Safe Though?
Let’s return to the question of whether offline messengers are safe. The short answer is “no”. They are not completely safe even when you are using technology for direct communication between devices.
Mesh networks and technologies for direct device-to-device communication are good in delivering the message. They are as secure as the average messenger you are using to chat with friends and family online.
For instance, you can place a snooping device close to a target and get his or her messages, you can plant malware on a target device, or you can use a backdoor in any other software to take control over a target device. But you cannot prevent a message from being delivered as far as the target recipient has physical access to a mesh network.
Sadly, people use mesh networks not when the Internet infrastructure is down but to avoid censorship and exchange messages freely. On the other hand, this is not a problem of any technology but of political realities in one part of the world or another.
What you need to know about offline messengers and direct device communication protocols is that they add a little privacy to your communications but do not secure your device against targeted attacks or snooping.
What they also offer is the ability to communicate uninterruptedly even when your Internet connection is down or you do not want to use the Internet. Do you have anything to add? Can you come up with other benefits of using offline messengers? Let me know in the comments below.