"MESSAGING APPS ARE TERRIBLY INSECURE".

It’s likely that every single day, you use a messaging app to communicate with friends and family. It’s also likely that the messaging app you’re using is  unequipped to protect your privacy.

The Electronic Frontier Foundation (EFF) has just released a scorecard featuring 39 messaging apps ranging in popularity from the relatively small Silent Phone and CryptoCat to the ubiquitous iMessage and Facebook Messenger. The scorecard measures the security of each app using seven different criteria.

That includes the questions … Is your communication encrypted in transit? Is your communication encrypted with a key the provider doesn’t have access to? Can you independently verify your correspondent’s identity? Are past communications secure if your keys are stolen? Is the code open to independent review? Is the crypto design well-documented? and Has there been an independent security audit?

Spoiler alert – it’s not good. The messaging landscape is woefully insecure.

In fact, only six applications garnered a perfect score: ChatSecure, CryptoCat, Signal/Redphone, Silent Phone, Silent Text, and TextSecure.

Every other app failed in at least one of the aforementioned areas.

“Many new tools claim to protect you, but don’t include critical features like end-to-end encryption or secure deletion. This scorecard gives you the facts you need to choose the right technology to send your message.”

Out of the most popular apps to be rated, Apple’s iMessage and FaceTime had the best security score (five out of seven).

Services like AIM, Blackberry Messenger, Secret, and Yahoo Messenger were only able to garner one check mark – for messages being encrypted in transit.

Popular apps like WhatsApp, Snapchat, Skype, and Facebook Messenger only grabbed two checks.

“We’re focused on improving the tools that everyday users need to communicate with friends, family members, and colleagues,”

“We hope the Secure Messaging Scorecard will start a race-to-the-top, spurring innovation in stronger and more usable cryptography.”

“Getting a perfect score here is more the first step than final victory. We still need usability studies, metadata protection, independently commissioned audits, and other measures of security before we try to get the whole network to switch to one of these options,”