Surespot

Last updated
Surespot
Developer(s) Surespot LLC
Final release
Android81 / April 27, 2019;3 years ago (2019-04-27) [1]
iOS21 / November 29, 2018;4 years ago (2018-11-29) [2]
License GPL-3.0-or-later
Website www.surespot.me [ dead link ]
As of12 August 2022

Surespot was a free open-source instant messaging application for Android and iOS with a focus on privacy and security. [3] It was shut down on July 31, 2022.

Contents

Features

The application supported the sending of text, pictures, audio messages (in the past only after an in-app purchase), and Emoji icons. It also supported the deletion of messages from the receiving device. It allowed user blocking. There was no support for group messages and sending files other than photos. Surespot provided offline backup via iTunes (PC or Mac) on the iOS version, or to local device storage on the Android version.

For secure communication, Surespot used end-to-end encryption by default. [4] 256-bit AES-GCM encryption was used, with keys created with 512-bit ECDH.

App users could use multiple identities, for instance for private or business use.

Surespot was donationware.

Reception

As of November 4, 2014, Surespot had a score of 5 out of 7 points on the Electronic Frontier Foundation secure messaging scorecard. It had received points for having communications encrypted in transit, having communications encrypted with keys the provider doesn't have access to (end-to-end encryption), making it possible for users to independently verify their correspondent's identities, having its code open to independent review (open-source), and for having its security design well-documented. It was missing points because past communications were not secured if the encryption keys were stolen (no forward secrecy) and because there had not been a recent independent security audit. [5]

Controversy

In May 2015, Channel 4 News published an investigation in which they alleged that "at least 115 ISIS-linked people" appeared to have used Surespot between November 2014 and May 2015. [6] In June 2015, a Surespot user wrote a blog post about how the Surespot developers had stopped responding to his repeated questions regarding "governmental demands for information", leading to the user alleging that the Surespot developers were "under a gag order". [7] [ self-published source ]

Surespot was specifically mentioned in a plea agreement in which a 17-year-old US citizen was charged with providing material support to ISIS. [8]

See also

Related Research Articles

<span class="mw-page-title-main">Pidgin (software)</span> Open-source multi-platform instant messaging client

Pidgin is a free and open-source multi-platform instant messaging client, based on a library named libpurple that has support for many instant messaging protocols, allowing the user to simultaneously log in to various services from a single application, with a single interface for both popular and obsolete protocols, thus avoiding the hassle of having to deal with a new software for each device and protocol.

<span class="mw-page-title-main">Mxit</span>

Mxit(pronounced "mix it") was a free instant messaging application developed by Mxit (Pty) Ltd. in South Africa that ran on over 8,000 devices, including feature phones, Symbian S60, Android, BlackBerry, iPhone, iPad, Windows Phone and tablets.

eBuddy Instant messaging software

eBuddy is a privately held Dutch software company that offers instant messaging services. As of 2011, eBuddy reported 100 million downloads. The company's flagship service is XMS, a proprietary cross-platform instant messaging service. After some changes of ownership, the company is now again owned by its original founders, Onno Bakker and Jan-Joost Rueb.

<span class="mw-page-title-main">BBM (software)</span> Instant messaging software

BBM, also known by its full name BlackBerry Messenger, was a proprietary mobile instant messenger and videotelephony application included on BlackBerry devices that allows messaging and voice calls between BlackBerry OS, BlackBerry 10, iOS, Android, and Windows Mobile users. The consumer edition for iOS and Android, BBM Consumer, was developed by Indonesian company Emtek under licence from BlackBerry Limited. The consumer edition for BlackBerry OS and BlackBerry 10, as well as the paid enterprise edition, called BBM Enterprise, were developed fully by BlackBerry Limited and continue to function. BBM Consumer for Android and iOS was shut down on 31 May 2019, however the paid enterprise version of the software, BBMe, is still supported on these platforms.

<span class="mw-page-title-main">Cryptocat</span> Open source encrypted chat application

Cryptocat is a discontinued open-source desktop application intended to allow encrypted online chatting available for Windows, OS X, and Linux. It uses end-to-end encryption to secure all communications to other Cryptocat users. Users are given the option of independently verifying their buddies' device lists and are notified when a buddy's device list is modified and all updates are verified through the built-in update downloader.

Viber, or Rakuten Viber, is a cross-platform voice over IP (VoIP) and instant messaging (IM) software application owned by Japanese multinational company Rakuten, provided as freeware for the Google Android, iOS, Microsoft Windows, Apple macOS and Linux platforms. Users are registered and identified through a cellular telephone number, although the service is accessible on desktop platforms without needing mobile connectivity. In addition to instant messaging it allows users to exchange media such as images and video records, and also provides a paid international landline and mobile calling service called Viber Out. As of 2018, there are over a billion registered users on the network.

<span class="mw-page-title-main">Messenger (software)</span> American instant messaging app

Messenger is a proprietary instant messaging app and platform developed by Meta Platforms. Originally developed as Facebook Chat in 2008, the company revamped its messaging service in 2010, released standalone iOS and Android apps in 2011, and released standalone Facebook Portal hardware for Messenger calling in 2018. In April 2015, Facebook launched a dedicated website interface, Messenger.com, and separated the messaging functionality from the main Facebook app, allowing users to use the web interface or download one of the standalone apps. In April 2020, Facebook released a Messenger desktop app for Windows and macOS.

<span class="mw-page-title-main">Google Hangouts</span> Communication software by Google

Google Hangouts is a discontinued cross-platform instant messaging service developed by Google. It originally was a feature of Google+, becoming a standalone product in 2013, when Google also began integrating features from Google+ Messenger and Google Talk into Hangouts. Google then began integrating features of Google Voice, its Internet telephony product, into Hangouts, stating that Hangouts was designed to be "the future" of Voice.

Secure instant messaging is a form of instant messaging. Both terms refer to an informal means for computer users to exchange messages commonly referred to as "chats". Instant messaging can be compared to texting as opposed to making a mobile phone call. In the case of messaging, it is like the short form of emailing. Secure instant messaging is a specialized form of instant messaging that along with other differences, encrypts and decrypts the contents of the messages such that only the actual users can understand them.

Wickr is an American software company based in New York City. The company is best known for its instant messenger application of the same name. The Wickr instant messaging apps allow users to exchange end-to-end encrypted and content-expiring messages, including photos, videos, and file attachments. The software is available for the iOS, Android, Mac, Windows, and Linux operating systems. On June 25, 2021, Wickr was acquired by Amazon Web Services.

<span class="mw-page-title-main">Telegram (software)</span> Cross-platform encrypted instant messaging service

Telegram Messenger is a globally accessible freemium, cross-platform, encrypted, cloud-based and centralized instant messaging (IM) service. The application also provides optional end-to-end encrypted chats, popularly known as secret chat and video calling, VoIP, file sharing and several other features. It was launched for iOS on 14 August 2013 and Android on 20 October 2013. The servers of Telegram are distributed worldwide with five data centers in different parts of the world, while the operational center is based in Dubai, United Arab Emirates. Various client apps are available for desktop and mobile platforms including official apps for Android, iOS, Windows, macOS, and Linux. There are also two official Telegram web twin apps, WebK and WebZ, and numerous unofficial clients that make use of Telegram's protocol. Telegram's official components are open source, with the exception of the server which is closed-sourced and proprietary.

<span class="mw-page-title-main">ChatSecure</span> Messaging application

ChatSecure is a messaging application for iOS which allows OTR and OMEMO encryption for the XMPP protocol. ChatSecure is free and open source software available under the GPL-3.0-or-later license.

TextSecure was an encrypted messaging application for Android that was developed from 2010 to 2015. It was a predecessor to Signal and the first application to use the Signal Protocol, which has since been implemented into WhatsApp and other applications. TextSecure used end-to-end encryption to secure the transmission of text messages, group messages, attachments and media messages to other TextSecure users.

<span class="mw-page-title-main">Open Whisper Systems</span> Open source software organization

Open Whisper Systems was a software development group that was founded by Moxie Marlinspike in 2013. The group picked up the open source development of TextSecure and RedPhone, and was later responsible for starting the development of the Signal Protocol and the Signal messaging app. In 2018, Signal Messenger was incorporated as an LLC by Moxie Marlinspike and Brian Acton and then rolled under the independent 501c3 non-profit Signal Technology Foundation. Today, the Signal app is developed by Signal Messenger LLC, which is funded by the Signal Technology Foundation.

Threema is a paid and proprietary end-to-end encrypted instant messaging service. Clients for iOS and Android are available.

Wire Swiss GmbH is a software company with headquarters in Zug, Switzerland. Its development center is in Berlin, Germany. The company is best known for its messaging application called Wire.

<span class="mw-page-title-main">Signal (software)</span> Privacy-focused encrypted messaging app

Signal is a cross-platform centralized encrypted instant messaging service developed by the non-profit Signal Foundation and its subsidiary, the Signal Messenger LLC. Users can send one-to-one and group messages, which can include files, voice notes, images and videos. It can also be used to make one-to-one and group voice and video calls. The Android version also optionally functions as an SMS app, but this functionality will be removed in 2023.

The Signal Protocol is a non-federated cryptographic protocol that can be used to provide end-to-end encryption for voice calls and instant messaging conversations. The protocol was developed by Open Whisper Systems in 2013 and was first introduced in the open-source TextSecure app, which later became Signal. Several closed-source applications have implemented the protocol, such as WhatsApp, which is said to encrypt the conversations of "more than a billion people worldwide" or Google who provides end-to-end encryption by default to all RCS-based conversations between users of their Messages app for one-to-one conversations. Facebook Messenger also say they offer the protocol for optional Secret Conversations, as does Skype for its Private Conversations.

Wire is an encrypted communication and collaboration app created by Wire Swiss. It is available for iOS, Android, Windows, macOS, Linux, and web browsers such as Firefox. Wire offers a collaboration suite featuring messenger, voice calls, video calls, conference calls, file-sharing, and external collaboration – all protected by a secure end-to-end-encryption. Wire offers three solutions built on its security technology: Wire Pro – which offers Wire's collaboration feature for businesses, Wire Enterprise – includes Wire Pro capabilities with added features for large-scale or regulated organizations, and Wire Red – the on-demand crisis collaboration suite. They also offer Wire Personal, which is a secure messaging app for personal use.

<span class="mw-page-title-main">Conversations (software)</span> Free software instant messaging client for the XMPP protocol

Conversations is a free software, instant messaging client application software for Android. It is largely based on recognized open standards such as the Extensible Messaging and Presence Protocol (XMPP) and Transport Layer Security (TLS).

References

  1. "surespot encrypted messenger - Apps on Google Play". play.google.com. Retrieved 2019-04-27.
  2. "‎surespot encrypted messenger". App Store. Retrieved 2018-11-29.
  3. "Kurztest Whatsapp Alternativen" . Retrieved 2014-11-24.
  4. "Apps to easily encrypt your text messaging". 2014-11-24. Retrieved 2014-11-24.
  5. "Secure Messaging Scorecard". Electronic Frontier Foundation. 4 November 2014. Retrieved 5 December 2015.
  6. "Intel fears as jihadis flock to encrypted apps like Surespot". Channel 4 News. 26 May 2015. Retrieved 18 November 2015.
  7. Maschke, George (7 June 2015). "Developer's Silence Raises Concern About Surespot Encrypted Messenger". AntiPolygraph.org. Archived from the original on 29 June 2015. Retrieved 17 November 2015.
  8. "Statement of Facts as to Ali Shukri Amin" (PDF), USA v. Amin (Court Filing), E.D.V.A., vol. No. 1:15-cr-00164, no. Docket 7, Jun 11, 2015, retrieved Jul 25, 2017 via Recap at ¶ 11, p. 4