Are messaging apps really that secure? BYU study says more needs to be done
Provo, Utah —
(KUTV) How safe are the instant messages you send back and forth?
A new BYU study says technology is more secure than it was, but there's still a gaping hole that could leave you at risk without taking extra steps.
"It's something very necessary," said Elham Vaziripour, a PhD student who spearheaded a recent study about the apps we use every day to send messages -- Facebook Messenger, WhatsApp, and Viber.
Those apps lets you send encrypted -- or secret -- messages. The problem is, those conversations are still open to hackers unless people take the time to determine the person on the other end is authentic.
"What we want to find out is whether people are really checking to make sure that the application is working like it should," said Daniel Zappala, a BYU computer science professor who worked with Vaziripour on the study.
They found mostly, people do not check to ensure authenticity when sending encrypted messages. But then again, you can't really blame them.
Zappala demonstrated how to check that the security keys on both ends of the conversation match up. With lines of numbers making up those keys, doing so can be quite a process.
"You have to literally read all of these numbers to the other person and they are looking at their phone and they say, yeah, those numbers match the numbers that are on my phone," he said.
That can take a long time -- up to 11 minutes, the study found. And few people want to take that time.
"Security should be easy," said Zappala. "The problem is when security is hard, then nobody wants to do it."
So where do they go from here? Zappala, Vaziripour and their team hope to come up with a way to make messaging applications simpler so it doesn't take so long to make sure you're secure.
"Our goal is to find a way to make security products usable by ordinary people," said Zappala.
To view the full study, click here: https://www.usenix.org