Auto-Deleting Messages On The Rise, But Not Enough For Complete Privacy

According to a recent Pew survey that asked people about what kind of mobile apps they use as an alternative to texting, 36 percent of smartphone users use apps such as Whatsapp or iMessage, while 17 percent use apps that automatically delete messages after a short period of time, such as Snapchat.

The more interesting part of the survey was that 41 percent of young adults aged 18-29 use apps that auto-delete their messages. Young people tend to create new trends in technology, and the rise of mobile apps that automatically delete their messages also seems to be a fast-growing trend.

Many of these young people want to use such a feature, believing it will increase their privacy. However, auto-deleting messages only go so far in providing strong privacy. When a message deletes itself, it doesn't necessarily mean it's been deleted forever and nobody else has it.

First off, there are already ways to capture the sent auto-deleting message or image. Taking a screenshot is the easiest, although some apps with auto-deleting messages can also have built-in protections against taking screenshots.

What many don't realize, though, is that the messages also get saved on the company's servers, and often get routed through multiple countries' fiber networks, giving agents there an opportunity to capture those messages.

For the most part, the messages are encrypted with HTTPS, but some countries or other hackers can find a way to decrypt those messages, sometimes by stealing the encryption keys from companies such as Snapchat (especially considering Snapchat hasn't exactly been excelling at security). Such hacks are dangerous because with a single key, someone can decrypt the captured communications of millions. When the data of millions of people is kept on a company's servers, it also makes that single entity a more appealing target.

That's why auto-deleting messages should always come accompanied by end-to-end encryption, where the devices communicating hold the keys to the encryption of their exchanged messages. It's still possible for hackers to target a single individual's devices and decrypt their communications, but this type of hack is far less scalable compared to stealing the HTTPS encryption keys.

In a time when hacks such as the Fappening, or the more recent one on Ashley Madison, seem to be happening every few months, exposing the private data of millions of users at once, more people should be paying attention to apps or services that provide comprehensive privacy protections as well as strong security guarantees for the user data.

Follow us @tomshardware, on Facebook and on Google+.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
  • skit75
    Are there even any examples or recommendations of "apps or services that provide comprehensive privacy protections as well as strong security guarantees for the user data"? I have a feeling that the 18-29 demographic is relying more on application marketing, rather than the EULA. They are subscribing to the illusion of privacy rather than privacy itself via marketing slogans.
    Reply
  • Bridget_1
    I know of no such apps. I do know of an email service that is private and protects from government spying. Go check out shazzlemail.com.
    Reply
  • LordConrad
    I know of no such apps. I do know of an email service that is private and protects from government spying. Go check out shazzlemail.com.
    What about this?

    https://whispersystems.org/
    Reply
  • blackops07
    I know of no such apps. I do know of an email service that is private and protects from government spying. Go check out shazzlemail.com.

    What about this?

    https://whispersystems.org/

    TextSecure is an option. Here is a link to Google Play.
    Reply