|As a general rule:|
|You have to trust the people you send information to - not a technical function at the receiver that only suggests pseudo-security to the sender.|
Before you can understand and recognize pseudo security, you have to deal with security in communications and related functionality first …
Again and again, reports, reviews and recommendations about messenger systems emphasize “security” as a special feature. Through “best” security, users are often supposed to be persuaded to use a certain system. But:
In order to be able to answer these questions, you should briefly take a look inside yourself and consider what you yourself understand by security in the first place. In general, one can distinguish between security and safety (exteral):
Various examples from practice:
Because ultimately, shouldn’t all action be geared towards that!?
In a nutshell:
Pseudo security arises when (technical) security is only pretended or promised.
Many measures and functions that are intended to regulate access to sent/received information or to technically restrict display and further processing only pretend to be “secure” or are promises that can hardly be kept. They have nothing to do with transmission security (encryption) or actual access security (passwords, access systems, …).
Functions that technically try to make messages available to the recipient only in a restricted way are for example:
However, some of these features can be very helpful for your own storage organization.
“Mission-Impossible”-functions like self-destroying messages are believed with pleasure and can be sold well! However, all the technical possibilities mentioned can only give the sender perceived security. This means that a dangerous pseudo security is suggested and marketed!
It is in the nature of the thing that once sent information is at least briefly in the sphere of influence of the receiver (therefore they are finally also sent!). And since the sender usually has no control whatsoever over the recipient, his environment and the terminal device itself, there are many ways in which the aforementioned functions remain ineffective or become ineffective in terms of [security](/einfuehrung/#sicherheit/:
|For smart users|
Quote: “This lets you take screenshots and do screen capture in apps that normally won’t let you.”
It is therefore not only difficult, but impossible, to find a messenger that is designed to provide working protection against information disclosure and where the sender retains control over content once it has been sent. If content is to be displayed, it has to be transmitted to the recipient - and once it arrives, at least one way can be found as shown …
Message correction is a special case, because even this can suggest security. The function is actually intended for a subsequent correction of e.g. spelling mistakes or changes in content. Once sent, however, messages cannot be deleted even by message correction.
The original (first) message is still retained by the recipient, and the last subsequent “correction” message can then be displayed in place of the previous one. However, this depends on the respective settings and options of the programs/apps used. So, depending on the recipient, all messages sent by the sender will be displayed, or a visual indicator will appear with the message that it has been corrected.
This can have far-reaching consequences as this example shows: You are standing together in a group, receive a message and say, “Hey look what xy is spreading!” The sender deletes the message and thinks “Thank goodness no one saw that …”
So this feature is nice and handy to visually “correct” spelling errors in sent messages, for example. However, this should not be associated with security.
In addition, it is often relatively easy to suppress or falsify the very practical read receipts: Simply disconnect from the Internet after receiving the message and only then read it.
So if a “read” checkmark is not yet visible, it means nothing and you have no security in this respect.
Advertising claims that promise pseudo-security are like stun grenades. Such “security functions” should only be used as a decision criterion with the greatest caution, if at all. This is because, depending on one’s point of view, such a function can be seen as an advantage or a disadvantage. In any case, such a criterion should not be overrated.
|You have to trust the people you send information to - not a technical function at the receiver, which only suggests pseudo security to the sender.|
Rights: CC BY-SA
Autors: Diverse (Initiative Freie Messenger)
All articles/thoughts about Messenger: