Threat model server

 

The most basic protection for the content of PGP-encrypted messages is making sure that the private key used to decypher the content of the message is never stored on the server. 

 

A second level of protecting Your privacy is making sure our servers are as forgetful as possible, our servers suffer of a constant form of amnesia and never save IP-addresses of connected users, messages exchanged between users etcetera.

 

Unauthorized backdoor is an attack vector where an attacker somehow gained access to sMessenger’s servers without us noticing. Such an attacker could conceivably change the sMessenger software to send bad encryption code to user’s that would somehow allow the attacker to get unencrypted data, or somehow send compromised public keys to users to execute a MITM attack.

sMessenger has implemented numerous safeguards against this on the server level. The attacker would have to gain control of the server, and then modify the software all without anybody at sMessenger noticing. The odds of this being successfully executed is low.

 

There are however some risks when facing a strong adversary, such as a government focusing all its resources on sMessenger and completely taking over sMessenger. In such a case, precautions are taken on the server level to make sure that such an adversary is not able to continue running sMessenger. The downside however is that in such a case, all communications will shut down.

 

Man-in-the-Middle (MITM) Attacks is a very rare attack vector where an adversary will sit between the user and the sMessenger servers and tamper with the data being relayed between the user and the server. sMessenger employs SSL to ensure our data is properly delivered to user’s device and not tampered with en-route. Generally speaking, a successful MITM attack requires breaking SSL. To further improve the resistance against MITM attacks, all data exchanged between a user and sMessenger servers is encrypted with a second key that is only known to the user and the server.

 

Note that the best protection of Your privacy is the situation when both users are using sMessenger. All communications  between a user of sMessenger and a user not using sMessenger involves a standard mailserver that is fundamentally flawed as a secure communication medium.