At the very core, email as a secure communication medium is fundamentally flawed. The SMTP protocol was first introduced in the 1980’s well before many of the threats of the modern internet were even envisioned, much less understood. However, despite its age and flaws, SMTP is not going away anytime soon, and email will continue to play a major role in our lives. For truly secure communications, one cannot really recommend email (and internet)

 

To avoid the shortcommings of standard email, all communications between users of sMessenger are handled internally by our own servers. However, all communications between users of sMessenger and users using other systems involve the use of standard email.

 

Security needs to be made easy enough to be usable. The most secure system is simply not useful if it is so complicated nobody is willing to use it. As sMessenger developers, we will be the first to tell you that there are certainly more secure ways we could have built a service like sMessenger. The reason we built sMessenger the way we did is not because we weren’t aware of these other methods, but because we would have had to sacrifice too much usability. There will always be a trade off between security and usability, anybody that tells you otherwise is lying. And just because a system is not 100% secure does not mean you should not use it, the key is understanding the limitations of your security.

 

On a more serious note, there are also critics who assert that by building sMessenger, we are providing a powerful tool for criminals to evade the authorities. There is no denying that sMessenger provides a high level of security and privacy for criminals, but one has to remember that the world does not consist of just criminals. There are also dissidents, and democracy activists living under authoritarian regimes where freedom of speech is not respected. Then, there are the rest of us, law abiding private citizens who simply want control over our online data. We can either choose to live in a world where everybody is under surveillance, or a world where everybody (criminals included) have privacy. 

 

Server

This is an attack that can typically only be executed by a strong adversary (like a government) and is generally a targeted attack. It cannot easily be used on a large scale to perform mass surveillance.

Phone

The most secure smartphones are Android smartphones. Don't buy that? Apple's latest version of iOS 11 was cracked a day -- a day! -- after it was released. So Android is perfect? Heck no!

 

Android has great tools for managing your online security. Some implementations may be technically better than others, but you can be reasonably sure that your data on the phone is safe.

 

No method is 100% secure, and ways to get around it are found regularly, then patched quickly so the cycle can repeat. But these methods are usually complicated and very time-consuming and rarely widespread.

 

However, sMessenger provides some tools to keep Your messages and information private

User

You, the user, are the weakest link in the chain of security. If you want to keep your data secured, you need to force someone to use complicated, time-consuming methods if they wanted to get into your phone. Secure data needs to be difficult to obtain and difficult to decipher if someone does get ahold of it. With Android, there are several things you can do to make someone have to work really hard to get your data, hopefully so hard that they don't bother trying.