Propublica的高级记者Julia Angwin、普林斯顿的Joseph Bonneau和电子前哨基金会的 Peter Eckersley 根据7个标准评估了流行即时通讯软件的安全性,结果显示腾讯的QQ是最不安全的即时通讯软件之一。
他们依据的7个技术标准是:
- 传输过程是否加密
- 供应商是否能读取加密信息
- 用户是否能验证联系人身份
- 如果密钥被盗,之前传输的信息是否安全
- 代码是否开放供独立审查
- 安全设计是否正确文档化
- 代码是否审计
QQ的得分是0,而最安全的即时通讯软件是Cryptocat(曾被记者Glenn Greenwald 使用)、Silent Text和Silent Phone(月费9.95美元),TextSecure、Signal和ChatSecure + Orbot都是7分,其它流行的工具如Facebook chat、Skype、WhatsApp和Google Hangouts是2分,苹果的iMessage是5分。
Name | Encrypted in transit? | Encrypted so the provider can’t read it? | Can you verify contacts’ identities? | Are past communications secure if your keys are stolen? | Is the code open to independent review? | Is security design properly documented? | Has the code been audited? | Score |
---|---|---|---|---|---|---|---|---|
CryptoCat | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
Silent Text | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
Silent Phone | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
TextSecure | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
Signal / RedPhone | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
ChatSecure + Orbot | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
RetroShare | Yes | Yes | Yes | Yes | Yes | Yes | No | 6 |
Mailvelope | Yes | Yes | Yes | No | Yes | Yes | Yes | 6 |
Off-The-Record Messaging for Mac (Adium) | Yes | Yes | Yes | Yes | Yes | Yes | No | 6 |
Jitsi + Ostel | Yes | Yes | Yes | Yes | Yes | Yes | No | 6 |
Subrosa | Yes | Yes | Yes | No | Yes | Yes | Yes | 6 |
Off-The-Record Messaging for Windows (Pidgin) | Yes | Yes | Yes | Yes | Yes | Yes | No | 6 |
Telegram | Yes | Yes | Yes | No | Yes | Yes | No | 5 |
PGP for Windows Gpg4win | Yes | Yes | Yes | No | Yes | Yes | No | 5 |
Threema | Yes | Yes | Yes | Yes | No | Yes | No | 5 |
PGP for Mac (GPGTools) | Yes | Yes | Yes | No | Yes | Yes | No | 5 |
SureSpot | Yes | Yes | Yes | No | Yes | Yes | No | 5 |
FaceTime | Yes | Yes | No | Yes | No | Yes | Yes | 5 |
iMessage | Yes | Yes | No | Yes | No | Yes | Yes | 5 |
Wickr | Yes | Yes | No | Yes | No | No | Yes | 4 |
iPGMail | Yes | Yes | Yes | No | No | Yes | No | 4 |
Virtru | Yes | No | No | No | No | Yes | Yes | 3 |
BlackBerry Protected | Yes | Yes | No | No | No | Yes | No | 3 |
StartMail | Yes | No | Yes | No | No | Yes | No | 3 |
SnapChat | Yes | No | No | No | No | No | Yes | 2 |
Google Hangouts/Chat “off the record” | Yes | No | No | No | No | No | Yes | 2 |
Facebook chat | Yes | No | No | No | No | No | Yes | 2 |
Yes | No | No | No | No | No | Yes | 2 | |
Skype | Yes | Yes | No | No | No | No | No | 2 |
Ebuddy XMS | Yes | No | No | No | No | No | No | 1 |
Viber | Yes | No | No | No | No | No | No | 1 |
Yahoo! Messenger | Yes | No | No | No | No | No | No | 1 |
BlackBerry Messenger | Yes | No | No | No | No | No | No | 1 |
AIM | Yes | No | No | No | No | No | No | 1 |
Hushmail | Yes | No | No | No | No | No | No | 1 |
Secret | Yes | No | No | No | No | No | No | 1 |
Kik Messenger | Yes | No | No | No | No | No | No | 1 |
No | No | No | No | No | No | No | 0 | |
Mxit | No | No | No | No | No | No | No | 0 |
Source: Research by Electronic Frontier Foundation, ProPublica, and Joseph Bonneau
原创文章,作者:Maggie-Hunter,如若转载,请注明出处:https://blog.ytso.com/industrynews/49084.html