Propublica的高级记者Julia Angwin、普林斯顿的Joseph Bonneau和电子前哨基金会的 Peter Eckersley 根据7个标准评估了流行即时通讯软件的安全性,结果显示腾讯的QQ是最不安全的即时通讯软件之一。
他们依据的7个技术标准是:
- 传输过程是否加密
- 供应商是否能读取加密信息
- 用户是否能验证联系人身份
- 如果密钥被盗,之前传输的信息是否安全
- 代码是否开放供独立审查
- 安全设计是否正确文档化
- 代码是否审计
QQ的得分是0,而最安全的即时通讯软件是Cryptocat(曾被记者Glenn Greenwald 使用)、Silent Text和Silent Phone(月费9.95美元),TextSecure、Signal和ChatSecure + Orbot都是7分,其它流行的工具如Facebook chat、Skype、WhatsApp和Google Hangouts是2分,苹果的iMessage是5分。
| Name | Encrypted in transit? | Encrypted so the provider can’t read it? | Can you verify contacts’ identities? | Are past communications secure if your keys are stolen? | Is the code open to independent review? | Is security design properly documented? | Has the code been audited? | Score |
|---|---|---|---|---|---|---|---|---|
| CryptoCat | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
| Silent Text | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
| Silent Phone | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
| TextSecure | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
| Signal / RedPhone | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
| ChatSecure + Orbot | Yes | Yes | Yes | Yes | Yes | Yes | Yes | 7 |
| RetroShare | Yes | Yes | Yes | Yes | Yes | Yes | No | 6 |
| Mailvelope | Yes | Yes | Yes | No | Yes | Yes | Yes | 6 |
| Off-The-Record Messaging for Mac (Adium) | Yes | Yes | Yes | Yes | Yes | Yes | No | 6 |
| Jitsi + Ostel | Yes | Yes | Yes | Yes | Yes | Yes | No | 6 |
| Subrosa | Yes | Yes | Yes | No | Yes | Yes | Yes | 6 |
| Off-The-Record Messaging for Windows (Pidgin) | Yes | Yes | Yes | Yes | Yes | Yes | No | 6 |
| Telegram | Yes | Yes | Yes | No | Yes | Yes | No | 5 |
| PGP for Windows Gpg4win | Yes | Yes | Yes | No | Yes | Yes | No | 5 |
| Threema | Yes | Yes | Yes | Yes | No | Yes | No | 5 |
| PGP for Mac (GPGTools) | Yes | Yes | Yes | No | Yes | Yes | No | 5 |
| SureSpot | Yes | Yes | Yes | No | Yes | Yes | No | 5 |
| FaceTime | Yes | Yes | No | Yes | No | Yes | Yes | 5 |
| iMessage | Yes | Yes | No | Yes | No | Yes | Yes | 5 |
| Wickr | Yes | Yes | No | Yes | No | No | Yes | 4 |
| iPGMail | Yes | Yes | Yes | No | No | Yes | No | 4 |
| Virtru | Yes | No | No | No | No | Yes | Yes | 3 |
| BlackBerry Protected | Yes | Yes | No | No | No | Yes | No | 3 |
| StartMail | Yes | No | Yes | No | No | Yes | No | 3 |
| SnapChat | Yes | No | No | No | No | No | Yes | 2 |
| Google Hangouts/Chat “off the record” | Yes | No | No | No | No | No | Yes | 2 |
| Facebook chat | Yes | No | No | No | No | No | Yes | 2 |
| Yes | No | No | No | No | No | Yes | 2 | |
| Skype | Yes | Yes | No | No | No | No | No | 2 |
| Ebuddy XMS | Yes | No | No | No | No | No | No | 1 |
| Viber | Yes | No | No | No | No | No | No | 1 |
| Yahoo! Messenger | Yes | No | No | No | No | No | No | 1 |
| BlackBerry Messenger | Yes | No | No | No | No | No | No | 1 |
| AIM | Yes | No | No | No | No | No | No | 1 |
| Hushmail | Yes | No | No | No | No | No | No | 1 |
| Secret | Yes | No | No | No | No | No | No | 1 |
| Kik Messenger | Yes | No | No | No | No | No | No | 1 |
| No | No | No | No | No | No | No | 0 | |
| Mxit | No | No | No | No | No | No | No | 0 |
Source: Research by Electronic Frontier Foundation, ProPublica, and Joseph Bonneau
原创文章,作者:Maggie-Hunter,如若转载,请注明出处:https://blog.ytso.com/industrynews/49084.html