Last Updated on: 1st December 2023, 02:38 pm
Web site: surespot.me
Category: Network
Subcategory: Instant Messengers
Platform: Android, iOS
License: GPLv3
Interface: GUI
First release: 2013
Surespot – a mobile messaging application that secures all messages using end-to-end encryption for every text, image and voice message returning your right to privacy. Surespot uses your mobile data plan and Wi-Fi so you don’t get texting charges, especially important for those friends in other countries.
Features:
– surespot is not associated with your phone number or email
– send voice messages when your hands or eyes are too busy to text
– multiple identities on a single device to keep matters separated
– free messenger with no advertising and open source clients
– your identity is portable, transfer your secure conversations to other devices
– uses 256 bit AES-GCM encryption using keys created with 521 bit ECDH*
Not all encryption is equal. Most messengers provide encryption during message transport using SSL but messages return to an unencrypted form once they reach the server. Other messengers use End-to-End Encryption but store the decryption keys on their servers for ease of use. In either case you would have to trust the server implicitly which has proven problematic when any server operator can be compelled by court order to turn over some or all of the messages and/or keys. Ideally you would not need to trust the server operator- enter surespot, odd for us to promote that you do not need to trust us but it is true!
Data sent using surespot is End-to-End Encrypted with symmetric-key encryption (256 bit AES-GCM) using keys created with 521 bit ECDH shared secret derivation. All that means our servers do not see or hold your keys and the messages you send are encrypted by your device so protected during the entire transport to the receiver, who is the only one who can decrypt the message.
Surespot also enables users to verify the public key fingerprint of friends offline which adds another layer of protection by revealing any MITM attacks.
Every line of the client code used in surespot is made available for inspection / scrutiny and for other developers to contribute to. Linus’s law states, “Given enough eyeballs all bugs are shallow.”