Privacy Blog

"Friends don’t let friends get spied on.' – Richard Stallman, President of the Free Software Foundation and longtime advocate of privacy in technology.

Security Flaw in French Government Messaging App Exposed Confidential Conversations

Leave a comment

The French government didn’t trust the security of any of today’s text messaging applications. Therefore, the DINSIC, France’s government agency in charge of all things digital, created a new text messaging product, called Tchap.

Developing Tchap became essential as Emmanuel Macron’s campaign team previously relied heavily on Telegram. By default, Telegram doesn’t use end-to-end encryption. In other words, people working for Telegram could easily read Macron’s conversations. It’s a serious security weakness.

Similarly, you don’t want the Ministry of Defense to use Telegram or any other unencrypted text messaging app to talk about sensitive operations. The U.S. government could potentially issue a warrant to access those conversations on any servers that are in the U.S. Instead, Tchap’s messages are saved on servers in France where a U.S. court order can be ignored.

There was but one problem: the new Tchap application turned out to be easily hacked. The security flaw was discovered only a few hours after Tchap was released. It turned out to be far less secure than the products it was designed to replace. Tchap’s security problem has now reportedly been fixed.

You can read more in an article by Romain Dillet in the TechCrunch web site at: https://tcrn.ch/2vdOTtu.

An example of Signal in operation

An example of Signal in operation.

How secure are YOUR text messages? After all, the new (and hopefully improved) Tchap app is only available to French government employees. If you have any reason to wonder about text message security, I would suggest you check out the FREE  Signal app at https://www.signal.org/. Signal has an excellent reputation as a cell phone app that provides text messaging, 2-way audio conversations (similar to telephone conversations), and even 2-way video conversations, all using very secure end-to-end encryption.

 

Categories: Encryption, Online Privacy & Security

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.