These days, even political leaders need to worry about keeping their private communications safe from hackers. The fallout from the ongoing Pegasus scandal demonstrates how free communication platforms that tout “end-to-end encryption” have major vulnerabilities, which undermine their encryption.
Israel announced it would set up a national inquiry after reports emerged about the powerful spyware, Pegasus, which was used against former Prime Minister Benjamin Netanyahu and other public figures.
Citizen Lab in Toronto reported Pegasus had been used against journalists, activists, and dissidents around the world since 2016. If you want to stay connected without putting yourself at risk, you’ll need a hardened phone with these types of features.
Proprietary Design for Server Storage
As the various WhatsApp breaches prove, strong encryption on its own is not enough to stop hackers from accessing unprotected information stored on your backend server. One of the essential parts of mobile security software development is the ability to keep the information safe at rest and in transit.
The leading phone service providers do this by not storing sensitive information, including messages, emails, or contacts, on their servers. Instead, the only information they retain is the basics, like username, expiry date, and activation date.
In other words, even in the very worst-case scenario, where hackers somehow got access to the backend server, there wouldn’t be anything to hack.
Security-focused software and technology, including a server that doesn’t have a backdoor built-in and doesn’t store data at rest, is what you need to protect your privacy.
The safest phones have several secondary features which come into effect even if the device itself gets misplaced or stolen. For example, users can activate a remote wipe of their phone from wherever they are. They don’t need to have the device itself on their person. Indeed, that’s that feature’s core purpose.
The most secure phones also let users have nuanced control over sensitive material. The self-destruct feature lets users limit the availability of personal communications, lessening the odds that an unauthorized party could see them.
The communications will be destroyed at the scheduled time on both devices, even if there’s no data connection.
No Third-Party Apps
The most secure phones intentionally exclude third-party apps from their system by design for two reasons. Most people don’t thoroughly research the number and types of permissions they grant these apps. Once they’re on your phone, it’s impossible to know how the company uses, stores, or shares your personal information.
Plus, introducing these apps to your phone opens new vulnerabilities beyond that company’s control. They may recklessly store your information by keeping it in places hackers can find.
The Pegasus hacking scandal is different from prior hacks because users don’t need to click on a fake link to compromise their information. It can be installed through a security bug in voice calls made through apps like WhatsApp.
If you want security for your phone without having to worry about the sophisticated tactics hackers or identity thieves use, get a hardened device with all the features described above.