The world’s most secure text messaging app: surespot!

The world’s most secure text messaging app: surespot!

Henry Dalziel | Pentesting Tools, Product Reviews, Resources and Tutorials | October 22, 2013

This blog post is to compliment another post we wrote not that long ago titled: “Bitmessage: The world’s most secure messaging platform” which received a lot of interest.

Here’s the deal: for what seems to be completely (99.99% secure) email messaging – use bitmessage. For what seems to be completely (99.99% secure) text messaging – use surespot!

What is surespot?
The folks behind surespot sum it up perfectly on their website, namely: ‘only the person you send the message to can read it. Period.’ That seems to be exactly what it is doing and what it does very well. As a brief overview, think of surespot (which we believe should be written all in small caps) as a secure mobile messaging mobile application that uses exceptional end-to-end encryption for all text, shared files, and images. An amazing and smart feature of this app is that the sender is able to delete the message they sent to their receiver – now that is just plain cool.

How does surepost work?
We’d never imagine doing a better job at explaining how it works compared to the developers – so go and hit up the explanation here, but if you want a real quick layman’s summary, think of it like this: surespot solves prying and snooping problems by using strict end-to-end encryption. Whilst SSL does a good job sending secure data from a client to a server with encryption, there is still an air gap with regards to SSL being read outside of the designated hops. For those that don’t know ‘a hop’ in computer networking refers to a portion of the path between source and destination. Data sent through the Internet travels in packets that pass through routers and gateways on the way. Each time packets, or in this case, a text message, are passed to the next device, a hop occurs. It is possible to calculate how many hops are used from sender to recipient by using a ping or traceroute/tracepath command (nmap is good for this).

surespot comes hot on the heals of a memorable and frankly brilliant Hacker Hotshot web show with the creator of CreepyDOL. CreepyDOL very accurately shows how much data our Android devices are leaking, and it is a staggering amount. Coupled with the NSA revelations and overall a greater sense of overall awareness with regards to personal information, it is hardly surprising that surespot has been getting the coverage it has.

One of the downsides to surespot, which actually affects most messaging apps, is that it is only useful if your friends and contacts are using it too. However, as ‘negatives’ go – the former downside is hardly a bad thing, just tell your friends to accept and download the app.

We have had a lot of Android related security events this year, examples include “Android: One Root To Own Them All” with and Jeff Forristal and “Status of App (in)Security: A look at common risky behaviors in the top 400 iOS and Android apps” with Domingo Guerra. Of our past events, you should take a look at Jeff Forristal’s research and presentation since he demonstrates how insecure Android was until the release of a patch for the Android Master-Key Vulnerability. If you connect this Android Vulnerability with the evidence of the vast amount of data we leak through our mobile devices (see the CreepyDOL talk) it is no wonder why we are compelled to use surespot!

Do you use surespot? We’d love to hear from you and your thoughts regarding the app.

  • Nicole

    This important application that everyone should know about was created by two amazing people, one I have the pleasure of knowing very well, & have yet to meet the man who treats her so well! These people are honest, goodhearted citizen! Great application, does just everything it says it does. A must have for ANDROID users! Have an IPhone? Don’t worry, Surespot, (total privacy) is on its way to your market soon!!!!! 10 stars! Love it. Love that all of my conversations are just between me and the person I’m sending them too!! Sad it had to come to this America!!!!!

  • scott

    This app is ahead of the game. Evolving with new features faster than than its users are aware. It is now equiped with voice messaging similar to old nextel phones with walkie-talkie features… awesome!!

    I see it becoming the new standard for secure mobile communication.
    Thanks go out to its creators…

  • Anonymous

    I’ve been using this app for a while now and i can definitely saying these developers are some badasses. They’ve got the perfect idea when it comes to true messaging security, like using perfect forward secrecy for exchanging keys, having the message data re-encrypt while not in use/backgrounded(a first I’ve seen on any message app), message deletion on both ends, content access control for all photos shared, and a host of other amazing features all provided to us for free, sans voice messaging. This app should be a part of the android OS, it would certainly benefit anyone and everyone who uses it. God bless these devs for their hard work, i cannot wait to see what else they have in store for us. Perhaps one day we’ll see short video clip messaging like vine? The only way we’ll know is to contribute to the project.

    – Anon

  • Seth

    Thanks a lot for sharing. This is very interesting and also useful. Can’t wait to try it out.

  • all

    I’m sure it will become the next generation in communications.

  • Siraj

    I have not yet used this app let me try

  • TheKiddy

    Found it hard to install on my Iphone5? The circle spinning just kept on spinning

Leave a comment or reply below...thanks!