In part I of this topic we introduced the concept of encrypting your tweets and mentioned the possibility that an easy-to-use Twitter encryption system could impact their revenue model. Of course this isn’t going to happen as in general people are lazy, which is the same reason why email encryption services haven’t taken off. There are some convenient solutions like Wickr and Silent Circle but they require you communicate over their proprietary systems and not an already established stream like Twitter or Facebook.
We’ve already hinted at two possible encryption/decryption tools, CryptTweet, and AnonTwi, but what else could be out there? Here is a short list of everything we and you all helped us find.
- CryptTweet: Group of Python scripts designed to encrypt direct messages (DM); uses RSA public-key crypto (more info)
- AnonTwi: Complete Python-based framework for not only encrypting content but also routing through TOR; distributed and open source but requires user to manage keys (more info)
- Encrypt Facebook: Chrome extension that allows you to encrypt Twitter content as well; not centralized but must choose random key share with desired parties (more info)
- Encipher.it: Bookmark-based encryption; not centralized but requires users to choose and share a random key with others; software is open source (more info)
- Priv.ly: Content stored on server and linked to with a priv.ly link; browser plugin allows users to select link to expand the message in place; servers are open source and can be implemented in a distributed manner (more info)
- Scrambls.com: Free version for automatically encrypting/decrypting content any place on the web; iOS app for use on Twitter; keys held on Scrambls server; commercial version offers corporate key servers (more info)
Encrypt Facebook, AnonTwi, and Encipher.it are a little harder to work with since you have to manage your own keys. Out of these three AnonTwi looks the most promising but for right now our recommended choice is probably Encipher.it.
Out of the remaining two, Priv.ly seems like the best solution due to its public key structure and open source servers. Unfortunately, the project is still in an alpha state and doesn’t look to be too usable at this time. They developers detailed their future plans in a blog post in early November so we hope they have a bright 2013.
That leaves Scambls as the best option in our opinion for now. It would be nice if there was an open source key server that used a public key structure. That way the owner of any key server wouldn’t be able to access the messages assuming only the user holds the private portion of the key.
If anyone is interested in testing this service out, we’ve created a Scambls group called NovaInfosec just to see how it works. Contact us if you’d like to be added. And be sure to checkout their iPhone/iPad version for when on the go.
What do you think of these services? Are there any that we missed? Let us know in the comments below. Today’s post pic is from PlexusProject.org. See ya!