Jump to content

Surespot

From Wikipedia, the free encyclopedia
Surespot
Developer(s)Surespot LLC
Final release
Android81 / April 27, 2019; 5 years ago (2019-04-27)[1]
iOS21 / November 29, 2018; 6 years ago (2018-11-29)[2]
LicenseGPL-3.0-or-later
Websitewww.surespot.me[dead link]
As of12 August 2022

Surespot was a free open-source instant messaging application for Android and iOS with a focus on privacy and security.[3] It was shut down on July 31, 2022.

Features

[edit]

The application supported the sending of text, pictures, audio messages (in the past only after an in-app purchase), and Emoji icons. It also supported the deletion of messages from the receiving device. It allowed user blocking. There was no support for group messages and sending files other than photos. Surespot provided offline backup via iTunes (PC or Mac) on the iOS version, or to local device storage on the Android version.

For secure communication, Surespot used end-to-end encryption by default.[4] 256-bit AES-GCM encryption was used, with keys created with 512-bit ECDH.

App users could use multiple identities, for instance for private or business use.

Surespot was donationware.

Reception

[edit]

As of November 4, 2014, Surespot had a score of 5 out of 7 points on the Electronic Frontier Foundation secure messaging scorecard. It had received points for having communications encrypted in transit, having communications encrypted with keys the provider doesn't have access to (end-to-end encryption), making it possible for users to independently verify their correspondent's identities, having its code open to independent review (open-source), and for having its security design well-documented. It was missing points because past communications were not secured if the encryption keys were stolen (no forward secrecy) and because there had not been a recent independent security audit.[5]

Controversy

[edit]

In May 2015, Channel 4 News published an investigation in which they alleged that "at least 115 ISIS-linked people" appeared to have used Surespot between November 2014 and May 2015.[6] In June 2015, a Surespot user wrote a blog post about how the Surespot developers had stopped responding to his repeated questions regarding "governmental demands for information", leading to the user alleging that the Surespot developers were "under a gag order".[7][self-published source]

Surespot was specifically mentioned in a plea agreement in which a 17-year-old US citizen was charged with providing material support to ISIS.[8]

See also

[edit]

References

[edit]
  1. ^ "surespot encrypted messenger - Apps on Google Play". play.google.com. Retrieved 2019-04-27.
  2. ^ "‎surespot encrypted messenger". App Store. Retrieved 2018-11-29.
  3. ^ "Kurztest Whatsapp Alternativen". Retrieved 2014-11-24.
  4. ^ "Apps to easily encrypt your text messaging". 2014-11-24. Retrieved 2014-11-24.
  5. ^ "Secure Messaging Scorecard". Electronic Frontier Foundation. 4 November 2014. Archived from the original on 15 November 2016. Retrieved 5 December 2015.
  6. ^ "Intel fears as jihadis flock to encrypted apps like Surespot". Channel 4 News. 26 May 2015. Retrieved 18 November 2015.
  7. ^ Maschke, George (7 June 2015). "Developer's Silence Raises Concern About Surespot Encrypted Messenger". AntiPolygraph.org. Archived from the original on 29 June 2015. Retrieved 17 November 2015.
  8. ^ "Statement of Facts as to Ali Shukri Amin" (PDF), USA v. Amin (Court Filing), no. 1:15-cr-00164, Docket 7, E.D.V.A., Jun 11, 2015, retrieved Jul 25, 2017 – via Recap at ¶ 11, p. 4
[edit]