In one of our previous posts we asked a question: which messenger does a user need? Now after having studied all the offered options it is time to formulate all the major requirements in a more precise way.
- The service mustn’t have a technical opportunity to transfer anything upon the request from official state representatives, as well as from any other people and organizations. No user data is supposed to be stored on messenger’s servers.
- Stored data on end devices – all of it, including voice and video messages, pictures have to be encrypted on the go by the latest standards.
- A user must have a choice for the level of security of the app he is using: either maximum security with some evident restrictions in terms of convenience; or total functionality with specified compromises in terms of personal data accessibility (like in a case of unsanctioned extraction of a device).
- A user must be given a choice to register using the following as a nickname:
- a personal phone number;
- an e-mail;
- and, well, a nickname.
- A user must have a guarantee for total anonymity and have a full right to block any user. Starting a conversation with this user, exchanging any information is possible only after his direct permission.
- A source code must be open. The protocol and the code must be subject to regular and independent research by well-known experts. A project team is supposed to publish expertise results even they don’t favor it. In this part a strategically important aspect is not hiding arguable data but a social debate that will eventually lead to the true state of events.
- All the critical mistakes users report must be admitted publicly and fixed as quickly as the project resources could allow. The service representatives are obliged to participate in public discussions, speaking on behalf of the team.
- The service representatives are obliged to publish data about requests from the authorities related to the clients’ data within the jurisdictions that allow this.
- The service must present effective tools to the user against any spam.
- A service must name its financial sources.
So, this list of ten has helped us to picture a perfect messenger – a dream service which is not available so far. This circumstance does look utterly astonishing if we take into account that there are hundreds of instant messaging apps. Among those there are apps that evolve into social networks, some other becomes a banking services app; others turn into professional conferences, others create a ‘unique security algorithm’ with some ‘army-like encryption level’ and so on and so forth.
All of them however haven’t implemented a simple and sought-after combination of basic opportunities: storing all the user’s data on the end device in an unlimited volume for the entire period of using the service and inaccessibility of this data for third parties including laboratory conditions.
This gap in the overcooked market of mass communications has a simple explanation: developing such software requires significant resources and It’s not always money that is able to solve such dilemmas. There are very few professionals who are ready to take up a project this complicated, this heavy-loaded and scalable. Uniting top programmers and managers in one team is another even rarer case.
And even when a product like this is developed it has to enter the global market where no one is looking forward to it. This ‘no one’ is backed by the devil itself: thousands or even millions of plots became extinct after their authors failed to evaluate market needs and project perspectives. It is quite matter-of-factly: a first encounter with an investor, a narration about a brilliant future of the idea and here comes a verdict: no one needs it, it’s just not gonna work!
That’s why the final article of the first series we are going to tell you about those who really need an encrypted messenger.
 A good example could be a hard-hitting post in The Guardian, where a well-known researcher told about a backdoor in WhatsApp. A further discussion with the top industry leaders helped to increase the reputation of the service.