SMS that self-destruct
In the first part of this chapter we mentioned the security issues of SMS, in the second part, we revealed how to send SMS anonymously. In this part, we will show you how to protect your messages.
Today, with the capability of smartphones to open links for viewing websites, users can use one-time-use notes, the same we used for disrupting the continuity of correspondence.
To create notes that self-destruct, we will be using the privnote.com service. Privnote allows you to send notes that get destroyed after being read. We have already mentioned how Privnote works in detail in this chapter. You create a text via Privnote while sending a link to the one-time-use note to your intended recipient.
A Privnote web link is the URL of the website/note’s identifier#user’s decryption key. A user’s decryption key is stored in the link in the form of anchor. The anchor part is the part of the URL after the hash sign (#) and is never sent to the server (RFC by URL http://www.faqs.org/rfcs/rfc1808.html, Section 2.4.1). Browser doesn’t send this part of the link, and server doesn’t receive it, as a result, the decryption key is kept on user’s computer until he or she wishes otherwise. In theory, Privnote’s owners are unable to decrypt your note.
A list of one-time-use message services that work on the same principle as Privnote includes onetimesecret.com and tmwsd.ws among others.
A one-time-use note can’t defend you from your message getting intercepted and read, but it renders the untraceable reading of the note impossible. In addition, storing a used one-time-use link to the note at the operator or on a phone doesn’t entail risks for you since reading the note again is impossible.
Protecting SMS from getting intercepted
If you want to protect your SMS from interception, when you create a one-time note, set a password that will make viewing your confidential information impossible. Naturally, your recipient should know this password.
TipProtect your SMS from being intercepted.
In this course, we don’t recommend you sending all your information via Privnote. Instead, you can break down the information you send into portions when one part of the information is sent exposed, while the other part– via a one-time-use message service. As a result, an attacker is unable to access the complete information.
Privnote has an obvious advantage: even if your recipient’s device is accessed by an attacker, and he attempts blackmailing you with your messages, he won’t be able to restore the information in its entirety, read the messages that were delivered via Privnote.
TipBreak down the information you send into portions.
Checking if your SMS messages are being read
You can use a trap for hackers to check if your SMS are being snooped on by intruders. This method comes down to creating a link-trap that will be added to your message. The opening of such link will instantly alert the sender by an email notification. The recipient should be notified that this message is bait and that he or she should refrain from clicking the link.
If your text messages are being read, an attacker will want to view the contents of the bait. By doing so, he will reveal himself, and you will know that someone else is snooping on your confidential information.