How to protect your chat privacy
Many of you must have registered for Signal or Telegram after WhatsApp wanted to share your data with Facebook. Then, finding none of your friends there and feeling a little lonely, you have come back to WhatsApp to wait and see what transpires.
None of these messaging apps offers complete security. It is up to you how you optimise your own security online, by changing the settings on the apps you use.
You can still use WhatsApp provided you change certain configurations and take a few precautions. First, to avoid malicious content, do not click on links and attachments that friends forward to you without checking on the veracity of the site. Most people unwittingly forward links to dubious websites with a note “forwarded as received”.
Second, disable the option to automatically save received images in the phone gallery. Malware can be circulated through images.
Third, get a PIN for two-step verification. Finally, turn off backups. If your chat is backed up to Apple’s iCloud or Google Drive, it is no longer protected by end-to-end encryption.
Once you download Telegram to your phone, the app will ask you for your phone number and send you a confirmation message via SMS. You don’t want your phone number falling into the wrong hands.
First, click on the three lines on the top left and choose Settings. Go to the Privacy and Security section and add a passcode. Toggle the two-step verification (2FA) to on.
Second, go through each setting and change all default settings from “everybody” to “my contacts” or “nobody”. This will restrict who can see your phone number, who can see when you were last online, who can see your profile photos and who can add you to groups. Make sure to check your “active sessions” from time to time to see if any other device, other than known ones, has logged in to your account.
You can also set “delete my account” if you are going away for a while. Under Bots and Websites, turn on “Clear payment info” and “Shipping info”.
Telegram offers secret chats that give encryption from one device to another but not for groups. To start a secret chat, start a normal chat and select secret chat from the drop-down menu. Another interesting feature is that it has the option of self-destroying messages after they have been read.
Even though Signal is the most secure of the three messaging apps, it does have a few vulnerabilities because of which you should change some of the default settings.
Activate the Registration Lock so that if your phone is stolen or hijacked, no one can access your conversation history.
Next, set up Screen Lock using biometric security or passcode. Turn off “previews” to prevent messages from appearing on the locked screen of the device.
Enable Screen Security. In Signal, tap your profile—Privacy—Screen Security. When this is enabled, a blue privacy screen with the Signal logo will appear to cover your Signal text. On Android, this will also prevent screenshots of Signal on your own device.
On Android phones, make it your default SMS app. This feature is not available for iPhones. SMS sent through Signal is not encrypted like messages between Signal users. But the app’s other features will protect you.
Facebook tracks everything you do even when you are not using the app. It can see what you are doing on other apps on your phone.
You must turn this off. Open Facebook’s settings on your phone by clicking on the three horizontal bars. Scroll down to Settings and Privacy and then Settings again. Under Your Facebook Information, tap on Off-Facebook Activity.
Off-Facebook Activity includes information that businesses and organisations share with Facebook, like visiting their apps or websites. The list of such visits is displayed and will shock you.
Clear the history immediately. Then tap on More Options and then Manage Future Activity. On the next window again click on Manage Future Activity.
On the next screen, turn off Future Off-Facebook Activity. Facebook has buried these settings deep inside so that people rarely get to see them. But now you know.
Send in your problems to firstname.lastname@example.org with TechTonic as the subject line