We are the Alternative to Mainstream Messaging Apps using Virgil e3Kit

Vox Messenger Feature Graphic

Originally written by Rebecca Yarbrough of Virgil Security

If you have the data, you have the power. That’s how our modern digital economy works. Vox Messenger {Secure}, a new consumer and corporate messaging tool, gives that power back to the user. By using Virgil Security’s E3Kit end-to-end encryption toolkit to lock themselves and others out of access to their users’ messages, Vox Messenger {Secure} is positioning itself as a secure, ad-free alternative to other mainstream messaging apps.

In most chat apps, when you type up a message and press send, or if you upload a photo to your social media network, it’s almost impossible to know who has access to that data or what they’re doing with it.

For example, in November 2019, over 168,00 people across the US received text messages that had actually been sent five months prior due to an error made by Syniverse, a third-party communications provider used by most major cellular networks. Beyond the bizarreness of the situation, it exposed the layer of vendors and companies that have access to messages once they leave a user’s phone.

With Vox Messenger, it doesn’t have to be that way. Vox Messenger {Secure} makes it impossible for anyone but the user to access their own messages by encrypting the data before it leaves the phone.

“We believe that in this modern age, we need alternative technologies that will empower us all to communicate and share free of tracking or manipulation of our data. That is why we are set on creating viable alternatives to the mainstream platforms wherever possible.”

JB Webb-Benjamin – CEO/Founder of Vox Messenger

This vision makes Vox Messenger and Virgil Security natural partners, as explained by Virgil Security’s founder and CEO Michael W. Wellman.

“We founded Virgil Security so that every developer would be able to deliver enhanced security and privacy to their users. We’re delighted to see Vox Messenger take advantage of our cryptographic toolkits to deliver a platform that not just allows their own end-users the ability to control their data, but also, via white-labeling, enables companies around the world to offer that same control to their own customers.”

Michael W. Wellman – CEO of Virgil Security

Because messages are end-to-end encrypted and therefore not accessible to anyone but the sender and recipients, user data is not touched by ads or retargeting. Virgil Security’s zero knowledge, globally tested encryption protects messages and shared content and operates without the usual ‘skeleton keys’ or ‘backdoors’ that can be required by ad networks and publishers or government agencies. Moreover, Vox Messenger {Secure} is one of the few apps that allow you to erase messages from your handset and the message server itself.

Vox Messenger {Secure} can be white-labelled for corporate clients interested in providing their employees and/or clients an alternative to mainstream messaging apps for customer service or general communications. One of the company’s goals is to provide resilient encrypted software solutions to corporate clients to empower them to communicate free of the risk of data leakage or being spied on by other corporations or government agencies. To learn more about a whitelabeled version of Vox Messenger {Secure} or to receive a customized app demo, please contact [email protected].

Future features include secure user-to-user money transfer anywhere in the world and bluetooth mesh messaging. Interested parties can also view a complete device compatibility list at https://vox-messenger.app/encryption/compatibility/.

Groups on the public release of Vox Messenger are limited to 52 participants (yes, the developer is a DC Comics nut), however whitelabeled solutions can have any upper limit dictated by your business needs and available or provisionable technological constraints.

“We picked Virgil because we knew we wanted to use an encryption solution that is both uniquely easy to implement and deploy amongst its competitors and open source. This meant that we could ensure quality while at the same time using something that can, in the future, be expanded by our own development teams.”

JB Webb-Benjamin – CEO/Founder of Vox Messenger

Kryotech Ltd. was founded in 2018 with a single idea – to build websites and apps that are both secure and ethically developed. In the interests of personal data security for humankind, they decided to create Vox Messenger {Secure} and Vox Alive (their alternative to Facebook). This is just the start of their mission to provide ethical alternatives to the mainstream. They are also working on a project, Vox Populi, that could potentially resolve the ‘Fake News’ crisis by providing a platform that is capable of identifying, tracking and tracing sources of misinformation online while providing a platform for the verification of the bias and veracity of journalistic reporting.

If you’ve used the app, the developer actively is requesting user submit feedback or any bugs or issues to help improve the product.

Take a look at the Vox Messenger {Secure} upcoming app features on their development roadmap:

  • Double-Ratchet Encryption: A protocol whereupon each individual message is encrypted and decrypted, meaning that if your handset were compromised only the message encrypted at the point of compromise would be at risk, as all other previous and following messages have different keys.
  • Conference Calling: Make and receive conference calls quickly and efficiently in HD voice and video.
  • Control Panel: An admin facility where you can monitor and control the various deployments of your VxM whitelabeled solution.
  • iOS: We are currently developing an iOS version.
  • SpiderMesh: Send and receive end-to-end encrypted messages without wireless or cell service. Using a Bluetooth cell mesh, you can send and receive messages and content securely across an entire network of Bluetooth connected devices, or a mesh. Perfect for low-signal areas, areas suffering from conflict or an environmental disaster, or when you need to securely send messages across a short-range distance or to a secure group.
  • Wispr: Send and receive ‘read-once self-destruct’ messages with variable destruction times, locations (if a user visit a specific location the message is destroyed) or users (if a message is sent to a non-cleared user it will auto-destruct).

Get started today by downloading the app from the Amazon App Store here.

We are Live

https://youtu.be/I4hz8hCXG60

We are pleased to announce that as of 22:26, Monday 25th, November 2019, #VoxMessenger went live. After over two years of development, blood, sweat and tears, at times literally and we are proud to be able to finally put this out there. Vox Messenger is a new and secure, encrypted, free alternative to other popular chat messenger apps. VxM is a real-time complete chatting app with groups and voice messages functionality. You can send pictures, audio, video, contact detail, map location, voice messages, a user can create groups as well. Featuring elliptic-curve encryption, decryption and true handset and database level message burning. No ads and no re-targeting ever.

Features Include:
– Incinr8 Handset and Database Message Burning
– End-2-End Encryption (Post-Quantum)
– Real-Time Chat
– FREE Phone Calls
– FREE Video Calls
– Voice Messages
– Groups Feature with Admin Functionality
– Sent/Delivered/Read Indication
– Copy/Forward/Delete Messages
– Status Updating Feature
– Push Notification on New Message
– Beautiful Material Design
– Sweet and Clean Animations
– Image Sharing
– Video Sharing
– Audio Sharing
– Contact Sharing
– Location Sharing
– Document Sharing
– Emoji Sharing

WHAT IS INCINR8?

Almost every chat messenger app nowadays provides the ability to ‘delete for everyone’. Most people believe that using this function to delete their messages will delete that message literally, from everyone. However in most cases that is not the case. When a message is deleted on most competitor chat messenger apps, the message is deleted from both the sender and receiver handsets however an encrypted (hopefully) version remains on transit and storage database servers.

Our app is completely different. When you select a message or messages for deletion with Incinr8 the messages are not only deleted from both sender and receiver handsets but also all transit and storage servers that that message has used. With Incinr8 you can be certain that anything you want deleted is actually deleted.

ABOUT OUR END-2-END ENCRYPTION

We use an open-source high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data in your digital solutions. Crypto Library is written in C++, suitable for mobile and server platforms and supports bindings with the following programming languages: Swift, Obj-C, Java (Android), С#/.NET, JS, Python, Ruby, PHP, Go.

KEY GENERATION, PRNG
– CTR-DRBGNIST SP 800-90A

KEY DERIVATION
– KDF2RFC2898
– HKDFRFC5869

KEY EXCHANGE
– X25519RFC7748
– ECDHNIST SP 800-56A
– RSANIST SP 800-56B

HASHING
– SHA-2 (256/384/512)RFC4634
– Blake2RFC7693

SIGNATURE
– Ed25519RFC8032
– ECDSAFIPS PUB 186-4
– RSASSA-PSSRFC4056

ENTROPY SOURCE
– Linux/dev/urandom
– WindowsCryptGenRandom()

SYMMETRIC
– AES GCMNIST SP 800-38D
– AES CBCRFC3602
– Chacha20-Poly1305RFC7539

ELLIPTIC CURVES
– X25519RFC7748
– Ed25519RFC8032
– KoblitzRFC4492
– secp192k1
– secp224k1
– secp256k1
– BrainpoolRFC5639
– bp256r1
– bp384r1
– bp512r1
– NISTRFC5480
– secp256r1
– secp192r1
– secp224r1
– secp384r1
– secp521r1

POST-QUANTUM
– Round5
– Falcon

What is End-to-End Encryption?

Most messaging apps use one of two different types of database to store and relay messages and content between users. One is a self-hosted, on-premises database instance utilising corporate level software. The other is a cloud provided provision that allows for near instant scalability anywhere in the world anytime. In those instances most messaging apps, even the popular ones, use Google‘s Cloud Firebase. This is what a typical Firebase app looks like:

What is End-to-End Encryption? 1

Firebase uses Google Cloud’s strong security features, including encryption in transit with HTTPS, and encryption at rest for many services, including Cloud Firestore. This means that if an evil-doer were to listen in on the network calls your users make to Cloud Firestore, or if they were to break into one of Google’s data centers and make off with a hard drive, they still wouldn’t be able to access your users’ data.

But this data is unencrypted as it passes through frontend and backend servers, and is also available to admins and developers in the live database. This means that anybody in your company with “view” access to your Cloud Firestore database could still see this data. And if there’s an error in your Firebase security rules that allows rogue parties to download documents they shouldn’t, those parties could see the data contained in those documents.

A two year study in the UK found that 88% of data breaches were caused by developer error, not cyberattacks. While Google is doing a great job protecting the cloud infrastructure, end-to-end encryption is a layer on top that protects developers from both mistakes and hacks.

End-to-end encrypted applications utilising scalable cloud based storage solutions operate vastly differently. This is how our app implements client-side end-to-end encryption:

What is End-to-End Encryption? 2

Using a chat app as an example, the messages will be encrypted on the users’ devices and remain encrypted everywhere in between. In other words, none of the networks, servers and databases (not even you) will see anything but scrambled data passing through.

What Can I End-to-End Encrypt?

Anything – chat messages, files, photos, sensory data on IoT devices, permanent or temporary data. You decide what data you want to end-to-end encrypt — you can encrypt some fields in a Cloud Firestore document, but not others. For example, you might want to keep benign information related to a chat app (like timestamps) in plaintext but end-to-end encrypt the message content.

Why Should I Use End-to-End Encrypted Solutions?

The world around us is dangerous. We are all under constant threat from data theft and manipulation. We have never lived in a more ‘untrusted’ age than the one that we live in now. According to the Economist:

“The world’s most valuable resource is no longer oil, but data.”

Economist
06/05/2019
Source Link

Some of the world’s biggest companies have been found to be completely unsuitable for administering to the safety and security of our personal data. Our personal data is under threat. Your data is under threat.

“Major security bug shows there is a risk to everyone using chat apps.”

Independent
14/05/2019
Source Link

Given that the main major players in the personal digital communications market, chat messaging have shown a complete lack of interest in ensuring the ethical utilisation of user generated data and content the time has come for all of us to take the protection of our digital selves very seriously. By using end-to-end encryption in your applications you can ensure the security and integrity of your data, not only from actual service provider but also all other Corporate and Government systems.

https://youtu.be/KuKvwjs6ENE

What is the solution?

There is a new solution, Vox Messenger. Designed and developed in the UK by British Developers, this cutting-edge app combines the features of other popular chat messenger apps with end-to-end encryption and no ads or retargeting.

Check out Vox Messenger today and chat with colleagues, friends and family on an end-to-end encrypted platform that ensures that no one but you and your intended can read your messages. Our app also features Incinr8. An incredible new feature that allows you to delete your messages not just from your handset but also all messaging servers that the message was stored on.

Vox Messenger is Alive - Open Beta

https://youtu.be/I4hz8hCXG60

We are proud to announce that we have finally moved into Open Beta of our awesome new encrypted chat messenger app, Vox Messenger. It’s available now for download today! Combining a clean and responsive interface, our app is end-to-end encrypted features a new feature called Incinr8! Using Incinr8 you can delete your messages not just off your handset but also all message servers that the message has been stored on.

vxm-corpLogo-horiz-860x108

Post-Quantum End-2-End Encrypted. Secure. Ad-Free.
Lightweight and Faster than the Competition.

Vox Messenger is an ad-free, post-quantum, end-to-end encrypted and secure alternative to other popular chat messenger apps.

Available for Free. Custom Corporate Edition Available on Request.

All Rights Reserved - © Copyright 2018-2020 - Vox Messenger (a Division of Kryotech Ltd.)

Protected by Virgil Security