Icon: enlarge
Photo: amriphoto / Getty Images
If you can't meet family, friends and colleagues in person, then you can at least stay in contact by sound and image - thanks to modern technology.
However, there are pitfalls in these communication channels, because unlike in face-to-face meetings on site, confidentiality is often not given.
In the worst case, anyone can eavesdrop on the conversations who can jerk off the data traffic.
Even more modern means of communication such as Microsoft Teams or Telegram are not automatically secure.
Transport encryption is used, but it only ensures that the calls between the caller and the provider are encrypted.
If the provider wanted - or in the case of an official order - he can easily record his users' phone calls and video calls.
The good news is that you can easily protect yourself by enabling existing encryption features or by using another service.
Because with many providers, good, traceable encryption has long been standard.
Ideally, end-to-end encryption (E2E) is used, which ensures that only the other party can decrypt the call.
This enables you to communicate almost as securely as if you were in the same room as the person you are speaking to.
One of the most popular apps is without a doubt WhatsApp.
So it makes sense to use the chat app for phone calls and video chats too.
When it comes to encryption, nothing speaks against it: WhatsApp uses the Secure Real-Time Transport Protocol (SRTP) for audio and video communication.
The conversations are E2E-encrypted and cannot be overheard according to the current status.
In the simplest case, it is better to call via WhatsApp than completely unencrypted via landline or mobile phone calls.
This even works in groups of up to 8 participants.
But there are two catches: the call function currently only works on a smartphone or tablet, not via WhatsApp on the computer.
And then there is also the mega-corporation Facebook, which incorporated WhatsApp some time ago and, as is well known, earns its money with the data of its users.
The temptation to at least use the users' metadata and, for example, evaluate the phone book, is great.
And should a crypto backdoor be ordered one day, WhatsApp would probably be the first service to implement it.
Safe signal
If you value data protection, you will use Signal.
The app works like WhatsApp and uses the same encryption, but tries to minimize metadata and is open source.
If you want, you can search for backdoors in the source code yourself.
A signal can also be used to make phone calls in sound and image, which also works on the computer.
The video calls were recently activated for groups of up to five participants.
more on the subject
Meaningful occupation in the home office: Further training on the couch by Florian Gontek and Maren Hoffmann
Readers' questions about the coronavirus: Will video conferences no longer work soon?
Leading from the home office: "The fear of losing control is completely normal" An interview by Maren Hoffmann
Financial tips for the home office: This is how your Corona laptop becomes cheaperA column by Hermann-Josef Tenhagen
Many other chat apps are now also suitable for encrypted calls, including Threema and Wire.
While Threema currently only allows you to speak to one person at a time, Wire already supports group calls with up to 25 participants.
For video calls, the limit is 12 participants.
Basically, it's best to choose the messenger that most of your contacts are already using.
Apple users can use
FaceTime
to communicate end-to-end encrypted, but only reach other Apple users.
The limit here is 32 participants.
Google's counterpart is called Google Duo and also relies on E2E, the limit is also 32 people.
There are suitable apps for Android and iOS, on the computer you can access the web app via browser.
On its website, Google makes no secret of the fact that metadata such as telephone numbers and device IDs of the call participants are "securely stored on Google servers for about a month" in order to "correct errors and improve functions."
Professional secrecy
In the professional environment, a video chat solution for virtual meetings must be suitable for groups and usable on the computer.
Microsoft Teams
is comfortable and docks seamlessly with other Microsoft products.
But this convenience comes at a high price: Teams currently cannot handle E2E encryption.
Confidential conversations that were previously held face to face in conference rooms can therefore in principle be eavesdropped if you gain access to the Microsoft server.
Skype
calls are only E2E-encrypted if you explicitly start a "private call".
However, this does not yet work with the web version of the tool.
Icon: enlarge
Zoom also offers free users end-to-end encryption for video meetings.
The function is still in the test stage, but can already be used.
Photo: c't
The video conference platform
Zoom
is already a big step further and can handle E2E-encrypted video conferences with up to 200 participants.
Zoom's E2E encryption is currently still in test operation, but it can already be activated by any host.
To do this, click on »My Account / Settings« after logging in on the Zoom website and activate the »Continuously (E2E) encrypted meetings« option.
In addition, you should set the “Default encryption type” to “End-to-end encryption” below so that your meetings are optimally protected.
However, do not confuse the function with "Enhanced encryption": This is less secure because Zoom also knows the keys for E2E encryption here.
You can recognize the E2E within a meeting by clicking on the green protective shield at the top left.
If it says "Encryption: Continuous", then you've done everything right.
Underneath, you can use »Verify« to display a security code; this must be identical for all call participants.
E2E encryption is also available for other professional video conference programs such as
Cisco WebEx
.
It is best to inquire directly with the provider about the current state of affairs.
Ideally, you do not use any third-party infrastructure for confidential communication, but operate the server in-house.
The advantage of this is that you have everything under your control, including the metadata.
At best, the calls never leave the company network and the employees in the home office are connected in encrypted form via VPN.
The open source video conferencing solution Jitsi is making good progress.
You can operate the server yourself, there are suitable clients for iOS and Android and as a web version.
The development team is currently in the process of implementing E2E encryption.
You can try the function now.
If you operate a Nextcloud, you can also use Nextcloud Talk to communicate end-to-end encrypted in real time.
Landline encrypted
As mentioned at the beginning, landline telephony is also problematic: Most calls transmitted via VoIP are completely unencrypted.
Anyone who taps the data on the way to the destination can easily overhear and manipulate the conversations.
E2E encryption cannot be easily implemented, but at least transport encryption to the VoIP provider is included: With the
AVM Fritz
boxes, you can activate encrypted telephony since FritzOS version 7.20.
If your VoIP provider cooperates, the calls are transmitted to him in encrypted form - and ideally from there further encrypted to the conversation partner.
SIP-over-TLS (SDES-sRTP) is used here.
Icon: enlarge
Fritz boxes have recently been able to transmit landline calls (VoIP) in encrypted form.
All you have to do is toggle the option on.
Photo: c't
Conclusion
Regardless of whether it is about everyday communication with family and friends or virtual meetings in the home office: By choosing the right channel, you can already communicate comfortably and encrypted in all cases.
There is no reason not to do it, and the argument "I have nothing to hide" has long since ceased to count.
In times when apps are replacing face-to-face meetings, you should encrypt as much as you can.
Icon: The mirror
