Threat ActorDescription
GovernmentsGovernments around the world are seeking to be able to bypass encryption, and, in general, obtain as much data as possible on citizens' technology usage.
Organised crime
App creatorsThe creators of secure messaging apps
HacktivistsHacktivists target companies and individuals based on their different political opinions
Family and friendsNot often considered as a threat actor, although you might want to hide information from a close friend or family
Run of the mill hackers
Mobile device manufacturers Apple, Samsung, Huawei, etc., all of which need to deliver a secure device
Operating system providersThese are almost exclusively Apple and Google, both of which need to deliver a secure operating system
Infrastructure providersInfrastructure providers include ISPs, data centre providers, third-party service providers (e.g., for message notifications) that may be able to read or interfere with sent/received messages
AppThe app itself
Web interfaceA few apps offer a web interface through which secure messages can also be sent
Desktop applicationA few apps offer a desktop interface through which secure messages can also be sent
Operating systemTypically either iOS or Android for phones
Directory serviceEach app runs a service to match contacts with each other; this can be by matching cell phone numbers, email address, or by manually adding contacts
Notification serviceApple and Google run notification services for each respective operating system; either Apple and Google are used to send notifications to phones when new message arrive, depending on the operating system
ComponentThreat TypeThreatThreat ActorExplanationNotesWhich App to Use
Messaging serviceIdentifiabilityIdentifying if someone uses a secure messaging appAllIt's possible to see if someone is using a particular app by trying to sign up with their email addressYou'd need to know their email address or possible even spoof their SIM cardWire, Threema, Wickr
Messaging serviceNon-RepudiationSomeone claims not to have sent a messageAll
Messaging serviceInformation disclosureDisclosure of informationAllThe main point of secure messaging: someone getting access to your messagesSignal, Wire, Threema
Messaging serviceUnawarenessUnawareness of what a company / government may do with your informationAllSignal, Wire, Threema
Messaging serviceComplianceAll
Notification serviceIdentifiabilityDisclosure if a someone is actively sending messagesGovernments, App creators Signal, Wire, Threema
Notification serviceInformation disclosureDisclosure of sender, recipient, and unique device IDGovernments, App creators Apple or Google has access to the sender, recipient, and unique device ID for each message sentSignal, Wire, Threema
Notification serviceUnawarenessUnawareness of what Google and Apple may do with the information Governments, App creators Signal, Wire, and Threema can be used on Android without Google Cloud MessagesSignal, Wire, Threema
ScenarioThreat TypeThreatThreat ActorMitigation
Journalist initially contacted anonymously by a sourceLinkabilityMultiple stories given by the same source could be linked together by the ISP intercepting the informationGovernments
Multiple stories given by the same source could be linked together by the computer being compromised
Multiple stories given by the same source could be linked together by the computer being seized
IdentifiabilityLinking enough information together to uncover a person's identityGovernments
Non-RepudiationThe source claiming he didn't send the informationGovernments
DetectabilityIdentification if someone has submitted information to a journalistGovernments
Disclosure of InformationBoth the source's name and information are uncovered by getting a warrant for the newspaper's serversGovernments
Both the source's name and information are uncovered by bribing an insider
UnawarenessUnawareness of what the information may be used for in the futureGovernments