Oversec is a simple app to encrypts emails, texts, and images using open-sourced encryption methods. The app encrypts your texts in real time and can only be decrypted by the person who uses the same app. The only caveat though, it that it’s available for Android only. Sorry iPhone users. For instance, say you want to send a private message using WhatsApp. To do so, you need to install and configure Oversec app on your phone as well as the receiver’s phones. Next, send a regular WhatsApp message while Oversec is running in the background. Oversec will detect the text, encrypts it and puts the encrypted message back in the active input field. This real-time encryption is almost instant and if anyone reads it without the Oversec app, they would just see gibberish and out of context sentences.
Okay, what can I encrypt with it?
Oversec lets you encrypt texts in real time and you can also use it to encrypt Emails and even images. It uses symmetric encryption based on ChaCha20 Cipher and Poly1305 MAC with 256bit keys. Think of encryption on Twitter and Facebook, Oversec encryption is on par with those standards. It then encodes the data to a more natural character set which hides the encrypted message in plain sight and easier to send over WhatsApp and Instagram. You can also use Open PGP Keychain to encrypt your messages but it also adds 2KB of added weight to your texts which would result in increased data consumption. PGP encryption would be recommended if you want to send confidential and top secret information over WhatsApp. For secure conversations over WhatsApp, symmetric encryption works fine. Also Read: Best Apps to Encrypt DNS traffic
Send Private Message on Instagram and WhatsApp
Encrypting WhatsApp, Instagram is very simple with this app. You can follow these steps to set up the app on your phone and after that, you can use it to have secure conversations over WhatsApp, Instagram, Facebook Messenger etc. It works the same for most apps. First things first, Install the app on your smartphone. You can either get it from the Play Store or F-Droid. After installing the app, you have to grant it permissions before you can start using the app. Read: Best Sticker Apps for WhatsApp (2018) Oversec uses the accessibility service to extract the information from the input field. To make the user experience a little easier, it automatically extracts the information and put in the encrypted message. It also draws over other apps to show the decrypted message over the original encrypted message. I admit it’s not the most intuitive method but it works and encrypts the text instantly. Once you install the app, it’ll automatically take you to the Accessibility page and you can activate the service manually. If for some reason you can’t find the accessibility section, you can search ‘Accessibility‘ in the Settings search bar and Turn On Oversec. It also needs permission to draw over other apps to work properly. Grant this permission and once you do this, you’re ready to use the app. Now we’ll set up encryption on the device.
Set up Encryption on Oversec App
Before we move ahead to secure conversations, make sure Oversec is installed on all the smartphones. If your friend doesn’t set up correct encryption, they won’t be able to read your encrypted messages even with the Oversec app. To keep things easy, we’ll set up a simple symmetric key and share it with all the devices. Let’s create a key on one device first. Open the Oversec app and tap on the ‘Keys‘ tab, tap the + button on the bottom right and tap on ‘Random Key‘, it’s the most secure key type. Now give your key an alias which would help you distinguish from other keys you create in the future. To keep things simple, let’s called it ‘WhatsApp encrypted‘. Once the key is generated you can simply share it with your friends with the QR code.
The key on the first device would work with multiple people and you have to make sure to keep the key safe. Only share the key with people you know and trust. To install the key on the other device, Open Oversec and tap on ‘Keys‘ button. Tap the QR code to scan the code. You also need to verify the key generated is the same. Make sure the key fingerprint is the same on both devices. After that press blue tick button. Now the keys are configured on both the devices. You can freely and securely communicate with Oversec now. Oversec also supports simple password-based keys which although not secure enough, are easy to share with other people.
Send Encrypted Messages on WhatsApp
Open Oversec app and make sure the WhatsApp is enabled, then go to WhatsApp and Oversec should display over WhatsApp messages. To encrypt your messages long press the lock icon to open the settings menu. We’ll use the key which we created earlier to encrypt our messages. Tap on symmetric key and choose your shared key. Tick it and select an encoding. Oversec uses different encodings to wrap the encryption in a more natural looking character set. This makes your messages look less suspicious. You can choose any one encoding and start sending a message. After you type the message, tap the lock button to encrypt the text. It should show a green border on the text field. After that, you can tap the send button to send the message. If the other person has the app configured to the same key they would see the decrypted message. Oversec also claims that it lets you send encrypted images over WhatsApp but in my testing, it doesn’t work. I have sent feedback and maybe once the bug is resolved I’ll update the steps for that as well. Using Oversec on Instagram is similar to WhatsApp and you can follow the same steps to send private and encrypted messages on Instagram as well. I also used Oversec to send and receive encrypted email and it still has some issues with PGP encryption. Gmail app doesn’t support normal encoding therefore when you send encrypted messages with Oversec, it looks like this.
Pros
Real-time encryption of messages Customizable encoding Integration with OpenKeychain app Open-sourced Easy to Set up
Cons
The UI gets buggy on notched devices Issues with encryption of images Doesn’t support normal encoding on the Gmail app.
Should You Use Oversec App?
Oversec is a really promising project which aims at providing real-time encryption without the use of the internet. You can integrate OpenKeychain app to encrypt your messages with PGP encryption. It has ChaCha20 and Poly1305 256-bit encryption on par with Twitter encryption standards. Your data never leaves the phone and encryption is done on the system. There are some bugs which I hope are resolved in the future. The UI doesn’t fit on all the devices and it is a little buggy. Other than that I don’t see any reason why you wouldn’t want to use the Oversec app. Try Oversec and share your experience in the comments below. Also Read: How To Create Your Own Personal Stickers On WhatsApp