Opinion on Oversec app?

Oversec (Privacy for All Apps! Encrypt and Disguise Messages in All Your Apps!) - https://f-droid.org/app/io.oversec.one

1 Like

Havent used it but it seems like it’ll still leak a lot of metadata as it just encrypts contents. So it’s not private in the metadata sense

Yeah it just encrypts contents. You can use it in apps like Threema and Wickr to provide encryption within encryption, sort of defense in depth? Wickr actually warns you about using overlays which is how Oversec works, so that was good to see that it detected something strange. Oversec claims to be able to encrypt photos too but when I tried the recipient just saw static.

Software isn’t automatically secure by just using cryptographic algorithms. There are many pitfalls like insecure modes of operation (block ciphers), vulnerabilities in libraries, or insecure implementations.

So, without continuous and proper security audits, it is hard to tell if security software is “good” or “bad”. In case of doubt, always stay with already proven software, audited and used by many people and drop legacy cryptography, if possible.