Late last year, the Electronic Frontier Foundation published a scorecard evidencing to what degree the most popular messaging apps provide security when being used. Unsurprisingly, to say the least, the apps that a common user has gotten accustomed to using, did not manage to score positive in more than one category out of the six analysed: encryption in transit; encryption so as the provider cannot read it; possibility to verify contacts' identities; security of past comments if keys are stolen; code openness towards review; documentation of security design; and most recent code audit. The entire buzz in the past couple of years has been on app anonymity as a way to give users direct, visible effects of their activities; instead, the real benefits, as with anything, should be the ones not in plain sight, and, as a result, are connected with what may be implemented in the back-end of the final product: security.
Technology security is not a new thing - it's been around at least as long as private networks and the Internet, and getting security to be both effective and non-intrusive is a task that starts from square one with each new system that differentiates itself from previous ones from a technical point of view. Apart from messaging, people exchange documents and store sensitive data using different cloud-based services - these provide access to easy-to-use systems, but their security has long been argued and dismantled. But I.CX aims to tackle both these problems while being first to at least some part of these two markets.
Toronto-based I.CX has probably the coolest plus shortest website plus domain name ever, to begin with. And if that wasn't enough, their messaging plus file storage system is contact-form, web-based, having written "idiotic simple" all over it. Its interface is simple, slick and can get you to send messages or files without having to enter any account details - although you may customise your profile from top to bottom if you feel like it.
Without getting too technical, I.CX uses the public key of the recipient to encrypt content to be used by them only. Content is encrypted directly in the browser and there is no gimmick, as a master key or something else, to open the messages, accounts or passwords. Another vertical that I.CX is tackling is contact forms - for free or prices ranging from $5 to 25 a month, those interested may embed end-to-end encrypted contact forms.
For idea novelty, we give them 5/5 - we have yet to see web browser encryption for messaging; could this be a threat even for e-mail?