Sidekick

Security is often a complicated topic. For ease of discussion, you should assume SMS messages and emails are sent in clear text, which means that someone could theoretically view them. While difficult to do, it is possible so please do not send sensitive information like bank pins, door codes, and the like.

The content of your topics is encrypted before storage as an added security measure. That way, even if the database is compromised, only some meta data would be readable. Messages are received, processed, then deleted. However, you should know that it is possible for the system administrator to read messages and that you are counting on honor among admins, as we do with many of the systems we use every day.

For a subset of commands, you will need to go through a verification dance where Sidekick will ask you if you want to do it, and if so, will send you a key with which to reply or share with others to use. This prevents one-way impersonation because even if someone pretends to be you Sidekick will require verification with a long randomly generated code.

Lastly, you have the option of setting a security pin. If you elect to do so, you will need to enter your numerical pin on a line by itself before every interaction with Sidekick. It is tedious but helpful if someone is spamming Sidekick pretending to be you.