Out With The Old, In With MySudo
Earlier this year, the beloved Sudo iPhone app that gave users the capability to have nine different phones numbers on one device, suddenly died. It was reborn into a new app dubbed MySudo with a new look and feel and became a paid subscription app. As we’ve already covered the Sudo app in both our courses and in a previous digital update (see #21 for Sudo, Sudo Pay and OpenELEC), we are going to focus more on the changes introduced in MySudo and less on the operation of the app.
To give a brief history, Sudo and SudoPay were apps created by Anonyome Labs, a company that claims to be dedicated to privacy, based in Salt Lake City, USA. With Sudo, you were able to create nine Sudo identities. Each Sudo came with its own email address, phone number and had self contained browser, sms and call history. Sudo could also be linked with SudoPay to give you disposable credit cards. They were funded by your credit card, similar to Blur or Privacy.com.
SudoPay could also be used as a standalone app to create as many disposable credit cards as you wanted. The one thing that SudoPay had over Blur or Privacy.com was the card spending limit. They later added a limit, then shut the service down a few months later. Today, the SudoPay website states “SudoPay will be back soon. Bigger and better than ever before!”. As far as the original Sudo app, its website is gone and now redirects to the new MySudo website. Both of these services were free with with some exceptions like card creation fees and additional minutes.
So What’s Different?
The major difference that all 108 reviews on the app store have been talking about is the change in their pricing scheme. One thing everyone has wondered since the original Sudo app was released is: how are they making money? Originally, they weren’t making any money. They were relying heavily on investors until they came up with pricing plans. Original Sudo user are able to transfer to transfer their numbers over to the MySudo app free of charge for six months. After the 6 months, the only plan with nine numbers is $15 a month (about $180 a year) with unlimited calls, texts, and email. New MySudo users are signed up for the SudoFree plan for one year. This gives you one phone number with 15 minutes and 30 texts a month, and free sudomail email.
$180 a year for something that was once free is a big jump, but what are our alternatives? There are quite a few extra number apps, but none that provide nine completely separated identities with their own phone numbers and email addresses.
Other changes include a major overhaul to the user interface, which makes it much more bearable than the original app. It now looks less like a super undercover app and more like a proper messenger. We now start off in our primary Sudo rather than choosing a Sudo from a scrolling menu. You can cycle through your Sudos by tapping on the top menu and picking your Sudo from the list. Just like before, all call logs, texts, emails, and browsing histories from each Sudo are completely separate from one another. Contacts are also separate and are easily assigned to each Sudo. This allows you to truly live up to nine separate lives.
Messages, calls, and emails from within the MySudo app are now claimed to be end-to-end encrypted. While this is great news, we have two major issues with it. The first being that we will never take advantage of the encryption. With apps like Signal, Wire, Protonmail, etc., we already have platforms for secure communications. We use MySudo more for the pizza guy or a crazy girlfriend where they don’t even know the app exists. The next issue is the type of encryption being used or if it’s even being used. It’s too easy to slap a secured label on a text or phone call and call it encrypted. But are they actually encrypted?
Their website gives conflicting details concerning encryption. On the security page, they have a breakdown of features including encrypted messaging, voice/video calling, and emails. Next to voice/video calling and emails, there is an asterisk that says, “coming in late 2018”. According to one of their blog posts, MySudo and the EFF Secure Messaging Guides, MySudo utilizes encryption for all three means of communication. It may just be that the security page hasn’t been updated on their website.
We also only have limited details on how the encryption is implemented, other than they use RSA 2048 and AES 256. They may just be using PGP to secure emails and messages. If this is so, then messages do not have perfect forward secrecy making it inferior to our other secure messaging apps. Of course, we have no idea whether or not it is secure because it’s not open source. According to the same blog post mentioned earlier, it is something they are considering for the future
MySudo Plans (Monthly)
|Sudo Free||Sudo Go||Sudo Pro||Sudo Max|
|One Phone Number||One Phone Number||Three Phone Numbers||Nine Phone Numbers|
|15 Calling Minutes||30 Calling Minutes||200 Calling Minutes||Unlimited Calling Minutes|
|30 Text Messages||100 Text Messages||300 Text Messages||Unlimited Text Messages|
|Unlimited Email||Unlimited Email||Unlimited Email||Unlimited Email|
Overall, MySudo is another tool in the ol’ privacy toolbelt that seems to have promise. What we like is the ability to have multiple numbers and separate identities or ‘Sudos’. Being able to give out a different number to each one of your hookups is a great thing to have. The lack of an Android or Desktop app cuts their audience in half and we hope to see this developed in the future. Saying that, we’ve been waiting since the original Sudo app, so don’t hope too hard.
The lack of open source and transparency on how the encryption process works is also a little off-putting. As long as you aren’t relying on MySudo’s encryption to send government secrets, it’s not big of a deal. It will definitely be better than using Verizon or any other big carrier’s infrastructure to send booty pictures.
Questions, Comments, Concerns?
Feel free to leave us a comment below letting us know what you thought of this article!