There is a very interesting discussion about this on the TextSecure issue queue: https://github.com/WhisperSystems/TextSecure/issues/127
In other words, if the bad guys with guns coerce Apple to mint them a cert, they could simply replace your known good binary with a crocked one signed with the new key, and your phone will happily run it. Getting that binary onto your phone is an exercise left to the reader, but there are many means, legal and otherwise, that could be employed to make that happen.
If your privacy means your life is on the line, you probably shouldn't be running stock Android or iOS. (And depending on how you feel about basebands, any modern smartphone, period.)
No one's going to do that for most apps though.
The former would be signed with Whisper System's distribution certificate, which you couldn't do on your system because you don't have their certificate.
If such a feature doesn't exist in the app stores, it should.
Beyond doubts with the protocol itself, I think the more important consideration is that most people never use it. Telegram is not encrypted by default. Users have to create a special "secret chat" with contacts that is ephemeral, and some Telegram clients don't even support that mode. Last I checked, there was no way to have group "secret chats" in any client at all.
The result is an unfortunate situation where many users seem to think that Telegram is somehow secure by default, when it definitely isn't. Telegram even stores plaintext copies of everyone's entire message history on the server for multi-device sync.
I think depending on proprietary / data gathering apps is the wrong approach for an open source privacy app. It actually makes me sad.
There was an issue about "This requires Google Play" on GitHub [0] which was closed by moxie with "TextSecure only requires GSF for data channel messaging. To use SMS/MMS, it doesn't." Great. I'm not paying 3 cents to send a few bytes of text via SMS. I'll rather just stick to WhatsApp/Telegram.
There are a lot of issues on GitHub that makes searching them a little hard, but it seems like there is ongoing development for websockets instead of (Google-) Push messages. [1][2]
0: https://github.com/WhisperSystems/TextSecure/issues/560
whatsapp and telegram also use google play services for background notifications. There is no other reliable way to ensure that messages are always delivered on both iOS (push notifications) and Android (Google Cloud Messaging).
Apps just don't get enough API access to do this on their own in a totally reliable way and even if they did, the overhead of multiple applications keeping multiple connections open (and the radio active) would cause a lot more drain on the battery.
Neither TextSecure not Signal use the platform provided notification features for unencrypted data though, so your messages are still safe.
I'm very disappointed that despite numerous papers on the subject in the past decade (even a DEFCON presentation), no implementation has yet appeared, not even a demo.
EDIT: not only is textsecure not on f-droid, but f-droid itself is woefully insecure: https://github.com/WhisperSystems/TextSecure/issues/127
* https://whispertool.cyanogenmod.org/
* https://github.com/daveio/whisperpush-unregister
Set up TextSecure with the Voice option, then go to Settings -> untick "Push messages". That should perform unregistration, then you can re-register.
Sorry, I just downloaded it, but I have no friends on the list yet. I'm impatient. I really want it to work.
The error message when you are not registered yet is also not totally clear. One friend complained that he couldn't see when I had read the message (compared to Facebook Messenger).
On the plus side, you've come really far in usable crypto when you're being compared to that.
Swipe right on a conversation, and it goes into the right hand side. No idea why it's that way. Very odd. Why even have the option if it's going to be a first level function.
I loaded it up and declined to let it access my contacts, but unfortunately it seems like it won't let me attempt to send any messages. I just get a screen that always says "None of your contacts have Signal!"
From what I understand, the reason it wants access to my contacts is to make it easier for me to find out which of my friends already use Signal or TextSecure. But none of my friends use these apps, and my goal is to get them to start. Unfortunately they'll refuse to use it if I have to tell them "Well, you'll need to let Signal upload all of your contacts to their server."
I was hoping for the ability to send a message by typing in a phone number directly. Does anyone know if this is possible? If not, would it be possible to add this feature?
Maybe it could work like this: You tap "new message" and then type in a phone number, just like how regular text messages normally work. Then when you're finished typing in the phone number, the app checks with Signal's server to find out whether that number uses Signal. If that number doesn't use Signal, then the app pops up a message saying "Your friend doesn't seem to be using Signal."
That way I can ask my friends to install Signal and send me a message. When they load up the app for the first time and Signal asks to access their contacts, they can click "no" and then type in my phone number directly.
It seems like many people won't be comfortable letting Signal upload all of their contacts, so unless there's some way to call or send a message by typing in a phone number directly, those people won't start using Signal. I'll have a hard time convincing my friends to use it without this.
Is very hard to keep older iOS support?
Side rant: I hate Apple is leaving my hardware off the grid. It is well cared, like new, battery is ok, no reason to think about replacing other than iOS8, and that sucks.
I'm also disappointed in this. The people I most want to use this with are also the people who have an iphone4.
I don't get the impression it'd be impossible to backport it from that post, so some enterprising individual could maybe do just that...
But if that's not an issue, and they can afford to support at least iOS7, maybe they should do it. However, I'd rather have them focus resources on bringing Signal to Android and to the desktop. I think those are much bigger priorities than enabling Signal for a few extra million iPhone 4/S users.
It could be stored at NSA central for all it matters, and you'd still be the only one able to read the message (using the keys on your device).
It's split into TextSecure for the messaging portion and RedPhone for the call portion[0].
"warning: This project is still in the prototype phase. It contains many bugs and lacks many features."
You can keep track of its progress there :).
What good is open source, when the developer can still add a backdoor later and put the backdoored version on iOS store?
I still need to trust the developer.
(And Apple, too, but once I can't trust Apple I can no longer the OS itself and just throw the phone away)
You also have the baseband CPU on many devices, which can read unencrypted memory anyway. So it is a hopeless case. Which is why this whole secure text craze HN is on is just insane. You'll never beat the momentum of iMessage or WhatsApp. But worse, there is not even any point! Trust begins and ends with a closed device.
Most of us are not going to be a target of state-level intelligence agencies, which are the only possible actors that have the sophistication to compromise the baseband processor. The idea is to prevent dragnet surveillance.
There needs to be a way to have an account that is not tied to a SIM card or any kind of phone number.
I'm frankly astonished there's even a debate about that.
It never asked me to verify his pubkey.
How does key management work? Is it all done through Whisper Systems' servers? If that's the case, how is this effectively better than iMessage? iMessage is also (nominally) quite secure, except for the fact that you have to trust Apple to verify pubkeys, which makes it quite feasible to MITM if you can subvert Apple via legal or technical means.
https://github.com/WhisperSystems/Signal-iOS/wiki/FAQ#can-i-...
(as an aside, I love the screenshots for RedPhone https://play.google.com/store/apps/details?id=org.thoughtcri...)
On Android you can use RedPhone for secure calls and TextSecure for secure text messages. These calls and text messages are compatible with calls and text messages in Signal iOS. Someday TextSecure and RedPhone on Android will be integrated into one unified product called Signal.
The TextSecure brand is unfortunately dead to me. Although I liked the idea in theory of the SMS backwards compatibilty layer, in practice it confused people and caused technical problems which stopped many of my friends using it.
With a reboot as a product with the new name Signal, I can market it again. Needs an Android version first though!
Signal is a rebranding that began with the first app on the iOS platform, which happened to be the voice app. However, Signal is intended to be a fully "integrated" app, that will include text, voice, photo/video attachments, and hopefully video-chatting eventually, too, to take on Skype.
The Android version of Signal will probably arrive this year, too, and when it does TextSecure and RedPhone should be gone from the Play Store.
Signal is a free open-source iOS app from whispersystems, licensed under the GPL. It's counterpart on Andriod is testsecure/redphone, which will eventually be reimplemented and rebranded as Signal for Andriod. It is secure by default, all messages are encrypted using private keys of the participants... whisper does not have they keys (so they can not turn the keys or content over to anyone). You can audit this since it is an open source app, and if you would like to fix a bug or work on a feature you can do that as well. It does not have nearly as big of a user base as WhatsApp, and needs some love before usability/features/bugginess are on-par which whatsapp (shouldn't be too hard to match as WhatsApp itself is not very feature rich and often quite buggy itself). Signal has taken it's time in development (Textsecure for iOS was 'on track' to be released in summer of 2013)...
You can also make secure phone calls with Signal/Redphone, but not WhatsApp.
WhatsApp also uses the 2-part ratcheting developed in Aoxotle my understanding is, but they are not mutually compatable on-the-wire transport.
Also WhatsApp (i.e. Facebook) get the metadata still - who messaged who, and when.
> You need to have Signal on your iPhone. Full stop.
GnuPG is useful, but it's a totally different product.
Man, you guys can't remember a thing for a single week?
- Physical access or confiscation of the device - Possible backdoor in iOS or the physical iPhone hardware? - Compromise or physical access to a host machine where the user backs up their device.
Although, I'm not sure what can be done to stop this.
[0] https://www.usenix.org/conference/usenixsecurity13/technical...
EDIT: After 20 min of no message I just requested another code (I had done this once or twice before) and it worked.
Annnd its fixed the second after I post...dang it. 404's still link you to thoughtcrime.org. Possibly a mistake.
My last gripe (phone call results in only one vibration in vibrate mode), is apparently slated to be fixed in 2.0.2 [1]. Once that's in, there'll be no reason for me to use any other voice/chat app on the iPhone!
Edit: Apparently it's an iOS issue. Filed rdar://20008371. Plz 2 fix it Apple!
