TextSecure: Encrypted messaging app for Android


Recommended Posts

Today?s release of TextSecure is the final step in the transition from a private SMS app to a private asynchronous IM app that does not depend on SMS/MMS.

 

Using the lessons we?ve learned from the SMS environment over the past four years, we?ve developed an open protocol for asynchronous chat that enables private communication instantly with friends, private groups for realtime collaboration, and the ability to quickly and seamlessly share media privately ? all without depending on SMS.

 

High Privacy, Low Friction

 

At Open WhisperSystems, our objective is to advance the state of the art for secure communication, but also to reduce the friction required for ordinary people to make use of it. We want everyone to have access to advanced secure communication methods that are as easy and reliable to use as making a normal phone call or sending a normal text message.

 

With an advanced ratchet, enhanced deniability, and an asynchronous orientation, we believe the TextSecure V2 protocol represents a significant step forward in what?s possible for the asynchronous chat environment today.

 

We?ve also made a substantial effort to simplify the typically difficult user experience that comes with end to end encrypted communication. The new TextSecure protocol doesn?t require a round trip key exchange process, eliminates half-open sessions, and is lightning fast ? all without compromising forward secrecy or deniability. This creates an experience that takes encryption entirely out of the user?s way. A user simply sends a message, and it?s encrypted end to end, every time. Unlike other IM services, there is no distinction between ?private? chats and ?normal? chats. Private is normal.

 

textsecure2-conversation.png

[...]

 

https://whispersystems.org/blog/the-new-textsecure/

 

I found a pretty good replacement for Hangouts for those that only use it for SMS. (Y)

Link to comment
Share on other sites

Hello,

So I suppose all of your are secret gov agents wanting to hide stuff from your oh so private and personal life and is matter of death and life?

If so, OK. Carry on.

Link to comment
Share on other sites

I would have the initial problem of getting everyone I know to switch over to it. Although I'm pretty sure the Government doesn't care about what I'm texting anyway. :laugh:

  • Like 1
Link to comment
Share on other sites

Hello,

So I suppose all of your are secret gov agents wanting to hide stuff from your oh so private and personal life and is matter of death and life?

If so, OK. Carry on.

 

It's the principle that counts. Just because you have nothing illegal to hide, doesn't mean you aren't entitled to a degree of privacy. If you disagree, email all of your Skype chat logs with your girlfriend and your text logs to your girlfriend to the NSA please.

Link to comment
Share on other sites

Supposedly an iOS version will becoming soon, so it won't be an Android exclusive for long. It was mentioned on this week's episode of Security Now.

Yes, that's true. They're also have plans to re-brand it: https://whispersystems.org/blog/a-whisper/

 

Hello,

So I suppose all of your are secret gov agents wanting to hide stuff from your oh so private and personal life and is matter of death and life?

If so, OK. Carry on.

Yes! You're right. I'm a secret government employee with super secrets to keep secret. If anyone finds out what I'm texting to my secret government coworkers, then my life will be in danger. Good thing I don't work for my carrier. I don't think they'd take security as seriously as the government. :) I wonder if they care about my right to privacy, though. Hmmm.

 

From the page 'Uses a 128-bit AES key'

So no, low security, low privacy, same typical marketing gimmick.

That encryption key size is good enough. Sure, 256-bit AES encryption offers more security but that comes at a price. There's a 40% performance hit when going from 128-bit to 256-bit. And if anyone cracks it, then you must have made some enemies with a lot of resources at their disposal. Surely they wouldn't waste that on a random law-abiding citizen like you.

Link to comment
Share on other sites

That encryption key size is good enough. Sure, 256-bit AES encryption offers more security but that comes at a price. There's a 40% performance hit when going from 128-bit to 256-bit. And if anyone cracks it, then you must have made some enemies with a lot of resources at their disposal. Surely they wouldn't waste that on a random law-abiding citizen like you.

 

I don't even think the key size is the biggest issue. nobody uses brute force. its more that most rsa implementations have holes.

 

also,not sure if the protocol would be prone to MITM attacks,havent looked into it.

Link to comment
Share on other sites

That encryption key size is good enough. Sure, 256-bit AES encryption offers more security but that comes at a price. There's a 40% performance hit when going from 128-bit to 256-bit. And if anyone cracks it, then you must have made some enemies with a lot of resources at their disposal. Surely they wouldn't waste that on a random law-abiding citizen like you.

Yeah pretty much what vcfan said, AES is known to be completely vulnerable and crackable by the NSA, in other words it's a moot encryption that has no security.

Link to comment
Share on other sites

hehe, i 100% guarantee no one besides yourself has any interest in all of your texting. (unless your wife/GF physically looks through your phone)

 

fear does sell though. I should should capitalize on it too i guess, fear has always been a number 1 seller.


It's the principle that counts. Just because you have nothing illegal to hide, doesn't mean you aren't entitled to a degree of privacy. If you disagree, email all of your Skype chat logs with your girlfriend and your text logs to your girlfriend to the NSA please.

they wouldn't care... serious... want proof? I can email you mine right now... I don't care...why? because you don't care to read mine either.

Link to comment
Share on other sites

hehe, i 100% guarantee no one besides yourself has any interest in all of your texting. (unless your wife/GF physically looks through your phone)

they wouldn't care... serious...

 

I know but you wouldn't feel comfortable sharing that with other people full stop would you? Your Sexting and "lovey-dovey" moments with the person you love?

Link to comment
Share on other sites

Hello,

I would have the initial problem of getting everyone I know to switch over to it. Although I'm pretty sure the Government doesn't care about what I'm texting anyway. :laugh:

 QFT

 

It's the principle that counts. Just because you have nothing illegal to hide, doesn't mean you aren't entitled to a degree of privacy. If you disagree, email all of your Skype chat logs with your girlfriend and your text logs to your girlfriend to the NSA please.

Sure. What is their email address? She doesnt care and I dont care about random unknown people seeing pictures of the human body. I think you, I, her, your family members, my family members, etc. have all seens pictures like this.
Link to comment
Share on other sites

I know but you wouldn't feel comfortable sharing that with other people full stop would you? Your Sexting and "lovey-dovey" moments with the person you love?

 

true there would be somethings i would rather not have you to see/read.. but i know you aren't reading them, as much as no one else is reading them... because no one cares to read them just as much as you have no interest to read mine just as much as I have no interest to read yours. Could I? I suppose if i took the effort to target you I could read them... but WHY would I? ... you have no value to me (in the context of this conversion, don't mean it in a bad way). Now i Imagine if you were publicly speaking of mass murder though use of a bomb, then now you have gained my attention and are of value to have surveillance. But until then... sorry. the regular joe smoe, like you and me and everyone else on this forum and 99.9% of the population, are just not worthy enough.

Link to comment
Share on other sites

hehe, i 100% guarantee no one besides yourself has any interest in all of your texting. (unless your wife/GF physically looks through your phone)

 

fear does sell though. I should should capitalize on it too i guess, fear has always been a number 1 seller.

they wouldn't care... serious... want proof? I can email you mine right now... I don't care...why? because you don't care to read mine either.

Actually they would care, as snowden's material has shown several times. The NSA love to be able to slam people/discredit them/spread disinformation about them, and that's been shown to mostly include people's personal/love life and what they've been saying to people and what they get up to in their own home.

So yes, seeing as you don't do anything, chances are they don't care about yours personally, that does not in any way mean they don't care about/exploit other peoples though.

Link to comment
Share on other sites

Actually they would care, as snowden's material has shown several times. The NSA love to be able to slam people/discredit them/spread disinformation about them, and that's been shown to mostly include people's personal/love life and what they've been saying to people and what they get up to in their own home.

So yes, seeing as you don't do anything, chances are they don't care about yours personally, that does not in any way mean they don't care about/exploit other peoples though.

 

Gonna be laughing my ass off once it's proven that 90% of what's being attributed to that moron is fake, case in point just about everything past the initial leak fails the stink test as in it smells very fishy, and that usually means it's rotten or fake, notice how pat the initials leaks the governments involved just stopped caring about it? Another good indication of its validity 

  • Like 1
Link to comment
Share on other sites

Gonna be laughing my ass off once it's proven that 90% of what's being attributed to that moron is fake, case in point just about everything past the initial leak fails the stink test as in it smells very fishy, and that usually means it's rotten or fake, notice how pat the initials leaks the governments involved just stopped caring about it? Another good indication of its validity 

They stopped caring about it because there's nothing confidential being shown, no info about how they are wire tapping, etc.

And here's a great example of where you are actually completely wrong - past disinformation events: http://news.bbc.co.uk/1/hi/4489696.stm

http://www.bbc.co.uk/news/technology-25118156

And there was one where the USA and UK finally admitted to overthrowing a middle eastern government and spreading propaganda to get someone else elected but I can't find the link, but there's plenty more examples on http://en.wikipedia.org/wiki/Black_propaganda

Link to comment
Share on other sites

true there would be somethings i would rather not have you to see/read.. but i know you aren't reading them, as much as no one else is reading them... because no one cares to read them just as much as you have no interest to read mine just as much as I have no interest to read yours. Could I? I suppose if i took the effort to target you I could read them... but WHY would I? ... you have no value to me (in the context of this conversion, don't mean it in a bad way). Now i Imagine if you were publicly speaking of mass murder though use of a bomb, then now you have gained my attention and are of value to have surveillance. But until then... sorry. the regular joe smoe, like you and me and everyone else on this forum and 99.9% of the population, are just not worthy enough.

 

I know I have nothing interesting, but obviously not everyone they target for surveillance is going to turn out to be a terrorist or criminal etc. It's more of a gesture encrypting SMS's really because they'll just crack it if they want. More so this is about me making a statement that I don't agree with people being able to read my private conversations between loved ones on a whim. The same reason I signed the petition to overturn the censorship on South Park: The Stick of Truth, because I want to make it known I don't agree with it. If they don't get any backlash at all they'll think it's ok.

 

Hello,

 QFT

 

Sure. What is their email address? She doesnt care and I dont care about random unknown people seeing pictures of the human body. I think you, I, her, your family members, my family members, etc. have all seens pictures like this.

 

nsapao@nsa.gov

 

So because you don't care about letting anybody seeing your private affairs, everyone else should? 

Link to comment
Share on other sites

I don't agree with people being able to read my private conversations between loved ones on a whim. 

 

Neither do I, but having said that, I am happy to know there are agencies who actually do it if there happens to be sufficient reason to do so.

Link to comment
Share on other sites

Yeah pretty much what vcfan said, AES is known to be completely vulnerable and crackable by the NSA, in other words it's a moot encryption that has no security.

Yes, of course AES is broken, that's why the US government uses it internally for their top secret data.

Link to comment
Share on other sites

I would have the initial problem of getting everyone I know to switch over to it. Although I'm pretty sure the Government doesn't care about what I'm texting anyway. :laugh:

pretty much... hey they can hack in and steal all my pr0n, they might learn a thing or two.

Link to comment
Share on other sites

  • 2 weeks later...

Hello,

nsapao@nsa.gov

 

So because you don't care about letting anybody seeing your private affairs, everyone else should?

Sent. I just wanna see what they reply :laugh:

Basically, yes. The issue is WHY do you care about people seeing your private affairs?

The only reason I see people caring about hiding their private affairs is because they are doing something illegal and/or doing something this agency deems illegal or against them. Other than that, the employees there really dont care.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.