Secure text messaging

Usually if the code is accessible you can rely on the fact that someone else will check it for shenanigans, in a way similar to how peer review is a warranty in scientific publications.

How does Average Joe know that “Study X” is not bogus?
He trusts the scientific community to review the paper and sanction it, or not.

Same goes for software.

Of course it is not an unfalsifiable system, but it is definitely more trustworthy than a proprietary one.

@madde
How do you mean?

Bye

1 Like

You can look at the code and compile both TextSecure as well as most Jabber OTR clients.

threema apk is also directly available from Threema – The Secure Messenger For Individuals and Companies

Sorry, my bad, I totally misunderstood your previous post… I thought you were saying the opposite of what you said!

Bye :wink:

it still makes use of google cloud messaging. Plus: Never download apks from any source.

yes, it does, which is sort of a nuisance. however, at some point one has to trust download sites if one is — like me — not capable of checking any code thoroughly for security flaws. in such a case i prefer to use the suppliers homepage, where i just payed for the app, for downloading the app.

I’ve started using TextSecure a few days ago. So far I haven’t used it much; I don’t text a lot generally and only a few people in my contacts use it.

There is a drawback in using it with the dual SIM Fairphone: it doesn’t show which number a text message was sent to. And it seems impossible to select a SIM when sending an SMS. (I freaked when I received a message about number portability, until I learned my colleagues got the same benign message and I could conclude it was sent to my work phone number. I now deselected the setting that TextSecure receives all SMS messages.)

The issue tracker for TextSecure has an issue about using TextSecure on dual SIM phones, but there is something about Android that makes it hard. Someone suggested Fairphone creates its own solution, as the dual SIM support appears to be phone specific, instead of being part of Android. It would indeed be nice.

1 Like

Personally, I really like Telegram. Easy to use (it’s exactly like WhatsApp), plus you can access your account through all the decives you want. www.telegram.org

Hi there!

I´ve been doing some research about this topic and I have narrowed the choices down to three apps:
-Surespot
-myEnigma
-ChatSeccure

You´ve already mentioned the last one, but for me Surespot seems to be the best one. What is your opinion on that? Do you know if any of these is downloadable from an alternative platform rather than GooglePlay?

You can get ChatSecure on F-Droid if you add the Guardian Project repository.
Also ChatSecure is the only one of the three apps you mentioned that made it on the PrismBreak List, so it’s probably the most trustworthy.

1 Like

Thanks Paul. I will consider getting ChatSecure though F-droid.

1 Like

IMHO the most important part here is what @haffenloher said: Using Google Cloud Messaging service or having a server based in the US is not really a problem if you can verify that the message is incrypted on your phone and only decryptable on the receivers device.

As was mentioned above: This naturally relies on people doing the verification.

In the meantime Threema has set up an own “Polling” feature. It is even possible to choose among several polling intervalls.
So you don’t need Google Cloud Messaging anymore with Threema.

1 Like

And textsecure has been replaced with [Signal][1]. It now has the same name as on iOS.

A growing number of people here at the office use it :smile:
[1]: https://whispersystems.org/#page-top

3 Likes