TextSecure

Encrypted SMS between any devices running CM or the TextSecure service hitting CyanogenMod builds soon

TextSecure is a service for Android and iOS that offers complete encryption and secure messaging between devices using it, and by all accounts it's a great service for those that need it. Security is important, and some people have a need to know that the only person reading their messages is the person they are addressed to. 

The only issue with TextSecure is that you're required to use the application itself to handle your messages. This is where the folks at CyanogenMod want to step in and change things. By building the service into the operating system itself, users should be able to use any messaging app and still enjoy the encryption WhisperPush has to offer. Messages sent to any device running a compatible version of CM, or any device running the TextSecure app will be able to hold a completely secure session. That's pretty slick.

The service is hitting the 10.2 nightly builds tonight, and after testing and seeing how the servers act with the extra load, WhisperPush will be enabled in CM 11 as well.

Source: CyanogenMod

 

Reader comments

CyanogenMod to integrate WhisperPush secure messaging

13 Comments

Well, hopefully other ROM developers would incorporate this as as we all know SMS is not encrypted. Hopefully we can still send encrypted SMS messages without a data connection or else it kinda defeats encrypted SMS...

Even better, maybe Google would include this functionality in Android by default. This is something that everyone needs, and they shouldn't need to flash a custom ROM to get it.

Thanks for that.

A practical reason for Google to do this is to improve Android's enterprise security credentials. If an OS promotes itself as being secure, businesses will be more inclined to buy it. That's why BlackBerry was so popular. Businesses want this, and they'll choose the platform that offers it.

Well technically you don't with the app, but baking into the ROM makes it more convenient. What this app will do unfortunately is fragment SMS, those with the functionality and those who do not. I don't think this works cross platform. Also, I still know some people with dumb devices so I can't text them with it. I think there needs to be a detection logic to ensure your recipient can receive encrypted text before encrypting them or something.

There would have to be some kind of setup for each contact, since you'd need to share public keys with each other for encryption to work. If this was baked into the OS, those keys could be stored in your contacts. Then, when you pulled up someone to text, the SMS app would know that there was an encryption key available for that person.

Posted via Android Central App

Actually, it doesn't utilize public key encryption. And the explanations are a little vague for my liking.

Check out the post on CM's website. It is built from the TextSecure system which is cross platform.

"For those unfamiliar, TextSecure is an open-source cross-platform (iOS and Android) client that encrypts your SMS messages both locally, and over the air when sending to other TextSecure users."

It also switches back to an unsecured SMS in the event that you are texting someone without the TextSecure system. It's not a separate app but rather baked into the rom itself.

"Your messages to other CM or TextSecure users (regardless of iOS or Android) will automatically be encrypted and secured. In the event your receiving party isn’t on CM or using TextSecure, the implementation will silently fall back to a normal SMS message (unencrypted)."
"By leveraging this for our TextSecure implementation, we can extend the encrypted messaging functionality to nearly any SMS application you decide to use."

Drug dealers and tinfoil hat types rejoice!

----------------------------------------------------
So where is the competition for the Note 3? Oh right there isn't any...