I'm a big fan of TextSecure and recommended it to all my friends, both those in IT and 'normal' people. Usually, I managed to convince them that the open source nature of TextSecure and the crypto experts behind it (e.g. Moxie) make it more secure than Threema/... . However, the more sceptical ones among my friends always asked two questions, which I didn't have a good answer for:<p>1. What is TextSecure's business model? Who pays for the server infrastructure?<p>2. Doesn't WhisperSystems belong to Twitter? Twitter is a US-company (and also part of the NSA stuff), so why should I use that kind of software? [Edit for clarification: I'm from Germany, where the US/Twitter affiliation is seen as a downside by some people].<p>It would be great if TextSecure/Open Whispersystems publicly addressed these points. I have seen that there's a reply from Moxie here: <a href="http://support.whispersystems.org/customer/portal/questions/5836104-how-is-openwhispersystems-paying-for-the-its-server-costs-" rel="nofollow">http://support.whispersystems.org/customer/portal/questions/...</a><p>but these two questions are so central that they deserve more attention than a reply in the support forum. From a technological point of view, TextSecure wins hands down. Now it's time to convince those who are still skeptical because of other reasons.<p>Just to be clear: I want TextSecure to become successful. I'm a big fan. That's why I'm mentioning this: in order to help spread the word.
I've been using TextSecure for my private messaging and am a big fan.<p>I can't wait for WhisperSystems to release the iPhone version of the app -- at that point, all my family's communications will go through TextSecure.
I would love to have a console or even web client for this.<p>Or is anyone aware of a secure group chat application to replace IRC (or SILC for that matter)?
This is great! And I love TextSecure.<p>But I wish it didn't send my contact list to its servers and store them in perpetuity [1]. Has it be considered to use:<p>1. text message history with a contact to derive a key between two contacts?<p>2. adding metadata to text messages to discover the sender uses TextSecure?<p>By (1), I mean Alice and Bob may already have exchanged several messages. I believe there is a lot of entropy in text messages. That should be leveraged during the key exchange. In addition, you'd also use WhisperSystems's servers as another channel, so the mere possession of the text history doesn't allow an attacker to guess the key.<p>(2) would only be useful when Alice sends her first text to Bob. She would for example hash(text_message + "I use TextSecure"), then append the encoded hash to the text and finally send it. The encoding could be white spaces for 0 and tabulations for 1. The size of the hash could be as small as 8 bits, because adding 8 trailing spaces/tabs to a text is so rare in real life. Once Bob receives the text, he can reasonably assume Alice uses TextSecure and then start the regular key exchange.<p>[1]: <a href="https://whispersystems.org/blog/contact-discovery/" rel="nofollow">https://whispersystems.org/blog/contact-discovery/</a>
" ephemeral signing key pair along with K. ... hash-ratcheting K and including a signature in the transmitted ciphertext."<p>Can someone knowledgable comment about the crypto protocol here and how this provides guarantees that ensure the server can't reverse the messages for multicast (am happy to read academic papers here too)?
On somewhat of a meta-HN note it seems strange to me that every one of kaeporan's comments has been heavily downvoted. Seems unnecessary - maybe the downvote karma threshold needs to be raised again? To 1000?
I wished moxie would have discussed more the group management aspects.<p>> Anyone can create a group, name it, give it an avatar icon, add members, and then everyone can chat together with a normal asynchronous experience.<p>Does this mean that any group member can add more members? Are there any IRC-like moderation features (even planned?), eg. privileged members who can remove users from group? Is there support for persistent groups (ie IRC channel equivalents)?
The fact that transcript consistency is waved aside, despite being an essential property of a messaging protocol <i>especially</i> in a group context, is problematic, from my perspective.<p>Consider a group chat between Alice, Bob, and Carol. With this protocol, Alice can selectively send different messages to Bob and Carol with both of them thinking they got the same message.<p>For example, Alice can tell Bob "The funds were transferred, thanks!" and tell Carol "Bob is stealing money." — and the protocol will ascribe integrity to the messages for both participants and label them as the same message.<p>That said, I strongly respect Open Whisper Systems. They usually release very well thought-out material. Perhaps they should have paid more attention though to this particular issue.