26
Jun
unnamed

We don't need no NSA up is our business, right? CyanogenMod recently added the Privacy Guard feature to nightlies to protect user data from sketchy apps, but the next innovation might go deeper than that. Koushik Dutta (Koush) has started development of a secure messaging platform for CyanogenMod devices.

original

Koush expressed his admiration for the elegance of iMessage in his post, and he wants to do the same for CyanogenMod. To that end, Koush has built an encrypted open source push messaging plugin for CM that would stand in for regular SMS. It's built into the framework so it works transparently with any SMS app. This is essentially PGP for text messages, but falls back to regular SMS when needed.

The plugin would only work for push messaging between two CyanogenMod devices, but there are about 7 million of those now. So maybe it will get a lot of use. There are still plenty of unanswered questions. Will there be read receipts? Will users know if their message is going over the encrypted system prior to sending? The plugin is new and still in active development. Koush is looking for feedback, but it's too early for serious testing of the features yet. Could be pretty cool, though.

[CyanogenMod on Google+]

Ryan Whitwam
Ryan is a tech/science writer, skeptic, lover of all things electronic, and Android fan. In his spare time he reads golden-age sci-fi and sleeps, but rarely at the same time. His wife tolerates him as few would.

  • occamsrazor

    Problem with this is that I don't know anyone else with CM, and I doubt I could convince them to go through the rooting and installing a custom rom process just for secure messaging.

    • Marco Kirk Biasin

      It's just an added value. It would be transparent, you would have free-encrypted sms with cyanogenmod device and normal sms with other device, without even noticing it.

    • spacekobra

      I asked him about that when he posted it. All other rom developers need to do is merge the changes he has made. Its all posted.

      • Marco Kirk Biasin

        Yeah but he's talking about stock rom. A play-store app of this would be perfect to close the circle.

        • spacekobra

          He modified something in the system files if I'm right. I wonder if it is possible to do it on an odexed rom.

          That's all I know. I'm no dev.

  • Evan

    I'm not a dev, but why not a bitmessage client? https://bitcointalk.org/index.php?topic=224145.0

  • Emanuele Ricci

    I hope that this will be integrated and used also by others :)

  • Sqube

    Is there any likelihood of something like this being standalone? Or does it have to be baked deep into a ROM?

    • Marco Kirk Biasin

      You can find some apps on the play store, like this

      https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=it

      the point is, every device you want to send cripted sms to need to have this installed, or it will be sent as simple sms. This app also claim "TextSecure is the only Android private SMS/MMS messenger replacement
      that uses open source peer-reviewed cryptographic protocols to keep your
      messages safe." The advantage of it being integrated in cyanogenmod would be it being Open Source and diffused a lot more than a simple app. I still hope in a better Google Hangouts ;)

      • bobby.tables

        TextSecure is also OpenSource as far as I know. Basically it's the superior solution because it doesn't need to be integrated into the ROM but works perfectly as a standalone app. It mimics the stock SMS client and allows the import of your old texts. Perfect!
        For secure chat you could use GibberBot.

  • DanSan

    this is what google hangouts app should have done..

  • QwietStorm

    Is that a cat or some weird squid like creature with whiskers?

  • Ray

    I don't really see any point to this. Unless it's an app that anyone can install from the Play Store I can't see it really taking off. Even if devs merge it into their ROMs, this is still about 0.000001% of all Android devices.

    About half of my friends use iOS devices. Those that do use Android aren't even rooted, nor have a clue what root is never mind flashing a custom ROM.

    CM have done some brilliant things - don't get me wrong. I just think the time and effort could be much better spent on something else.

    • duhduh

      you are only going to be messaging < 0.000001% of all Android devices

  • Sorgo

    In the context of a cryptanalytic effort, maintenance of technical data basesrequires retention of all communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis.

    https://www.techdirt.com/articles/20130620/15390323549/nsa-has-convinced-fisa-court-that-if-your-data-is-encrypted-you-might-be-terrorist-so-itll-hang-onto-your-data.shtml