I'm a big fan of TextSecure and recommended it to all my friends, both those in IT and 'normal' people. Usually, I managed to convince them that the open source nature of TextSecure and the crypto experts behind it (e.g. Moxie) make it more secure than Threema/... . However, the more sceptical ones among my friends always asked two questions, which I didn't have a good answer for:
1. What is TextSecure's business model? Who pays for the server infrastructure?
2. Doesn't WhisperSystems belong to Twitter? Twitter is a US-company (and also part of the NSA stuff), so why should I use that kind of software? [Edit for clarification: I'm from Germany, where the US/Twitter affiliation is seen as a downside by some people].
but these two questions are so central that they deserve more attention than a reply in the support forum. From a technological point of view, TextSecure wins hands down. Now it's time to convince those who are still skeptical because of other reasons.
Just to be clear: I want TextSecure to become successful. I'm a big fan. That's why I'm mentioning this: in order to help spread the word.
> 1. What is TextSecure's business model? Who pays for the server infrastructure?
It's a good question. TextSecure is not a business, so we don't really have a business model in the traditional sense. Open Whisper Systems is a collective project made up of volunteers and a growing number of contributors, who are sometimes paid by donations (https://whispersystems.org/blog/bithub/) and grants.
Thus far, we've been able to smoothly fund the server infrastructure through grants and donations as well. I think we'll probably be able to continue that way indefinitely, but if that ever changed for any reason, we would consider charging small amounts for premium or high cost features like extremely large attachments. But in general, Open Whisper Systems is a project rather than a company, and the project's objective is not financial profit. I know that's a difficult thing to explain.
> 2. Doesn't WhisperSystems belong to Twitter? Twitter is a US-company (and also part of the NSA stuff), so why should I use that kind of software?
This is also confusing, but Open Whisper Systems is not Whisper Systems. Open Whisper Systems has no relationship with Twitter at all, and is a different organization that came together to facilitate development of the Whisper Systems software which was released under GPLv3. Twitter has never contributed money or resources to Open Whisper Systems, and is not in control of any of the infrastructure.
Hey moxie, I recently myself switched to using TextSecure (mostly was just looking from an SMS app from reputable people, but the crypto parts are a nice bonus). The above question about the business model was also my first question after my initial evaluation. It would be awesome if you could put this info somewhere on the website (maybe I missed it?).
That is indeed confusing. Because the names are so similar, there is an implied close relationship between these two entities. Have you considered renaming the project?
An iOS version is in progress and should be released in the next few months [1].
The TextSecure servers are not hosted in Google's data centers. Google's GCM push messaging framework is used to deliver messages to Android users, but the GCM payloads are fully encrypted.
I'd actually like a Chrome browser extension version, too (yes, I recognize the vulnerabilities vs. a true native client, but signed browser extensions mitigate a lot of those)
What's the relation between the server and the SMS verification when setting up the app? I haven't tried TextSecure in a while, but when I tried right after you announced TextSecure v2, I kept getting failure to send me the SMS, and I had to receive the robo-call. I had a friend from another country who experienced the same. Is that still a problem?
There were some capacity issues when the new version of TextSecure was first released. The SMS code is used to verify ownership of a number before it can be used for Push messaging.
Note that you're forking the net with this though.
As far as I understood in the posts about TextSecure here:
- You can run your own server
- Your server cannot talk to the 'official' servers
- Federation is somewhat possible, but works on a 'We whitelist your machine' base
It's not XMPP. So people using 'Default' TextSecure and your friends & family on your own TextSecure server would be isolated, as far as I understand.
I'd love to be corrected though, because THAT (not business model/jurisdication) is my reason why I'm not comfortable using/recommending it. No offense to moxie and his team, but for me this is another Threema unless running under my (most likely not competent enough, if we're honest) supervision.
I'd like a good answer to the first question as well (it would be ideal if there was an easy way we could host it ourselves), at least OpenWhisperSystems does not belong to Twitter [0]:
> Whisper Systems was a company focused on the development of mobile security software, which was acquired by Twitter in late 2011. Twitter very generously made some of the Whisper Systems software available under an Open Source license (GPLv3), which has since been under open development by the community. The software has seen a number of new releases based on that open development, and we’ve been calling the project for this continued work “Open Whisper Systems.” Welcome to the project’s new home.
Afaik TextSecures server infrastructure consists mainly of Google Play Services which comes at no financial costs for them but with the downside of depending on Google to temporary store encrypted text.
This isn't entirely true. A detailed explanation is available in the Open WhisperSystems Support Center [1] and several solutions are in the works. Google's GCM push messaging framework is used only for message delivery; the TextSecure server itself is open source [2].
It's true currently. At the support page you link first it is promised that it will be eventually changed but now: "Outside of Google's GCM, the fact is that there are no alternative push messaging frameworks for Android that can scale to the millions of users that TextSecure has. GCM requires Google Play."
Note, the page confirms: Google Play still has to be installed to use TextSecure on Android. That is the current state. Google has practically the root access to the every Android device which runs TextSecure.
Full disclosure: I wrote that Support Center article. The comment I was replying to made it sound as though TextSecure's infrastructure is almost entirely Google-based. It is not, and that's what I meant when I said "This isn't entirely true." The server is open source and it already includes preliminary support for WebSockets and Apple's APN push messaging network. Google's GCM is merely one component, and alternatives are being worked on.
Apple also has root access to all iOS devices via their over-the-air update framework. Opaque basebands and graphics chips with closed source drivers are difficult to trust too. None of these scenarios mean that software which offers serious improvements over the status quo should be casually dismissed. TextSecure can (and does) provide significant protection from mass surveillance and targeted surveillance. Security nihilism is corrosive.
So it's still true that currently the sever side uses only Google servers. It's nice to hear that there's work on the alternatives.
What you call "nihilism" is simply the observation of the current state. At the moment Google has root access and all the metadata of all TextSecure users, and currently the user can't configure TextSecure to use some other servers even if he'd prefer to do so. Still I'm glad that I've seen that some server-side code is now open source.
The server side is currently relaying messages for the in-progress iOS and Chromium clients. That's functionality that exists today, even though the clients are still under development. The TextSecure server is an elegant and important part of TextSecure's infrastructure. I stand by my assertion that it's an oversimplification to say that TextSecure == Google's Servers.
Google does not have access to any metadata, other than the fact that you are a TextSecure user who has received a Push notification. GCM payloads are fully encrypted. Google cannot tell who a message was from, they cannot see which numbers were involved (users are free to register with a number that is different than the one assigned to the cell phone that is running TextSecure), they cannot tell whether or not it was part of a group conversation, and they cannot see its contents.
Yeah. The more substantial downside is that Google effectively has remote root access to every device which holds decryption keys for that text. That's not exactly ideal.
I would rather pay a nominal fee to support their infrastructure than have to rely on Google Play Services for a supposedly "secure" messaging service.
I see you point but it should not weaken the security because encryption happens at the client, Google "only" gets metadata which at least authorities will get anyway.
Besides, TextSecure is free software so it might possible to run your own server at least in the future.
Every network that carries your communication gets the metadata.
In this case, it seems like that metadata would 'just' be the time you sent and received messages from the server. Depending on how Google's push protocol works.
So for the average person that would be fine, but if you were seriously annoying a government that was in bed with your phone company, they could probably figure out who was a part of your cell by the timing of your sent and received messages.
I don't know, but I would have guessed that Google needs to know when it should deliver a message and where it should go, no? That is metadata in my definition.
GCM payloads are fully encrypted. Google would be able to tell that you are a TextSecure user who is receiving a message, but they cannot tell who the message is coming from nor can they look at its contents (obviously).
There may not be the traditional byte at a time comparison type timing attack, but maybe this is still vulnerable to timing correlation attacks in the same sense that tor is. That is, Google or someone monitoring Google's network can look at all the messages and see who is talking to whom by matching up timing and encrypted message bodies.
So I'm guessing it should work fine and the comment above is probably too pessimistic about the situation.