
How secure is TextSecure? - laex
https://moderncrypto.org/mail-archive/messaging/2014/001030.html
======
rsync
TextSecure cannot be any more secure than the intentionally backdoored systems
that they run on.

Your carrier can install arbitrary code, without your knowledge, on _both_
your baseband and your SIM card, and depending on your phones implementation,
have direct (as in DMA) access to your entire application processor and
whatever OS and userland is running on it.

There is no way around this. If it's a mobile phone, it cannot possible be
secure and cannot in any way be considered _your_ device.

~~~
qq66
> If it's a mobile phone, it cannot possible be secure

That treats "secure" as a binary condition where something is either 100%
secure, or it's just "insecure." It's somewhat like dividing Supreme Court
judgments into those that are 9-0 and those that aren't, treating 8-1
decisions the same as 5-4. It's not wrong, it just throws out a lot of useful
information.

"Secure" is an analog value for data just like "secure" is an analog value for
physical objects. If you have a precious object, locking it up and hiring a
security guard to protect it makes it more secure than leaving it on the front
seat of your unlocked car. It's not very useful, when discussing various types
of safe deposit box locks, to say "a safe deposit box can't possibly be secure
since a bank robber can come and steal it." Things can be made more and more
secure, but even Fort Knox has vulnerabilities.

------
georgemcbay
Haven't looked at it in a while but when I did previously it was prone to the
nearly universal Android issue of leaking data through AccessibilityService,
which is basically this:

I leave my phone on my desk, Bob grabs it while I'm in the bathroom, turns on
Unknown Sources, installs an apk from a known URL which implements an
accessibility service that forwards all TextView contents over to his
nefarious logging servers.

Once he installs this service (rooting and USB connection not required, just
physical access to a non-PIN-locked phone and takes about 5-10 seconds to do
if you've already posted an apk ready to install to some public url) it will
always be running and come up on startup whenever the phone is rebooted and
never show me any indication that it is running (unless the service ANRs or
crashes or I go to the Accessibility settings page in the OS settings which I
am unlikely to do as a user who doesn't require any special accessibility
features).

Bob then puts my phone back and I begin to use it unawares. All of my data
that is displayed to the UI at all is leaking regardless of how secure the
network protocol is.

Take-aways:

If you are an Android user and care about things like secure chat being
actually secure, PIN protect your phone or glue the phone to your skin so
nobody can install an APK without your knowledge.

If you create an ostensibly secure Android app consider querying
AccessibilityManager occasionally to take a look and see if any accessibility
services are running and if they are indicate this to the user in some visible
fashion that explains the risks, this allows people who have legitimate
accessibility issues to use the app but mitigates the possibility of a data
leak that the user is completely unaware of. Or alternately use an
accessibility delegate on all your TextViews and other leaky widgets and have
a setting in your app where when this filtering is disabled it is obvious to
the user.

~~~
georgemcbay
In response to ossreality's reply (you're hellbanned, btw, so your post is
[dead] and I can't reply to it directly):

There's a huge difference between "enemy has your device and virtually
infinite time to muck with it as he pleases" and "software that can be
installed in a matter of seconds with no privilege escalation can subvert the
security of nearly every app on your phone".

------
kristofferR
A few friends of mine really really tried to switch from Hangouts to
TextSecure, but we couldn't do it - it was just too painful, complicated and
buggy. We're using Telegram now and it's at least way better than Hangouts and
TextSecure on the user experience, even though it's less secure than
TextSecure.

Are there any good secure messengers out there that truly works cross platform
(iOS, Android and Web/Win/OSX)? It's a shame that something like Telegram
seems to be the best right now, considering its dodgy security model.

~~~
RDaneelOlivaw
I've not found textsecure to be buggy at all, can you explain your experience
a bit more? My friends and I switched to it from surespot and love it. Its
also a killer feature that it handles standard SMS as well. A single app for
all messaging.

Also, wasn't telegram demonstrated to have awful crypto? Like basically
pointless to use from an encryption standpoint?

I'm keeping an eye on the forthcoming Hemlis messenger which should have good
crypto and launch on iOS/android and from the demo videos it has an awesome
ui. However they're taking forever to launch the thing so who knows when it'll
be out. Also it will need to be open sourced and audited before I trust it.

~~~
kristofferR
It suddenly, for no apparent reason at all, stops working until it is
reinstalled. Messages are marked as being successfully sent, but they're not
being received by the recipient. All my friends have the same issue.

Since it's only on Android I can't use it as the single app for all messaging.
I certainly type much faster on my desktop keyboard than I do on my cell
phone, so I need something with desktop support too. A lot of my friends also
have iOS, which also is an issue.

Telegram's crypto is pretty weird, and potentially insecure - no doubt.
However, it's the only messaging app I've found with good clients (superb in
fact) on all platforms that has some level of encryption. I don't "need"
(although I would certainly prefer) to be protected from targeted attacks, I
need to be protected from mass surveillance.

~~~
justcommenting
> Since it's only on Android I can't use it as the single app for all
> messaging.

messaging is expected to be rolled into the Signal iOS app quite soon, as I
understand it

~~~
mayneack
It's been just soon for quite some time now.

[https://github.com/WhisperSystems/TextSecure-
iOS](https://github.com/WhisperSystems/TextSecure-iOS)

------
Tepix
Right now, the most insecure aspect of TextSecure is that it's not yet
available on iOS. Can't wait!

Also, I hope in the long run it'll be decentralized like XMPP. I'd prefer to
run my own server to make it harder to gather metadata on a large scale.

~~~
laex
They're set to add the messaging feature to the "Signal - Private Messenger"
app. Although, when is the question.

[https://itunes.apple.com/app/id874139669](https://itunes.apple.com/app/id874139669)

[https://github.com/WhisperSystems/Signal-
iOS](https://github.com/WhisperSystems/Signal-iOS)

~~~
furyg3
Don't hold your breath. Every now and then I check out the GitHub repo but
there's not a lot of activity there.

It's a pity... I'd be willing to pay for an iOS port, if only to be able to
push my friend circle to switch away from WhatsApp.

~~~
zmanian
You can help pay for iOS development of TextSecure in tax deductible form.

[https://freedom.press/bundle/encryption-tools-
journalists](https://freedom.press/bundle/encryption-tools-journalists)

~~~
nicoles
Thanks for pointing that out. I was curious where to donate to them as well.

------
ll1t
I'm one of the authors of "How secure is TextSecure?". Here is my take on the
paper and the developers' comments: [https://medium.com/@ll1t/re-how-secure-
is-textsecure-cd0ff0f...](https://medium.com/@ll1t/re-how-secure-is-
textsecure-cd0ff0f2fcfb)

------
lmedinas
Got to love Simpsons analogy in the text.

------
smnrchrds
How does TextSecure do group chat?

~~~
morsch
Like this: [https://whispersystems.org/blog/private-
groups/](https://whispersystems.org/blog/private-groups/)

------
manuw
Never had problems with Secure text. I use it every day.

