[Cryptography] Signal planning no support for plaintext SMS
leichter at lrw.com
Tue Nov 8 18:13:58 EST 2022
> Is there any secure IM software that doesn't suck? Or, alternately, is severe
> suckage a prerequisite for secure IM software to filter out anyone who isn't
> really serious about having encrypted comms?
Uhm ... you will need to define your terms.
iMessage most definitely "doesn't suck." It's highly usable, and is used by hundreds of millions, if not billions, of people - who need make no special effort to use it in a secure way. (In fact, I would contend that any system that requires the user to specifically pay attention to the system's security is forever going to restricted to a small subset of potential users.) Granted, it's only available on Apple devices - though it works fine on both phones and computers (and other devices with no phone number). Is "ability to run on my favorite OS that isn't Apple's" part of your "doesn't suck" definition?
As for "secure": The published information describes a very secure system. How secure the *implementation* is ... is of course hard to tell. There have been no significant breaks published. Various governments complain about their inability to break it; you can choose to believe them or not. No, it's not open source - but then again OpenSSL has been open source for many years, and that hasn't prevented it from having serious security bugs. What's your definition of "secure"?
More information about the cryptography