If encrypted sms are abandoned many justice-warriors will be left down,
will lose war against secret services.
Post by David GesselTL:DR? Dear Whisper Systems, if you're moving on from encrypted SMS, could
you please give those of us who really do not want to go with you the
option of continuing to use (and not being automatically upgraded away
from) that feature in an abandonware version?
While it would certainly be nice if it were technically possible to fix
iOS and detect deinstalls and otherwise streamline and simplify the use of
encrypted SMS, it is my opinion that a genuinely useful and irreplaceable
security tool is being lost in the quest for a flawless user experience and
that is suboptimal.
It is certainly true that many secure applications have been hampered,
perhaps even hobbled, in their adoption rates by excessively complex
processes and features that only a true enthusiast could love, but when we
give up an essential feature for a little convenience I think we are taking
the mandate too far.
Here in Iraq (where I've been for the last 4 years), the data service is
cut frequently leaving only voice and SMS. I had good success moving
people to TS from whatsapp during those outages, and even convincing people
who had both iOS and Android to favor their Android devices thanks to TS.
It was a really lovely and seamless experience when secure communications
persisted through network outages and moving from wifi to the crippled
cellular network. No other application did this.
This change breaks an essential encrypted communication channel. SMS is
the dominant, most reliable text coms method - and text is essential to
those of us who are language challenged (not that cellular voice is secure).
Further, I read the dismissal of "expensive" data services on the blog and
while I do not have statistical data to back up my argument either, my
experience is that very few of my coworkers here can afford the $20/month
pre-paid data service. Most have cell service and use data only on WiFi.
TS used to allow seamless secure reach. Without encrypted SMS, that's no
longer possible for the vast majority: in my team, about 1:10 of the smart
phone users have data service and the group is fairly well paid by local
standards. In my observations, people only use feature phones when their
sub-standard smart phone breaks, dumped in this market because there are no
warranties or returns, as they save up for another one.
And, speaking with a colleague who has spent the last 5 years in
Afghanistan, the same is true there: key employees and westerners have
post-paid data-inclusive plans, but the vast majority of employees and
locals have pre-paid plans that include sufficient voice and SMS for their
needs but can't afford data (which is usually 2x the cost of basic
access). They have mostly moved from feature phones (which were
overwhelmingly dominant when I was there) to smart phones, but use the
"smart" features at the office where there is WiFi. (In Iraq, many of our
employees pay for internet service at home, but the average citizen does
not; in Afghanistan it seems even our main employees do not buy data
service at home).
I think you're misinterpreting the data on uptake of overlay services.
Tons of people here also use What'sApp and Vibr, but on wifi, not on
cellular data plans and they still use voice and sms and I have not seen an
unlimited data plan outside of the US. I will admit I've only had one
South American SIM, so my data is incomplete, but in Brazil, Kenya, Italy,
the US, Iraq, Afghanistan, Jordan, the UAE, and Lebanon, where I have
bought and used SIMs, every one comes with voice and SMS services and data
services cost extra, 2-4x the cost of the SIM with basic provisioning in
most markets.
If the mandate is to create a push services app that occupies a usage
space between SMS (less iOS users) and data-only jabber/OTR services that
is as easy to use as possible (and I'm not suggesting this is an invalid
goal for some), I for one would very much appreciate breaking TextSecure
away as a stand-alone app that functions just like the old textsecure did,
or just leave the last encrypted SMS version available on the app store
under a different name.
I suspect you'll find most users prefer encrypted SMS with some minor
compatibility headaches but very reliable delivery to an application
without the compatibility headaches that doesn't support secure coms over
SMS.
Further, a mere one roundtrip's worth of "friction" always felt amazingly
"right" to the users and actually lights up people's faces (because they
see some positive indication that "encryption" was happening).
Detecting encrypted messages, or the lack thereof, doesn't seem like
nearly as hard a problem as creating them in the first place.
State-run telcos (and, of course, all Telcos, state owned or not) are
swimming in metadata from everyone who's carrying a phone. The only way to
minimize that data is to use phones without a cellular radio at all (or one
where the radio has been physically disabled). Further, push does not fix
the metadata leaks and data-mode communications only start to fix the
problems when their Tor-ified. In addressing that case, it seems like
ChatSecure (or Xabber) is a better option than TextSecure. By supporting
encrypted SMS, TextSecure had a clearly defined, unique use case.
I accept that it is hard to make and maintain secure SMS, but that's the
sort of magic 31337 crypto experts pull off.
It is really annoying to have an app I don't want to update because it
breaks the "update all" convenience and requires waiting around and doing
them one at a time. I am sure it will be too tedious for the users I
correspond with to freeze at 2.6, so the update that breaks encrypted SMS
will be uninstall time, alas.