Discussion:
[whispersystems] Coexistence of TextSecure and other encrypted SMS applications
Carey Metcalfe
2015-04-16 20:47:51 UTC
Permalink
Would it be possible to allow TextSecure and other apps that implement the
TextSecure encryption protocol over SMS to coexist on the same device if it
didn't impact the TextSecure users?

Proposed change:
https://github.com/pR0Ps/TextSecure/commit/2e5bbea9c1fdfa00039ee8ee246cf55dff341c89

This is a different way of accomplishing the same goal as the
https://github.com/WhisperSystems/TextSecure/pull/2817

TextSecure will still show warnings for encrypted messages, except when
it's not configured as the default SMS application **and** it detects that
another app capable of receiving encrypted messages is installed.

This improves the experience for users who've installed an alternate
application (which will intercept the SMS instead), while still letting
users who are only using TextSecure see the message and encourage their
contacts to upgrade to the push service.

The proposed implementation is just using the package manager and hardcoded
application IDs to do the detection. Seems like the simplest option with
the least code, if a bit of a hack.

If this method isn't satisfactory, would alternate solutions that require
apps to meet halfway (hidden config option in TS triggered by a specific
intent from another app?) be worth investigating?

As a plus, this code is going to be ripped out in <6 months anyway so
there's nothing to support after that.

Thoughts?
Moxie Marlinspike
2015-04-18 16:58:07 UTC
Permalink
Hey Carey, if other apps don't want TextSecure to interfere with
messages, then they should just use a different wire prefix. Using the
same wire prefix has the potential to cause all sorts of confusion, this
being only one instance.

- moxie
Post by Carey Metcalfe
Would it be possible to allow TextSecure and other apps that implement
the TextSecure encryption protocol over SMS to coexist on the same
device if it didn't impact the TextSecure users?
https://github.com/pR0Ps/TextSecure/commit/2e5bbea9c1fdfa00039ee8ee246cf55dff341c89
This is a different way of accomplishing the same goal as the
https://github.com/WhisperSystems/TextSecure/pull/2817
TextSecure will still show warnings for encrypted messages, except when
it's not configured as the default SMS application **and** it detects
that another app capable of receiving encrypted messages is installed.
This improves the experience for users who've installed an alternate
application (which will intercept the SMS instead), while still letting
users who are only using TextSecure see the message and encourage their
contacts to upgrade to the push service.
The proposed implementation is just using the package manager and
hardcoded application IDs to do the detection. Seems like the simplest
option with the least code, if a bit of a hack.
If this method isn't satisfactory, would alternate solutions that
require apps to meet halfway (hidden config option in TS triggered by a
specific intent from another app?) be worth investigating?
As a plus, this code is going to be ripped out in <6 months anyway so
there's nothing to support after that.
Thoughts?
--
http://www.thoughtcrime.org
Loading...