Ask / Submit
186

Sailfish RedPhone and TextSecure apps

asked 2014-01-07 13:23:25 +0200

meneer gravatar image

updated 2014-11-20 11:47:20 +0200

Nokius gravatar image

On Jolla the Android Redphone apk can't verify the received sms code message, and manual verification code entry doesn't work, so I can't install the secure phone app. I would love to see the app Sailfished...

The RedPhone source code is available at https://github.com/WhisperSystems/RedPhone The TextSecure source code is available at https://github.com/WhisperSystems/TextSecure/

edit retag flag offensive close delete

Comments

38

Integration of the TextSecure V2 protocol into the OS like in CyanogenMod would be even better. https://whispersystems.org/blog/cyanogen-integration/

rrunner64 ( 2014-02-21 17:03:16 +0200 )edit
4

especially now, as many are seeking WhatsApp alternatives and TextSecure has been released with IP based messaging support! https://whispersystems.org/blog/the-new-textsecure/ Clients for iOS and Desktop are in the making. In addition to synchronous instant messages with XMPP (and hopefully soon OTR), TextSecure support would make a good counterpart for asynchronous messages (SMS- and IP-based). Integrated into the unified messaging of SailfishOS would be ideal. The only problem I see is to find an adaequate replacement for Google's push service (GCM).

tad ( 2014-02-25 00:33:15 +0200 )edit
3

It is actually possible to get TextSecure to run by using the voice call verification method.

That said, it is not possible to access Jolla's address book, nor does it seem possible to add contact. Anyone know a way to do that?

rafaelino ( 2014-02-25 01:17:10 +0200 )edit
1

On Cyanogenmod ( http://www.cyanogenmod.org/blog/whisperpush-secure-messaging-integration) textsecure is combined with the whisperpush protocol see github: https://github.com/WhisperSystems/TextSecure-Server/wiki/API-Protocol

meneer ( 2014-02-25 09:53:44 +0200 )edit
12

I became interested into TextSecure, until i found this piece from F-Droid: »The latest version of the application is 0.6.2, and the security flaw has now been fixed. However, the author has not published any source code corresponding to the binary he released of this version, and far from wishing to help anyone stuck with his previous disastrous mistake, he actually asked for the application to be removed from our repository as he wants to distribute it via Google Play only.« Kills trust in it.

Blizzz ( 2014-02-25 12:08:37 +0200 )edit

11 Answers

Sort by » oldest newest most voted
30

answered 2014-11-12 12:01:08 +0200

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2014-11-20 14:13:15 +0200

martind gravatar image

Maybe we could collect money and give it to the one who first publishes a native TextSecure app for Sailfish OS with all functions which has the android app. And the app has to be open source, of course. So crowdfunding the other way round.

What do you think? It is possible?

I would, lets say, give 20 €. What would you give?

Is there anyone who would start such a project?

edit flag offensive delete publish link more

Comments

1

Count me in for another 50€.

eson ( 2014-11-12 12:37:03 +0200 )edit

me too with another 50€

tad ( 2014-11-12 15:23:55 +0200 )edit
5

I would also be willing to pay for a native secure messaging app, Sailfish definitely needs one.

mvdheijd ( 2014-11-13 12:01:57 +0200 )edit

we need the way to pay in Sailfish store... i mean now! Or Sailfish is going to be ignored from some devs. I think Donate button would be very nice :) (Unlike), but maybe it could be something more a businesslike.

Makeclick ( 2014-11-19 06:22:30 +0200 )edit
1

I would pay $20 too... Crowdfunding is an option, we just need devs...

meneer ( 2014-11-19 15:30:28 +0200 )edit
13

answered 2015-02-12 14:25:32 +0200

piratenpanda gravatar image

updated 2015-02-12 14:26:00 +0200

coderus is currently porting libaxolotl and libaxolotl-curve to Sailfish. You can see this here: https://www.indiegogo.com/projects/sailfishos-individual-developer-support/x/1060429#home

Code can be found here: https://github.com/CODeRUS/libaxolotl https://github.com/CODeRUS/libaxolotl-curve

Unfortunately he doesn't plan a TS app. So anyone wanting to start a Sailfish TextSecure app that's a good starting point I guess :)

edit flag offensive delete publish link more
11

answered 2014-11-06 13:31:54 +0200

meneer gravatar image

There are plenty more secure text messaging apps, a lot of them open source. Here's a great overview by eff.org: https://www.eff.org/secure-messaging-scorecard

edit flag offensive delete publish link more

Comments

10

If we had one native client for one system which has all 7 green marks than everything would be fine. So why not take TextSecure (wich has 7 green marks?)

martind ( 2014-11-06 17:12:18 +0200 )edit
2

@martind: I totally agree with you, but in my opinion the native is very important, I use threema and I'm not so happy with it

piwostar ( 2014-11-06 17:39:57 +0200 )edit
1

There's native and native (app vs. system). A native app is still not that useful. Also, it's not only about 7 green marks; if you don't know anyone else using the protocol it's not much use.

mornfall ( 2014-11-06 21:41:46 +0200 )edit
3

@monfall: I don't understand your "native" statement. However, at the moment we don't have any working messenger, dispite of SMS and XMPP (with all the things that don't work like: group chat, audio/video, OTR...). I think I would get my android using friends to use any good (maybe TextSexure) messenger. That's why I think it is important to have one good working native client for one service (in the best case with encryption) which is already available on android an ios.

martind ( 2014-11-07 09:45:09 +0200 )edit
9

answered 2015-07-23 03:33:06 +0200

jollcob gravatar image

updated 2015-08-04 00:23:57 +0200

Edit1: Google free fork of TextSecure works fine on Jolla! Check out the comments below for more. Keep in mind that this is no offical build from Open WhisperSystems.


Edit2: Now @ Harbour

Big thanks to leszek and rrunner64!!


Maybe this TextSecure issue is something for the "Which feature do you want next" wiki. I placed a corresponding question there...

To those of you who use the Android version: What is the minimal google contamination level, that makes it possible to use TextSecure? Meaning, do I need a google account and gapps or is it sufficient to get google services running? To build the apk for TextSecure from the source at https://whispersystems.org/ is pretty straightforward. So I think one would only really need the push service from google.

Untill now didn't get Textsecure operational. com.google.android.gms-(3.1.36).apk I can install and it seems to work but is to old for TextSecure. If I update via apptoid or download a recent version I can install it but it crashes instantainiously. Nevertheless TS starts and works up to the key generation step, then it crashes. My guess is this is due to the crashing google services. Installing the google store following the description here at TJC seems to work but the store also crashes before it really starts.

Does someone have a hint what is wrong here? Is there a known problem with 1.1.6.27?

Thanks a lot!


Edit3: Big thanks also to the developers of the Google free TextSecure version! Please take a look at JavaJens repo and support the great work there!

Last but not least thanks to open whispersystems who developed the original app. If we ask nicely and give it some time they may help to make this Sailfish native... Feel free to encourage them ;)

edit flag offensive delete publish link more

Comments

I build textsecure already without google services (JavaJens version). It works fine BUT I cannot receive texts. I can send them encrypted and they arrive but I don't get the answers. Nothing nada arrives on my client when someone sends something.

leszek ( 2015-07-23 17:26:17 +0200 )edit

@leszek What build options did you chose? I followed this guide and selected build type "websockets" and flavor "prod" in Android Studio. I can send and receive messages. My Jolla even receives messages when the UI is closed (and does notify me thanks to coderus "Android notifications").

rrunner64 ( 2015-07-30 18:41:39 +0200 )edit

@rrunner64 Thanks I will try the guide. I did not compiled the modified libtextsecure-java which ends up not being able to see contacts which have a textsecure account but not using my self build apk. I will keep you updated. Also maybe it might be useful to others to share that apk of textsecure that works on Jolla somehow :)

leszek ( 2015-07-30 18:49:05 +0200 )edit

You are right, I can not see my TextSecure contacts. To start a new conversation I need to enter the phone number of the contact. It’s nasty but it works.

rrunner64 ( 2015-07-30 19:32:27 +0200 )edit

Hmm... but when entering the phone number do you send messages via the server or as sms ?

leszek ( 2015-07-30 20:52:00 +0200 )edit
5

answered 2015-05-11 09:21:06 +0200

meneer gravatar image

It looks like something like RedPhone is coming to Jolla. I just saw these announcements:

https://twitter.com/PasiPatama/status/597084212550828032

https://twitter.com/PasiPatama/status/597454406385344512

And it look like it's coming soon

https://twitter.com/PasiPatama/status/597622948938252288

"Mysteriously High Tides.."

edit flag offensive delete publish link more

Comments

1

iOS and droids are not in scope. Any security platform should have no exfill capability. Right now Desktop Linux & RPi, ARM & Jolla are in scope. (https://twitter.com/PasiPatama/status/597647843055243264)

meneer ( 2015-05-11 09:39:05 +0200 )edit

unfortunately I don't think its going to be harbor worthy. But a few of us were helping them get a proof of concept working over the weekend.

r0kk3rz ( 2015-05-11 10:47:40 +0200 )edit

Any ideas on the protocol used? IMO there's a lot less value in this if it's not Redphone-compatible, because all the world does not use Sailfish yet.

mjtorn ( 2015-05-11 12:51:32 +0200 )edit
2

It looks like there's been some real progress: https://twitter.com/PasiPatama/status/602535672021385216

meneer ( 2015-05-25 20:30:33 +0200 )edit
3

answered 2014-08-18 22:53:32 +0200

berniyh gravatar image

There is an upstream issue about this: https://github.com/WhisperSystems/TextSecure/issues/1127

Unfortunately, it was closed, but at least there seems to be some interest in porting it to Sailfish, reading the comments in that issue and the linked posts.

edit flag offensive delete publish link more
3

answered 2014-11-19 01:43:51 +0200

Neo gravatar image

updated 2014-11-19 01:45:49 +0200

Interesting info: Open Whisper Systems partners with WhatsApp to provide end-to-end encryption

(https://whispersystems.org/blog/whatsapp/).

edit flag offensive delete publish link more
3

answered 2016-01-23 11:16:50 +0200

carepack gravatar image

updated 2016-01-23 11:19:12 +0200

I have the textsecure messenger aka signal installed from the play store. for all which are not able to access the contacts enable in textsecure the sms receiving function in the settings. after contacts are appearing.

hope this helps some of you guys.

have a nice day...

edit flag offensive delete publish link more

Comments

Nice, thanks! I can confirm seeing my contacts there now.

Just tested this, an SMS was caught by Sailfish, so Signal doesn't actually receive any SMSs :)

(I hope it stays that way too, would expressively not want that)

mjtorn ( 2016-01-23 14:19:11 +0200 )edit
2

answered 2014-03-17 23:45:44 +0200

tad gravatar image

not a duplicate but a related question: https://together.jolla.com/question/10751/whisperpush-encrypted-sms/

edit flag offensive delete publish link more
0

answered 2014-11-10 11:33:20 +0200

Neo gravatar image

Maybe also worth considering: ChatSecure. The app exists for Android and iOS (while TextSecure has no iOS app for the moment).

edit flag offensive delete publish link more

Comments

3

ChatSecure isn't a very good app though, Conversations is a far better option, at least on Android. The devs are also constantly working on it (see https://github.com/siacs/Conversations/commits/development). What's more is that it actually looks like an app normal people could use, the design is very well thought out.

However I don't think this question was about XMPP apps.

nthn ( 2014-11-10 12:16:11 +0200 )edit
8

ChatSecure is just a XMPP client, which SailfishOS already has (based on telepathy framework). But what telepathy definitely lacks atm is:

btw: TextSecure function will be integrated into iOS' Signal app "real soon now" according to OpenWhisperSystems

tad ( 2014-11-10 16:30:18 +0200 )edit

@nthn Conversations does not support OTR (http://wiki.xmpp.org/web/OTR).

Neo ( 2014-11-10 17:52:48 +0200 )edit
2

@Neo: sure it does, I use it myself and it works perfectly! Maybe it wasn't available in a very early version, but the version currently on F-Droid supports both OTR and OpenPGP for secure messaging.

nthn ( 2014-11-10 22:55:10 +0200 )edit

@nthn Good to know, thanks for the info. I will try it out. What do you think how would this app be scored in this interesting scoreboard: https://www.eff.org/secure-messaging-scorecard ?

Neo ( 2014-11-11 00:52:01 +0200 )edit
Login/Signup to Answer

Question tools

Follow
45 followers

Stats

Asked: 2014-01-07 13:23:25 +0200

Seen: 9,823 times

Last updated: Jan 23 '16