From 57e175da5d96109498ae0c3a252777237e5e3d07 Mon Sep 17 00:00:00 2001 From: Freddy Martinez Date: Sat, 28 Nov 2015 15:22:00 -0600 Subject: [PATCH] redid article since TS changed names to Signal --- src/chapter_04_secure_calls_and_sms/00_secure_calls.md | 6 +++--- .../01_secure_messaging_and_chat.md | 10 ++++++++-- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/src/chapter_04_secure_calls_and_sms/00_secure_calls.md b/src/chapter_04_secure_calls_and_sms/00_secure_calls.md index fc24a03..5926b95 100644 --- a/src/chapter_04_secure_calls_and_sms/00_secure_calls.md +++ b/src/chapter_04_secure_calls_and_sms/00_secure_calls.md @@ -8,10 +8,10 @@ However, there are a variety of tools you can use to secure your phone using end iOS - Installing Signal --------------------------- -From the makers of TextSecure is a free and open source tool named Signal. [https://itunes.apple.com/us/app/signal-private-messenger/id874139669?mt=8](https://itunes.apple.com/us/app/signal-private-messenger/id874139669?mt=8) Signal uses similar same encryption methods as SilentCircle but provides their service with free and using open source tools. Additionally, the GUI is extremely easy to use. Signal will transparently detect if you are calling a fellow Signal user and ask if you wish to make a "secure call" (with Signal) or "insecure call" (without end-to-end encryption). +From the group at OpenWhisper Systems is a free and open source tool named Signal. [https://itunes.apple.com/us/app/signal-private-messenger/id874139669?mt=8](https://itunes.apple.com/us/app/signal-private-messenger/id874139669?mt=8) Signal uses similar same encryption methods as SilentCircle but provides their service with free and using open source tools. Additionally, the GUI is extremely easy to use as it is built to look very similar to iMessage. -Android - Installing RedPhone +Android - Installing Signal --------------------------- -Also from the makers of Signal, there is a free and open source tool named Redphone. [https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone&hl=en](https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone&hl=en) Again, RedPhone uses the similar encryption methods as SilentCircle but provides their service with free and using open source tools. Again, the GUI will transparently detect if you are calling a fellow Signal or RedPhone user and ask if you wish to make a "secure call" (with RedPhone) or "insecure call" (without end-to-end encryption). Unfortunately, RedPhone requires the Google Play framework so it will not work on phones without it (stock Cyanogenmod or similar ROMs). +For Android devices, there was an application called RedPhone created by OpenWhisperSystems. However the application has been merged into an app called (Signal)[https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en] You can still download RedPhone on (Google Play)[https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone&hl=en](https://play.google.com/store/apps/details?id=org.thoughtcrime.redphone&hl=en). Using Signal, the application will detect if you are calling a fellow Signal or RedPhone user and ask if you wish to make a "secure call" (encrypted) or "insecure call" (without end-to-end encryption). Unfortunately, Signal requires the Google Play framework so it will not work on phones without it (stock Cyanogenmod or similar ROMs). diff --git a/src/chapter_04_secure_calls_and_sms/01_secure_messaging_and_chat.md b/src/chapter_04_secure_calls_and_sms/01_secure_messaging_and_chat.md index 84fc227..6496208 100644 --- a/src/chapter_04_secure_calls_and_sms/01_secure_messaging_and_chat.md +++ b/src/chapter_04_secure_calls_and_sms/01_secure_messaging_and_chat.md @@ -3,7 +3,13 @@ Secure Messaging SMS are short messages sent between mobile phones. The text is sent without encryption and can be read and stored by mobile phone providers and other parties with access to the network infrastructure to which you're connected. To protect your messages from interception you need to use end-to-end encryption on your text messages. -Android - Installing TextSecure +Android - Installing Signal --------------------------- -TextSecure is a messaging client that allows you to send encrypted text messages and push messages. It provides end-to-end encryption using a modified version of OTR-like library called the an axolotl ratchet. This help provide both asynchronous messaging and group messaging. Supporting both SMS and MMS messaging, TextSecure is a drop in replacement for your stock messaging application on Android. TextSecure also stores all of your messages in an encrypted database. Furthermore, TextSecure will transparently use end-to-end encryption for any other TextSecure user, without need to share keys before hand (although you should verify public keys as much as possible). Again, TextSecure requires the use of the Google Play framework. +To encrypt messages sent to others, you can use Signal for Android. (Previously it was named TextSecure). It provides end-to-end encryption with support for group messaging, emojis, and even support for unencrypted messaging. Supporting both SMS and MMS messaging, Signal is a drop in replacement for your stock messaging application on Android. Signal can also stores all of your messages in an encrypted database. Furthermore, Signal will transparently use end-to-end encryption for any other Signal user, without need to share keys before hand (although you should verify public keys as much as possible). Again, Signal requires the use of the Google Play framework. + +iOS - Signal +--------------------------- + + +To encrypt sages sent to others, you can use Signal for iOS devices that use iOS 8 and higher as the operating system. Signal provides end-to-end encryption with an easy to use interface (it was designed to resemble iMessage). Unlike Androdi, Signal does not stores your messages in seperate encrypted database, although your iPhone should use full disk encryption by default. Furthermore, Signal will transparently use end-to-end encryption for any other Signal user, without need to share keys before hand (although you should verify public keys as much as possible).