Silk Road forums

Discussion => Security => Topic started by: zookaa on June 21, 2013, 02:44 pm

Title: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: zookaa on June 21, 2013, 02:44 pm
Hey guys,

I'm trying to spread the word: everybody should ditch WhatsApp and use Threema instead
Their website: www.threema.ch

I'm not exactly sure if they use exactly PGP or something similar, but it's public/private key based just like PGP, they don't mention PGP in their FAQ and they say they use an asymetric ECC based encryption instead of RSA. This means everything you send through Threema (text, voice, images, videos) is encrypted on your phone with the public key of you chat partner first and only then sent through the Threema servers to your partner.

Now you can safely message with your friends without the NSA spying on you ;)



Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: BongoMagnifico on September 01, 2013, 03:04 pm
I'm surprised this post has been up so long with no replies. This looks awesome!

I've been using redphone a bit, but the problem is that it's android only. As much as it upsets me, I have to adapt to the fact that a whole lot of people still use iPhones. (and god damn, do I hate iPhones!! xD) So it's good to se a cross-platform alternative. :)

Thanks man!

A +1 for you, my friend!
Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: tree on September 01, 2013, 03:46 pm
TextSecure is an open-source and free alternative. Threema isn't open source so I would trust it less than TextSecure.
Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: Kiwikiikii on September 01, 2013, 08:13 pm
though the threema servers? closed source? no thanks.
Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: BongoMagnifico on September 04, 2013, 10:52 am
Arrgh... but there are sooo many iTards with Apple products that can't run TextSecure. You guys really think Threema is potentially dodgy? I need a way to communicate with my iTard customers.
Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: kittenfluff on September 04, 2013, 12:32 pm
Arrgh... but there are sooo many iTards with Apple products that can't run TextSecure. You guys really think Threema is potentially dodgy? I need a way to communicate with my iTard customers.

You would rather risk your own security, than tell iTards to fuck off and get a non-contract android handset?
Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: tree on September 04, 2013, 03:56 pm
Arrgh... but there are sooo many iTards with Apple products that can't run TextSecure. You guys really think Threema is potentially dodgy? I need a way to communicate with my iTard customers.

Well you can always communicate via OTR chat, I think it's more secure than TextSecure but I'm not totally sure, it offers plausible deniabilty. iTards can get ChatSecure and you can get Gibberbot. Or you could use PGP+email :P
Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: Kiwikiikii on September 04, 2013, 07:19 pm
Arrgh... but there are sooo many iTards with Apple products that can't run TextSecure. You guys really think Threema is potentially dodgy? I need a way to communicate with my iTard customers.

Well you can always communicate via OTR chat, I think it's more secure than TextSecure but I'm not totally sure, it offers plausible deniabilty. iTards can get ChatSecure and you can get Gibberbot. Or you could use PGP+email :P

or tell them to buy a real computer.
Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: BongoMagnifico on September 05, 2013, 02:49 pm
You would rather risk your own security, than tell iTards to fuck off and get a non-contract android handset?
or tell them to buy a real computer.

I tell them all the time, but it's a suggestion that goes over about as well as suggesting Hinduism to Seventh Day Adventists.

Well you can always communicate via OTR chat, I think it's more secure than TextSecure but I'm not totally sure, it offers plausible deniabilty. iTards can get ChatSecure and you can get Gibberbot. Or you could use PGP+email :P

That's the suggestion I was looking for. Will explore. +1 for you. :)

Edit:

PGP over email would be ideal, but I need something simple people can use on their phones without having to learn PGP. I have to account for the lowest common denominator. Unfortunately, we don't live in an intellectually rich society these days.

More edit:

Setting up Gibberbot, I've run into a small issue. The three options for accounts are Jabber, Bonjour and Google. Jabber is not currently accepting registration, Bonjour is an Apple product of some sort (and after some light seraching I'm not immediately clear on how I would use that anyway), and Google is Google, so I'm skeptical about using an NSA-soaked service such as theirs. Suggestions?
Title: Re: Threema, an end-to-end encrypted messaging App (WhatsApp alternative)
Post by: tree on September 05, 2013, 06:57 pm
Well you can always communicate via OTR chat, I think it's more secure than TextSecure but I'm not totally sure, it offers plausible deniabilty. iTards can get ChatSecure and you can get Gibberbot. Or you could use PGP+email :P

That's the suggestion I was looking for. Will explore. +1 for you. :)

Edit:

PGP over email would be ideal, but I need something simple people can use on their phones without having to learn PGP. I have to account for the lowest common denominator. Unfortunately, we don't live in an intellectually rich society these days.

More edit:

Setting up Gibberbot, I've run into a small issue. The three options for accounts are Jabber, Bonjour and Google. Jabber is not currently accepting registration, Bonjour is an Apple product of some sort (and after some light seraching I'm not immediately clear on how I would use that anyway), and Google is Google, so I'm skeptical about using an NSA-soaked service such as theirs. Suggestions?
Thanks for the +1!

Well APG for android is relatively easy and I'm sure the mac alternative is too but well it's definitely not as easy as OTR.. You don't need an @jabber.org address, you can use any XMPP service... Here's a cool one especially if you're talking about drugs : https://lsd-25.ru:5280/register/new  an @lsd-25.ru address is way cooler than @jabber.org IMO :P No but seriously I don't recommend using that if you're talking about drugs. Here's a list of some free ones : http://xmpp.net/ You can also just download jitsi (cool OTR for the computer) and make an @jit.si account using that, so that you can use that account from the computer as well...

And as long as all your chats are OTR encrypted, it doesn't matter that much if you're using it over google or bonjour or something else, just set the encryption to "force/require" so that you don't accidentally get or send unencrypted messages. Other XMPP services probably give out all your info too.