CyanogenMod text messages encryption has arrived, at least to some SMS messages
CyanogenMod has partnered with Open Whisper Systems to encrypt by default text messages sent between CyanogenMod and/or TextSecure users – the team did announce a few months ago that the feature was in the works.
That means SMS applications will offer automatic encryption for messages, but only of those messages are sent and received on devices that include the Open Whisper Systems encryption technology – TextSecure is an app made by the same company.
Initially, CM10.2 will get the feature, which will roll out to almost 700,000 users. After that, the Cyanogen Inc team will include the new feature in all its CyanogenMod versions, so all of its users will get an enhanced text messaging protection against prying eyes.
Interestingly, Open Whisper Systems’ co-founder Moxie Malrinspike believes there may be as many as 30 million CyanogenMod users, with 10 million of them being confirmed to use the custom ROM.
What’s so interesting about the Open Whisper Systems text encryption? The Verge explains that we’re looking at end-to-end encryption, which means only the sender and user will see the contents of the message. Furthermore, the system uses perfect forward secrecy, which means each message has its own keys, which in turn means that if a key is compromised only a message can be unlocked. Finally, the encryption protocol uses an independent algorithm, not the one approved by the National Institute of Standards and Technology, which NSA has worked to weaken.
The encryption will be there no matter what default SMS app the user chooses, as the user won’t even be aware that there’s encryption and decryption activity in the background. A minimal visual feedback will be added to the stock CyanogenMod Messaging app, so users will see when there’s “an expectation of privacy” and when there isn’t.
Speaking of the NSA, in light of all the reports revealing the scope of the Agency’s spying activities, it only makes sense to see more and more companies – including custom Android ROMs developers – try to beef up security in order to guard the privacy of their users.