zerobytes | 4 years ago | on: Grand jury subpoena for Signal user data, Central District of California
If we're talking about pure messaging here and not sending a jpg or other attachment, why not create an app that simply uses plaintext, like a terminal. Generate some 4096 bit keys and make it decentralised. Public keys could be shared among people willing to communicate. Anytime you have a central location where data is parsed, the time stamps and other metadata can be gleaned. The app could even fudge time stamps. I think the future of this is decentralised communications. At the centre of this entire issue is the notion that someone else think they have the right to intercept your communications. I believe a properly-implemted SSH plain text app using big keys would solve this to a point. The app could store all data in a self-encrypted file and self destruct if tampered with. Security is a process, not a product, as Bruce Schneier is famous for saying, so methinks that the process is as important as the product. SSH using massive keys is a proven thing and cracking 4096 bits of AES will not happen in the short or mid term. In fact, most serious cryptographers say the continents will shift before they can break it. Just a thought. I'm not a programmer outside of Bash/sed/awk and other *nix tools, so this isn't something I could develop, but as a decentralised tool, I think it could work if you were willing to use plain text only. The app could have random numbers as a beacon that can be changed at will and only those with that random number can communicate with you and you them. A la Google Authenticator or something similar.