Encrypted texting with three features.

1) About as simple as good encryption can get
2) Piss off the NSA
3) Piss off the NSA

Maybe it's been compromised... kinda like the OS you're using. Choose your battles wisely and give these cats a buck.


App Store - Threema (https://itunes.apple.com/de/app/threema/id578665578?l=en)

I like reasons 2 and 3 a lot. Way back when, PGP rocked and I did a lot of my emailing with it - everything was encrypted as a matter of course, whether I felt it needed protection or not. This is the DoD strategy, by the way; everything gets encrypted at some level, whether it's classified or not. It multiplies the potential eavesdropper's workload by the number of circuits and by the volume of traffic (essentially raising the workload exponentially). With even fair encryption, that's a big wall to try to nibble through, just to see who's arranging a tryst with whom.

Privacy advocates have long called for the encryption of even the most inconsequential data, otherwise using encryption is call for suspicion.

Frankly though, PGP is a pain in the ass, especially for a muggle. Smartphones have given us a few advantages however, which Threema capitalizes on.

The first is tiny, randomly tracing on your touchscreen to generate entropy for your key. The second is far more important, it uses QR codes for key dissemination, so it's a brilliantly low friction way to do a face-to-face public key transfer.

I really think QR codes are becoming the security "killer app".

I'll agree that PGP (and GPG) is a pain nowadays. Back then, it integrated seamlessly into my (Windows) mail app, and I just had to enter my passphrase to sign and encrypt my mail. But current implementations are clunky and hard to manage at the user level.

The use of QR to distribute keys is brilliant. Put one on your "personal" business card, and whip it out when you need to give someone your key. Simplicity in action.

Now that you mention it, that's another angle to smartphones simplifying the process.

Threema doesn't require any passwords to encrypt a text. It's assumed if you're using a PGP texting app you already know to passcode lock your phone, and they feel that's enough. I'm in general agreement.

If you export your private key, that's encrypted.