worth mentioning that SMS messages are plaintext as they traverse the carrier network. They are also logged by seemingly any equipment that they traverse. Also when they aren’t delivered immediately, they wait in a queue on the network waiting for the receiving device to “phone home” (pun intended 😎).
The caveat here is often times the plaintext message is in an encrypted tunnel (physical wireless layer, and data tunnels in carrier EPC) but once it exits, SMSs are nakey
bastion@feddit.nl 11 months ago
There used to be: Signal.
With Signal as your default messaging app, you could just tell people to switch to Signal and use one app. If both parties had Signal, secure messaging was used automatically.
Friends and family slowly started using Signal, because it’s just a nice messaging app, plus it’s potentially more secure.
Then Signal decided to tank SMS. …and slowly, friends and family started leaving Signal, and now it’s just us security-conscious folks again.
varsock@programming.dev 11 months ago
I echo this.
For the non-tech savy, having one messaging app (Signal/SMS) was excellent because a user can send a message to a contact and it would automatically use signal if the recipient was also using it and use SMS when the recipient wasn’t.
Now I get SMSs and have to gently remind the contact (or just reply in signal)
bastion@feddit.nl 11 months ago
Yep. Sad day for security.
Thorned_Rose@kbin.social 11 months ago
I still have Silence installed on my phone because of that. It's not being maintained any more though so it's only a matter of time before Silence stops working or has some security vulnerability (if it's doesn't already.
I still feel really disappointed that Signal (and the apologists) don't seem to understand that for many countries SMS is still the go to.
bastion@feddit.nl 11 months ago
Thanks for pointing out silence. I didn’t know about it.