Whisper Systems

TextSecure is now Open Source!

Tues, 30 Dec 2011 11:30 PDT

We're excited to announce the open source release of TextSecure, our secure text messaging client for Android, which Twitter acquired when we joined their team last month.

We've always been interested in the ability for individuals and organizations to communicate freely and securely. In the year and a half since Whisper Systems launched TextSecure, we've received an enormous amount of thanks, feedback, and encouraging stories from users who have employed TextSecure towards those ends. We hope that as an open source project, TextSecure will be able to reach even more people, with an even larger number of contributors working to make it a great product.

Those interested in the source can find it over on GitHub. There is also a mailing list for those who have questions, suggestions, or wish to get involved.

Whisper Systems Has Been Acquired By Twitter!

Mon, 28 Nov 2011 08:30 PDT

We're moving:

We started Whisper Systems with the goal of improving security and privacy for mobile devices. We were attracted to this not only because we saw it as an opportunity to reinvent the security solutions that never really worked in the PC environment to begin with, but also because the stakes are much higher — due to the nature of mobile devices themselves — and we didn't like the way that things were looking.

We ended up tackling the full stack — all the way from application-level solutions at the top of the stack, down through a hardended version of Android, to kernel modifications at the bottom of the stack. Along the way we learned a lot, and developed products that we're proud of.

Now that we have been acquired by Twitter, we're looking forward to integrating our technology and our expertise into Twitter's products and services.

The Transition:

The Whisper Systems software as our users know it will live on (and we have some surprises in store that we're excited about), but there is unfortunately a transition period where we will have to temporarily take our products and services offline. RedPhone service will be interrupted immediately, but FlashBack users have a month to pull off any backup data they would like before that service also goes offline.

Enormous Thanks:

Thanks to everyone who beta tested our software, sent us encouraging emails, filed thoughtful bug reports, and in general kept us going with your enthusiasm and support. We couldn't have done it without you, and we hope that we can continue to meet your expectations for software that helps provide security and privacy.

FlashBack 0.3

Mon, 03 Oct 2011 12:41 PDT

Today we've released FlashBack 0.3, which adds support for statistics on the logical/phsyical storage space each device and individual snapshot is using.

The new release is available in Android Market.

FlashBack 0.2

Wed, 21 Sep 2011 10:00 PDT

Today we've released FlashBack 0.2, which includes the ability to change your encryption passphrase, change your account passphrase, rename devices, delete devices, delete all snapshots for a device, and delete your FlashBack account.

The new release is available in Android Market.

WhisperCore 0.5.5

Fri, 09 Sep 2011 10:00 PDT

Last week, Whisper Systems responded to the DigiNotar CA compromise by removing the DigiNotar root from the WhisperCore CA trust database, effectively revoking trust in DigiNotar.

This week, a report was released by the Dutch government, which indicates that the scope of the breach is worse than we originally anticipated. In addition to the compromised DigiNotar root, it appears that DigiNotar had a number of intermediate CA certificates which were also compromised. These intermediates (signed by "Staadt der Nederlanden," Entrust, and CyberTrust) could potentially have been used to sign some unknown number of forged SSL site certificates.

Intermediate CA certificates are not as straightforward to untrust. We can't simply remove them from a database, because they aren't in any databases. Instead, they chain back to roots which are good otherwise. Firefox and Chrome have addressed this by baking these certificates directly into their browser binaries and explicitly making checks against them when setting up SSL connections.

On your Android phone, however, there are many different apps that make SSL connections — all of which would have to bake these explicit certificate checks into their SSL setup logic. At Whisper Systems, we don't want to wait for app developers to make these changes, and they shouldn't have to. So we've extended the Android framework to do it automatically.

Now on WhisperCore, in addition to the trusted cacerts.bks store, we've created an additional untrusted.bks store, which contains certificates that are to be explicitly considered compromised, and which is currently populated with the DigiNotar intermediate certificates. If any application on the device initiates an SSL connection and receives a certificate chain with a certificate from the untrusted.bks store anywhere in it (root, intermediate, or leaf), that SSL connection will be marked as invalid.

We believe that WhisperCore currently represents the only Android SSL experience that fully protects users from the DigiNotar compromise. Stock Android devices have not been updated at all, but even advanced users who have rooted their phones to modify the cacerts.bks file on non-WhisperCore devices are still not protected from these bad DigiNotar intermediate CA certs.

As usual, WhisperCore users can quickly upgrade by using the "WhisperCore Updater" app.

WhisperCore 0.5.4

Tue, 30 Aug 2011 15:52 PDT

In response to the DigiNotar CA compromise, we've released WhisperCore 0.5.4, which removes the DigiNotar Root CA certificate from the trust store.

As usual, WhisperCore users can quickly upgrade by using the "WhisperCore Updater" app.

WhisperCore 0.5.3

Mon, 29 Aug 2011 09:32 PDT

We released WhisperCore 0.5.3 today, which features an upgrade to Android 2.3.5, along with some bug fixes and stability improvements.

As usual, WhisperCore users can upgrade by using the "WhisperCore Updater" app.

WhisperCore 0.5.2

Wed, 27 Jun 2011 21:32 PDT

We rolled out a few bug fixes over the weekend as WhisperCore 0.5.2. This addresses an issue some people were seeing with MMS messages, as well as a problem with APN configuration that was causing some users to lose their 3G data connections.

If you installed WhisperCore 0.5 and are having problems with 3G data, after upgrading to WhisperCore 0.2, open Settings -> Wireless And Networks -> Mobile Networks -> Access Point Names. There, click Menu -> Reset to default. This should resolve your issues.

As usual, WhisperCore users can upgrade by using the "WhisperCore Updater" app.

WhisperCore 0.5 and Selective Permissions

Wed, 22 Jun 2011 11:12 PDT

Today we've released WhisperCore 0.5, which features the ability to selectively revoke permissions an app has requested. We think this is an exciting development that will continue to give users and administrators more control over the security of their data.

WhisperCore Platform SDK

Tue, 7 Jun 2011 12:00 PDT

Today we released the WhisperCore Platform SDK, which provides developers with access to capabilities specific to the WhisperCore platform. While this initial SDK focuses on provider access to iptables settings, we will continue to make more WhisperCore features available to developers over time.

Smudge Attack Prevention Details

Wed, 1 Jun 2011 11:85:00 PDT

WhisperCore 0.4 includes smudge resistant screen unlock patterns, part of our efforts to help provide data security for Android devices

WhisperCore 0.4 and Flashback

Wed, 1 Jun 2011 07:00:00 PDT

We released WhisperCore 0.4 today, which includes Flashback, a new product that provides secure snapshot-based backups for your device. We're pretty excited about it, so check it out!

You can download WhisperCore here, or existing WhisperCore users can click "Check for updates" in the updater tool.

Additionally, this version of WhisperCore includes:

New anti-greasetrail screen unlock patterns (we'll post more about this soon).
An upgrade to Android 2.3.4.
Upgraded 2.6.35 kernel support.

RedPhone 0.4.3 and International Support

Tues, 15 Mar 2011 18:59:00 PDT

RedPhone 0.4.3 is now available in Android Market. This release, at long last, supports international calling. In addition to our existing international support in Egypt, we're also rolling out support for Canada and Spain today. Users in those countries can now download RedPhone from Android Market, and if everything goes well, we'll continue adding support for more countries throughout the week.

WhisperCore 0.1 Released

Tues, 15 Mar 2011 11:00:00 PDT

We've released WhisperCore 0.1. Device and data security for Android, and the first iteration of a platform-level security project.

TextSecure 0.5.6 Released

Mon, 03 Mar 2011 17:39:00 PDT

TextSecure 0.5.6 addresses two bugs.

We've fixed a bug that was causing session fingerprints not to match in some scenarios.
Fixed a bug that was causing TextSecure to crash in some cases where one party in a secure session did not have an identity key.

RedPhone 0.4 Released

Mon, 03 Mar 2011 17:39:00 PDT

RedPhone 0.4.1 is a maintenance release.

We've fixed a bug that was intermittently causing a deadlock on initiating connections.
We've introduced some new latency peak detection heuristics to help with call quality.

RedPhone 0.4 Released

Mon, 07 Feb 2011 17:50:00 PDT

RedPhone 0.4 introduces several new features and improvements:

We've added audio alerts that play during call setup to indicate progress towards a completed call. These sounds correspond to the alert messages already displayed on-screen, but allow you to keep the phone to your ear while the call connects.
We've improved handling of periodic brief network data droupouts that occur on some networks, which should make these interruptions as unintrusive as possible.
For those of you who wish to experiment with alternate signaling methods, we've added an option, which you can select in the main options menu, to use Google's C2DM ("push") service as a replacement for the standard SMS signalling mechanism.

Note, however, that while C2DM can sometimes be faster than SMS, in the case when your phone has been asleep for a while, it can take much longer to complete a connection than with the SMS based signalling.
Finally, we've made two improvements to the dialing process. First, when you make a regular call, we present the option to upgrade that call to RedPhone — but only if the person you're calling also has RedPhone installed on their device.

Second, we've improved the look and feel of our dialer, making it easier to find contacts quickly.

TextSecure 0.5.5 Released

Wed, 12 Jan 2011 14:18:00 PDT

TextSecure 0.5.5 is now available in Android Market. This release primarily improves the key exchange process, which no longer requires any user interaction once a key exchange has been initiated. It also includes a number of small bug fixes.

TextSecure 0.5.4 Released

Wed, 05 Jan 2010 18:43:00 PDT

TextSecure 0.5.4 is now available in Android Market. This release fixes an issue with Sprint Visual Voicemail on Sprint phones. Visual voicemail should now work with TextSecure installed.

RedPhone 0.3 released

Tues, 30 Nov 2010 15:24:00 PDT

RedPhone 0.3 is now available in Android Market. This release focuses on improvements to call audio quality. It features a complete re-write of the jitter buffer and packet loss concealment code to better handle the burst-mode characteristics of 3G networks when signal strength drops. New options, available from the settings menu, allow users to force a 'minimum latency' mode, which will degrade audio quality while improving latency, and a 'single thread' mode, which improves performance on some phones. We recommend disabling these options unless you encounter difficulties.

When starting a new call, RedPhone may take a few seconds to adjust its internal settings to the characteristics of your network connection - if audio quality does not improve within 5-10 seconds, try moving to an area with better reception or using WiFi. Users should also note that due to asymmetric broadcast power when using 3G, downlink audio can sound fine, while uplink audio is noticeably choppy. If this situation occurs, it indicates that your device is unable to send packets to the cellular tower reliably. The problem can be resolved by moving to an area with better reception.

TextSecure 0.5.2 released

Mon, 22 Nov 2010 22:11:00 PDT

TextSecure 0.5.2 is now available in Android Market. Changes:

When composing a new message, you can now select recipients by a multi-select list of contacts, a multi-select list of contact groups, and a multi-select list of recent incoming/ougoing calls.
The identity key options have been moved from the main menu into the settings.
Added message "forward" and "cleartext send" options.
Added batch mode operations for the thread list.

RedPhone 0.2 released

Thu, 21 Oct 2010 15:53:00 PDT

RedPhone 0.2 is now available in Android Market. Changes:

Audio Quality : Users should experience significant audio quality improvements, particularly on mobile 3G networks.
Reduced Echo : Some devices will experience reduced echo.
Device Support : RedPhone should now be compatible with more devices, particularly some Samsung models which have been troublesome in the past.
Dialer Integration : You can now use the normal dialer in order to make calls.

TextSecure 0.5 released

Thu, 21 Oct 2010 14:53:00 PDT

TextSecure 0.5 is now available in Android Market. Changes:

Identity Keys : TextSecure now supports the concept of an "identity key." These are keys that are only used for signing, but never used for encrypting. The key exchanges at the beginning of a session can be signed with these identity keys, allowing you to verify an identity fingerprint once and automatically trust all subsequent session initiations signed by the same key afterwards. This can be very useful if you're changing SIM cards frequently, or otherwise tearing down and re-initiating sessions on a regular basis.
Advanced Passphrase Caching And Management : TextSecure is now much smarter about caching your passphrase, such that it will no longer be randomly knocked out of memory when using other applications. Additionally, you can now explicitly define a timeout for how long you would like your passphrase to stay cached while you're not using TextSecure. If you thought you had to enter your passphrase too often before, this release is for you. If you thought you didn't have to enter your passphrase often enough before, this release is also for you.
QR Code Validation : TextSecure now supports using visual QR codes for validating session and identity keys. If you do a key exchange with someone who's physically present, you can simply scan each-other's screens in order to validate the session or their identity key.
Thread Search : TextSecure now supports searching for a thread in the main thread-list screen. Simply select "search" under the menu options, or if you have a phone with a hard keyboard, simply start typing while in the main thread-list view.
Identity Selection : TextSecure now allows you to explicitly select a contact from the contacts list which represents your "identity." It will use this photo from this contact as the photo to display in conversation threads, and you can export your identity key to be stored in this contact and shared out via other mechanisms.
Bug Fixes : You can now copy the text from MMS messages to the clipboard, contact selection from the compose view on Android 2.x devices works more reliably, and clicking "Send" from the soft keyboard on a device in landscape mode now actually sends.
Speedups : TextSecure has been optimized to be a little zippier than before on slower devices.

TextSecure 0.4.3 released

Thu, 23 Sep 2010 13:27:00 PDT

TextSecure 0.4.3 is now available in Android Market. Changes:

Always Locally Encrypt : Previous versions of TextSecure wouldn't locally encrypt received messages if the passphrase wasn't in memory. This change always locally encrypts messages, even if the passphrase has fallen out of memory.
MMS Bug Fixes : Fixes for assorted bugs including: crashing on receiving MMS messages without a "from" field, crashing on receiving MMS messages with an empty "part", and crashing on receiving MMS with certain types of audio.

TextSecure 0.4 released

Mon, 06 Sep 2010 11:54:00 PDT

TextSecure 0.4 is now available in Android Market. This release fixes a bug where disabling MMS support was not effective, adds support for (optional) contact photo icons in the thread list and conversation views, fixes a bug where contact names were not correctly resolving on some phones, adds support for import/export of messages/keys/preferences, and adds support for saving MMS media to the gallery of the device.

TextSecure 0.3.3 released

Wed, 21 Jul 2010 11:28:00 EST

TextSecure 0.3.3 is now available in Android Market. This release fixes a bug where TextSecure would not intercept key exchange messages when it wasn't in "use for all SMS messages" mode. It also adds support for light/dark themes, as well as the ability to customize the notification LED blink color and pattern.

TextSecure 0.3.2 released

Sun, 18 Jul 2010 17:24:00 EST

A minor release of TextSecure 0.3.2 is now available in Android Market. This release fixes some bugs with MMS support, as well as a bug that occasionally prevented you from returning to the thread list.

TextSecure 0.3 released

Tue, 31 May 2010 13:12:00 EST

TextSecure 0.3 is now out. This release incorporates a number of features that people have been asking for. The big changes are:

MMS Support : TextSecure now supports MMS messages on Android 2.0+ platforms, and allows them to fall through to the system's default Messaging application on Android 1.6.
Encrypted MMS Support : TextSecure users can now also exchange encrypted MMS messages. These are encrypted with the normal OTR-dervied protocol that TextSecure uses for all SMS traffic, providing both secrecy as well as forward security.
Separate Database Support : TextSecure now stores all its messages in a database that is separate from the system's default Messaging application. On install, TextSecure gives you the option of importing all your messages from the system database into the TextSecure database. Additionally, you can configure TextSecure to handle all SMS/MMS messages, all SMS messages, or just encrypted SMS/MMS messages. So while we recommend using TextSecure for everything, if you'd like to use the system's default Messaging application for all of your normal SMS/MMS traffic and only use TextSecure for encrypted traffic, that option is now available.

Thanks to everyone who has continued submitting bug reports, suggestions, and comments. Please keep the feedback coming.

TextSecure 0.2 released

Tue, 31 May 2010 13:12:00 EST

We've released TextSecure 0.2, which includes a number of bug fixes and enhancements. Most notably, the 0.2 release fixes the Verizon problems with both out-of-order timestamps and multipart (long) encrypted messages. Based on user feedback, we've also improved the notification system to be less annoying, added the long-click features that you're used to with the stock messaging app, fixed some international number issues, and added an option to change your local encryption passphrase. We've also made some changes that should allow the decrypt process to be quicker and more reliable. Thanks to everyone who has submitted comments, suggestions, and reports on TextSecure thus far. They really help as we try to get this stable and production ready.

RedPhone updated to fix Droid and GoogleVoice problems

Tue, 26 May 2010 21:29:00 EST

We've gotten a lot of good feedback on RedPhone and TextSecure so far. The biggest problems we've had have been with Motorola Droid and GoogleVoice compatibility. Users with a Droid phone have not been able to receive calls, and users with GoogleVoice setup to relay their text messages have not been able to register or receive calls. We've released RedPhone version 0.1.2 to the Android Market which should fix these problems. Droid compatibility with TextSecure multipart text messages remains a problem that we will be fixing soon.

Announcing the public beta

Tue, 25 May 2010 15:00:00 EST

Today we are opening the Whisper Systems mobile security suite up for a public beta. Please download RedPhone and TextSecure, try them out, and let us know how they work.