remove CM added dependency on Gapps, as upstream TextSecure

[viccuad]

Hi, I received an update on my CM yuga to 10.2, and I went to use WhisperPush. I don't have the Play store nor Gapps installed. WhisperPush does not allow me to register as it has a hard dependency on the Play store:

The upstream TextSecure does not have it (TextSecure/issues/560). Also, quoting from a WhisperSystems blog post:

All of the code involved throughout the entire stack [WhisperPush and TextSecure] is fully Open Source.

Sadly that's not the case if there's the need for Gapps.

I would love to be able to use WhisperPush without Gapps nor Play store installed. Please, consider the need of a full trusted OSS stack if you are concerned about privacy.

[moxie0]

FYI, The Play Services Framework is an Android requirement for receiving push messages. There is no alternative "fully trusted" OSS push messaging network, but I would be happy to include support for one in WhisperPush if you create, deploy, and maintain one that scales up to 100MM users for free.

[viccuad]

thanks for the quick response!

As WhisperPush only needs the Play Services Framework for messages sended under the data channel, Is it possible to at least allow the use of WhisperPush without the Play Services Framework for messages sended by SMS/MMS?

[moxie0]

All WhisperPush messages are delivered over the data channel; SMS/MMS is not a supported transport. SMS leaks metadata to telcos, and CM (I think correctly) decided the additional complexity would cause problems.

[viccuad]

So, if I understand it correctly, the messages would go encrypted by the carrier, but the push messages are delivered by the Google Cloud Messaging. The GCM is needed to make the exchange of keys and see who has WhisperPush installed or not.

SMS leaks metadata to telcos

Just as pushing messages on GCM. Even worse, Google is more centralized than a lot of carriers in different countries.

the additional complexity would cause problems.

That's a valid point, though, and a deal breaker.

I understand the design handicaps of the WhisperPush/TextSecure stack. maybe it's not for me.

[moxie0]

The GCM is needed to make the exchange of keys and see who has WhisperPush installed or not.

No, GCM is not used for key exchange or for contact detection.

Just as pushing messages on GCM. Even worse, Google is more centralized than a lot of carriers in different countries.

That's not correct. The push signal metadata is encrypted, so addressing metadata is not leaked to GCM/Google.

You should consider reading the protocol documentation if you have questions about the protocol: https://github.com/WhisperSystems/TextSecure/wiki/ProtocolV2 https://github.com/WhisperSystems/TextSecure-Server/wiki/API-Protocol

[ShootAKite]

viccuad: You cannot achieve a "full trusted OSS stack" by not installing Gapps or Play store because another threat to privacy is the closed source baseband* firmware written by your telecom provider.
A *Also called modem or radio firmware.

[viccuad]

@ShootAKite I'm well aware of that. One can use Replicant without non-free software firmware, and achieve 3G with FOSS firmware on some devices though. Building a full trusted OSS stack needs to be consistent in each level anyway.

@moxie0

No, GCM is not used for key exchange or for contact detection.

Isn't GCM used as a medium to request the contact's next prekey? and receive the 100 firsts prekeys on register?

I may as well have answered all my questions anyway as I see the need of Gapps for WhisperPush/TextSecure to work asynchronously.

[moxie0]

Isn't GCM used as a medium to request the contact's next prekey? and receive the 100 firsts prekeys on register?

It is not. GCM is only used for the final message push.

[viccuad]

It is not. GCM is only used for the final message push.

&

SMS leaks metadata to telcos

Well, then we are leaking metadata to Google and as I said "Even worse, Google is more centralized than a lot of carriers in different countries" . But yep, I see why it is needed. Thanks for taking the trouble of walking me through this.

[moxie0]

Well, then we are leaking metadata to Google and as I said "Even worse, Google is more centralized than a lot of carriers in different countries" .

No, it doesn't. Please read the API docs to understand why.

[viccuad]

maybe I didn't express myself well. With metadata I meant the id of both sender and receiver.

[moxie0]

The id of both the sender and receiver are not visible to GCM. GCM obviously knows what device it is delivering a push message to, but has no idea who sent it.

[mookie-]

Would it be possible to implement the use of http://uniqush.org/ on a user specified server? Perhaps selectable in a "expert" settings menu. I do not know how this push things work, I hope I didn't waste your time with an stupid idea. (Will send some money to your BitHub tracker ;) )

[moellering]

As far as i can see, uniqush only resolves the dependency of the server code on google libraries. It forwards the push message the application server sends to the corresponding cloud used by the user. If however uniqush would support something like openmobster or deacon/meteor a self hosted push server for "power/paranoid users" would be possible. Thus, rewriting the server code to support uniqush would on the one hand allow later integration of self-hosted push servers (after adding the functionality to uniqush - and adding a menu entry for the client) and to expand the text-secure coverage to iOS and Kindle devices without additional server side modifications.

[geileszeuch]

The TextSecure server supports Websockets. If somebody only could help implement a websocket support in the android client, we would have an alternative to Google push messages. So if you know someone who is willing to contribute, please tell him.

[ericfont]

I am willing to contribute to implementing websockets support in the android client, because I don't like the dependency on Google Play Services.

In order to debug this, I suppose the first thing I would need to do is setup my own private TextSecure server to test with. All the external messaging between Cyanogenmod's TextSecure server and outside clients/servers would be handled via GCM, while only the communication between the user's client and the TextSecure server would be handled via websockets. I guess that would require a persistent websocket connection for each cyanogenmod client that is poweredon and has whisper push enabled, and I guess that would require maintaining a connection whenever the client moves to a new wifi or to data. Am I missing something important?