Websocket development stalled?

[xmikos]

Hello, please what is current status of Websocket support in TextSecure? Is your fork dead (there hasn't been any activity for a long time)? Are you planning to continue and merge it into official TextSecure?

Thanks for your answers.

[JavaJens]

I doubt that we can pull of federation. Even if we could get the financial side covered to run expensive things like Twillio and AWS, there still would be the concern of performance. I mean if our server or client doesn't run well, it affects the user experience of the rest of the users as well.

[ghost]

Hi, I just wanted to let you guys know I'm also interested in a Google free Text secure (preferably available on F-droid on their own repository, so moxie can sign it himself :p ) is there anything I can help with?

[xmikos]

@JasperWeiss I would't trust build signed by m0xie. Nothing against him, but Open Whisper Systems are based in US and could be compelled to silently include backdoor in their build (like maybe Surespot already has been: https://twitter.com/thegrugq/status/625173052783853568). We need independent builds (preferably reproducible builds, then even m0xie/WhisperSys can sign it and be happy).

[ghost]

@xmikos I know, that was kind of what I meant. Interesting you mention this though, it might explain why he is against F-Droid. Maybe this is just me being too paranoid but still. All of a sudden TS is no longer available on F-droid and everytime someone makes a request he comes up with reasons why he only wants it on Google play. Anyway, as soon as we can make it work without gcm I suppose we could submit it to F-Droid? Not that he would be very happy with that. Is there anything I can help with?

[ghost]

@xmikos BTW, Do you have any beta repo for F-Droid that works without Gapps?

[llelectronics]

Just to mention it. I built the 'Jolla Edition' which APK you can find here: http://talk.maemo.org/showthread.php?t=95804

[xmikos]

@JasperWeiss I don't believe that m0xie doesn't want TextSecure distributed outside of Google Play because it is already compromited. You are IMHO far too paranoid :-) He can't be compelled to said that. I think if TextSecure will be compelled to include backdoor some time in the future, silence from TextSecure developers (and no new commits) would be the best indicator.

[b-meson]

This issue should be closed. Thanks for all the work @JavaJens

On Mon, Aug 24, 2015 at 10:29 Michal Krenek (Mikos) < notifications@github.com> wrote:

@JasperWeiss https://github.com/JasperWeiss I don't believe that m0xie doesn't want TextSecure distributed outside of Google Play because it is already compromited. You are IMHO far too paranoid :-) He can't be compelled to said that. I think if TextSecure will be compelled to include backdoor some time in the future, silence from TextSecure developers (and no new commits) would be the best indicator.

— Reply to this email directly or view it on GitHub https://github.com/JavaJens/TextSecure/issues/15#issuecomment-134251230.

[xmikos]

@JasperWeiss I have already F-Droid repository with independent TextSecure and RedPhone builds: https://fdroid.eutopia.cz

I will add GApps-free WebSocket build soon, I am now just trying to figure out how to do it the best way. Because WebSocket fork has the same app id (org.thoughtcrime.securesms) like original source, but F-Droid doesn't support two apps/builds with same app id in one repository. And I don't want to change app id, because that would mean that you will loose app data (private keys, history, etc.) if you upgrade from GApps-build to WebSocket-build.

Most likely I will create new F-Droid repository just for WebSocket fork of TextSecure.

[ghost]

@xmikos I know I may be paranoid, but stil. The only way to know for sure is when we can verify that the package is what the source code says it is.

The issue may be closed as @freddymartinez9 mentioned.

Ps. speaking of paranoids. Snowden puts a blanket over him when entering his password :-)

[ghost]

@xmikos Why not replace the old one with the websocket one? I see no reason one would still use the gcm version. You could just release it as an update to the old one.

[ghost]

@xmikos not sure I said anything stupid there :) I suppose you would have done that if it was possible.

[xmikos]

@JasperWeiss Because I still want to have builds from original source still accessible. WebSocket fork is still somehow work-in-progress (and also I want to be able to compare battery demands, etc. between GApps/non-GApps versions).

[ghost]

@xmikos I see, perhaps you should make a beta version to do that and replace the original source when it's ready. I guess losing app data won't matter too much for folks who want to use the beta?

[JavaJens]

As suggested I will close this issue. Any feature relevant discussion can take place in new issues. Thanks for all the input and help.