Very neat indeed. Integrating at a low level like that is an excellent plan for a good user experience.
Without diving into the code they link to, I wonder how it falls back to normal SMS for clients which are not using CM/TextSecure. They couldn't just send it encrypted in case the receiving client doesn't support that. So, they must negotiate which version to send (encrypted vs unencrypted). Apparently, this handshake/negotiation works with regular SMS. Anyone have any insight?
Also, I think it is important to note that the SMS messages are only encrypted in transit and not at rest. I believe this to be the case because the article says that I can use any SMS client I want. Also, encryption at rest would kill searchability, back-up/transfer to new device, etc.
Edit: I didn't mean to imply that encryption during transit is anything to scoff at. It is quite excellent compared to what people have now, which is no protection at all!
Without diving into the code they link to, I wonder how it falls back to normal SMS for clients which are not using CM/TextSecure. They couldn't just send it encrypted in case the receiving client doesn't support that. So, they must negotiate which version to send (encrypted vs unencrypted). Apparently, this handshake/negotiation works with regular SMS. Anyone have any insight?
Also, I think it is important to note that the SMS messages are only encrypted in transit and not at rest. I believe this to be the case because the article says that I can use any SMS client I want. Also, encryption at rest would kill searchability, back-up/transfer to new device, etc.
Edit: I didn't mean to imply that encryption during transit is anything to scoff at. It is quite excellent compared to what people have now, which is no protection at all!