https://www.reddit.com/r/privacy/comments/1igizvo/end_to_end_encrypted_sms_app/
created by Consistent-Age5347 on 03/02/2025 at 06:36 UTC
13 upvotes, 12 top-level comments (showing 12)
Hi there everybody, I'm from Iran and as ya'll may know, There is a very bad internet restriction going on in our country, Same as Russia and China, Just FYI guys most of the popular VPN protocols such as OpenVPN and Wireguard are banned in here, In other words they are detectable and not connectable, Not to mention all the popular VPN providers IPs are banned already, So we use very advanced proxies called V2Ray or Xray to access the internet, They make your connection look like HTTPS so it wont get blocked by Iran's firewall.
Anyway, as a lot of people can not access apps like Whatsapp, Signal, Telegram and others, SMS is the only way for some people to communicate, But as we all know, SMS is the worst and most insecure way of communication.
So I just started wondering something with myself.
Is there like a FOSS SMS app or something that utilizes end to end encryption?
Ya know?
Something like an app that would send the encrypted message over sms and then on other end it be decrypted.
Comment by Interesting_Usual596 at 03/02/2025 at 07:26 UTC
5 upvotes, 0 direct replies
To bypass restrictions, you could try using orbot on Android which is a TOR based VPN and proxy. If you can't connect directly, you could try switching to bridges. Not sure if there will be any legal consequences if they have detected the use of TOR.
As for encrypting SMS, especially automating the encryption, you can't. The only thing you could do is try to find a way to encrypt the text before sending.
Also I don't know, but have you considered using RCS in Google messages?
Comment by Nopeitsnotme22 at 03/02/2025 at 06:43 UTC*
6 upvotes, 3 direct replies
SMS can't be encrypted.
Edit : I stand corrected. The metdata is almost impossible to encrypt but messages themselves can.
Comment by pusongsword at 03/02/2025 at 07:28 UTC
2 upvotes, 1 direct replies
Silence / textsecure sms. Used it before then, then had a hard time using the keys. There was an announcement that development stopped.
Comment by Cultural-Proof-4382 at 03/02/2025 at 08:50 UTC
2 upvotes, 0 direct replies
Have you heard of the UpSuite by Unplugged Phone? It's a VPN and private messaging app in their app store made by Israeli engineers. I think you can download it off their website. It might work. It's a proprietary code.
Comment by UnfairDictionary at 03/02/2025 at 09:11 UTC
2 upvotes, 1 direct replies
Use AES, PGP or Vigenère cipher over SMS? It requires some effort for sure but at least Vigenère cipher is doable by hand if getting software to do the encryption is hard. The problem is that you have to share the one time pad with the receiver face to face as it is a symmetric cipher.
Comment by Master-Office-3541 at 03/02/2025 at 10:08 UTC*
2 upvotes, 0 direct replies
Try proton go into setting and change to stealth mode for a vpn. It’s specifically for this scenario. Another vpn is Psiphon I think it’s spelt.
Comment by armadillo-nebula at 03/02/2025 at 13:42 UTC*
2 upvotes, 0 direct replies
SMS/MMS is 40 years old and is still bound to the technical limitations of the 80s. SMS was created by accident when some mobile network researchers realized a small amount of bandwidth still leftover when mobile phones do their check-ins with the nearest tower.
That's why SMS is still limited to 140 characters (sending more than that means it's been converted to MMS), or you send pictures over MMS at full quality and they look like ass to the person receiving them.
There is no reason to use SMS for messaging anymore. RCS exists and it's available on Android and iPhones. It's not end-to-end encrypted cross-platform, but it's still more secure than SMS, which is not encrypted at all.
Some more info about RCS vs SMS:
SMS: Messages are transmitted in plain text over cellular networks, making them vulnerable to interception by hackers, cell site simulators (like Stingrays), or rogue network operators.
RCS: Messages are transmitted using HTTPS, which provides some encryption during transmission. However, RCS currently lacks end-to-end encryption (E2EE) in most cases, except when using Google's implementation (Google Messages with E2EE enabled).
SMS: SMS messages can be easily spoofed since they rely on SS7, a decades-old telecommunication protocol with known vulnerabilities.
RCS: RCS uses stronger authentication mechanisms, such as Universal Profile and improved sender verification, reducing the risk of message spoofing.
SMS: SMS depends on the SS7 protocol, which has vulnerabilities allowing attackers to intercept, modify, or reroute messages.
RCS: RCS messages travel over IP-based networks, which generally offer better security. Additionally, RCS messages require an internet connection and can be routed through secure servers, reducing exposure to SS7 vulnerabilities.
SMS: No encryption at any stage—any intermediary (e.g., telecom providers) can read the messages.
RCS: Some implementations, like Google Messages, now support E2EE for one-on-one conversations, preventing unauthorized access by carriers, Google, or other intermediaries.
SMS: Easily exploited for phishing (smishing) attacks due to a lack of sender verification.
RCS: Includes verified sender features, such as branding and sender authentication, reducing phishing risks.
If you really have to use SMS for some reason, TextSecure (what Signal used to be called) was forked to an app called Silence, which still works, but that project has been dead for six years.
Comment by zfride at 03/02/2025 at 08:56 UTC
2 upvotes, 0 direct replies
check out nostr maybe?
Comment by Satalana12 at 03/02/2025 at 14:53 UTC
1 upvotes, 0 direct replies
Have you tried Signal app with " censorship circumvention" toggle on and also the "Always relay" option!. Please let me know the results.
Another option for VPN is Proton VPN with their own protocol for packets inspection resistance called Stealth.
Comment by ArnoCryptoNymous at 03/02/2025 at 15:31 UTC
1 upvotes, 0 direct replies
A lot of people can not access apps like Whatsapp, Signal, Telegram
Well if you know they blocking (those Apps) in Iran, try to find out, if Threema is also blocked in your country. I remember we had another Iranian here who said, Threema is still working in Iran, so you may investigate deeper into Threema.ch[1] … r/Threema
But you need to know, your contact who you like to communicate with need to have the same app then you have to communicate encrypted and of course it costs money (once for each). Bit is is worth the money, if Iran do not block it.
So if your restrictions in your country are so restrict, tens look for a messenger who is very secure, and almost unknown in Iran, and I think, Threema is one of those messengers. The less your government is knowing about this the more chances you have to use it secretly with your friends and family.
Comment by Mr0ldy at 03/02/2025 at 16:13 UTC
1 upvotes, 0 direct replies
Not sure about limitations specific to your country but have you had a look at Briar? Seems like it could be useful in your case.
https://briarproject.org/how-it-works/
Comment by OkAngle2353 at 03/02/2025 at 07:16 UTC
1 upvotes, 0 direct replies
Encryption? Find a method of encryption that both you and the other party knows. Pull a enigma machine.