With Edward Snowden, the NSA and PRISM making headlines across the world; the newest feature making its way to Cyanogenmod very soon could not have come at a better, nor more appropriate time. Well known developer Koushik Dutta has now developed a plugin that is built into the framework of the ROM. Messages are encrypted automatically on the device and then sent to the recipient via Google Cloud Messaging where, assuming they are also running a ROM with this plugin built in, the message is decrypted and able to be read.
With the plugin being built into the framework the result is that the process works for all third party apps as well, including Handcent SMS and GoSMS. As Koushik himself put it, “It’s basically PGP (encryption + authenticity) for text messages, built into the system”.
At this stage the plugin is still in its very early stages of development so its unknown whether the users will know if the message has been sent via this encryption, or if it will work from one type of ROM to another as long as this plugin is baked into the ROM. Currently I believe Koushik plans for this to be the case as his original Google+ poll about possible users of this service mentioned “a custom rom (based on +Cyanogenmod)”. When the recipient does not have the plugin in its ROM the message will be sent via standard sms, just as iMessage does.
This is something Google should think of merging upstream into the AOSP code. It is certainly something it could do with, with all the media attention on them and their collection of user data. Until then there are plenty of options including Gibberbot that allow you to securely chat with other users, as long as they have that app installed themselves. Personally, I would rather not have the government reading every single thing I write.
Do you use a secure messaging client? Would you use a secure messaging service built into your software?