[f_salmon]

> A user simply sends a message, and it’s encrypted end to end, every time.

Anything that is not public key encrypted must be considered unencrypted.

[garrettgrimsley]

TextSecure does use public key cryptography. It performs the key exchange silently, but it still performs it.

https://github.com/WhisperSystems/TextSecure/wiki/ProtocolV2 https://www.whispersystems.org/blog/advanced-ratcheting/

[shabble]

Pff. A pair of exchanged 32GB microSD cards full of random data would give you OTPs for a hell of a lot of tweets/SMSes :)