Many people are already familiar with Moxie Marlinspike's WhisperSystems because of their Android apps: RedPhone for encrypted calls, and TextSecure for SMS messages.

The release of Signal is a pretty big deal for iOS users; previously, we had to consider a paid option like Silent Circle, or a larger corporate option like FaceTime Audio (which isn't really the same).

Although I haven't actually used the app yet (it's registering now), the screenshots appear to be a fairly direct port of RedPhone to iOS.

Edit: Yep! And it looks like Signal users can make secure calls to contacts with RedPhone installed, too. Very nice.

Please authenticate with something that's not a phone number! I guess that's the simplest for most people (look at WhatsApp), but the reason why I use things like Signal is because I despise cell carriers. I'd like to use this on a (cheaper) non-cellular device (for myself and family members).

The Holy Grail of Secure Communications: Group Encrypted Text, Voice, and Video. Right now, Skype gives you the unholy grail, but you get all three (+group). I wish Open Whisper Systems luck.

Hey, I'm the co-lead developer of Signal. We're looking for help with translations, help us out to bring Signal to as many people as possible: https://www.transifex.com/projects/p/signal-ios/ We also pay per commit if you want to help on Open Whisper Systems projects: http://bithub.whispersystems.org/

It's great that we have more privacy options for phone calls, texts, etc. But we still need a great "Privacy" phone, right?

There's been attempts to do so recently (Blackphone, PrivacyPhone), but both have suffered from the same fault: a binary blob for the baseband, something that renders all your privacy moot. I've heard the best recommendation is a tablet + USB LTE dongle, to put some space between the two processors ("firewalling" the baseband processor a bit).

Is there a better way than this? Has anyone kinda walked through all the steps neccesary to have a private/"secure" phone?

That being said, congratulations to Whisper Systems -- their work on things like TextSecure and Redphone have been awesome. I hope one day they do a Kickstarter for a whole secure mobile operating system.

Why is the App Store application search process so horrible? I agree, "Signal" and "Whisper" are bad things to have to search for, but there's basically no way to enter a simple memorable text string in the store and get the right app.

I ended up using a browser on the phone to go to the HN article to go to the right app store link.

I can't believe this hasn't been solved.

I wanted to donate $5 to BitHub using Bitcoin, but Coinbase's overlay doesn't allow you to change the amount (typing a new amount in does nothing). Does anyone know of a way around this?

Moxie, if you see this, can you publish some static address we can send funds to as well?

It would be nice if the server software were open source as well.

Call routing information, like all metadata, can only be protected legally not cryptographically. So it's not something I trust to people outside Canada, no matter how much esteem I have for them.

Great job guys! I'm a big fan of what whisper systems is doing. Why is this not called redphone though? Does it have different features?

Edit: Looks like the article says it is part of a plan to merge redphone and textsecure.

Who is Riddle Quiet Ventures, LLC? They appear to be the "seller in the App Store"

Why is Signal (the app) free? What's the business model?

I wish they had text messaging. I've been waiting so long for this and it lacks the major feature we need! Hopefully it'll come soon.

The reason why this is important these days is that law enforcement now has more access (because the technology is cheaper) to fake cell towers http://en.wikipedia.org/wiki/Stingray_phone_tracker

Many states are denying FOIA requests regarding this spying but there are several news stories from this year of data obtained from these fake "towers" being used in court. They can be put in vans or just be near people or be used at any large gathering of people.

I used an Android phone with RedPhone and this Signal app with iOS and it works perfectly. Very well done! Need encrypted text messaging ASAP!

They are also saying TextSecure and RedPhone will be merged into Signal. That'll be great!

I will gladly donate to this company if they will increase the speed of development.

Question: If my phone has a limited amount of minutes and I have RedPhone or Signal and I call someones phone who doesn't have one of these programs, does that use my minutes or does it only use Data (or WiFi)?

Maybe a stupid question, but is the app sending this encrypted voice over the cellular channel, or is it making a data connection independent of the phone?

Also, on a different point, if I were trying to eavesdrop on someone's conversation, I would probably just try to hack the microphone with a different / already loaded app...

Will we eventually get video calling, too? (especially in the browser version, perhaps by using a more secure version of WebRTC?)

Also, I suggest dropping SMS support, and going "data-only" for the new Signal. Or at the very least disable all SMS/MMS stuff by default, and only leave them as opt-in options in settings. Don't even prompt users about it, because most will say yes, without really knowing what they're doing, and that the app will start eating SMS credits without realizing.

But really, you should just drop it. I mean look how successful Whatsapp is, and doesn't have any SMS support, let alone an end-to-end encrypted one.

These guys are doing amazing high-quality work. I'm really amazed that they can pull it off with volunteers and donations. There are very few examples of polished front-end apps in the open source world.

I installed it on my iPhone. I'm able to discover and call friends that have RedPhone, but they can't see me. Is that a feature or a bug :P

As soon as I registered, I started getting "No Caller ID" phone calls every few minutes from some unknown person speaking Chinese (which I don't speak). This is pretty annoying, to say the least.

There doesn't seem to be any way to deregister your phone number? So what now?

Does anyone know what the userbase of Redphone is? Is it the same as Textsecure (around 10 milions)?

"Signal uses your existing number, doesn’t require a password, and leverages privacy-preserving contact discovery to immediately display which of your contacts are reachable with Signal."

How does contact discovery work? What happens when run on a device without a (valid) SIM?

Congrats Jake and the WhisperSystems crew! :D Can't wait to see you in a few weeks bud.

How can you trust a product promising privacy when it runs on a closed-source platform (that is further also known to collect data on the user and to be prone to government surveillance)?

Real privacy is only possible on platforms that are 100% open-source.

Um. Isn't encrypted calling on iPhones already provided by FaceTime Audio?

It's refreshing to see the rebrand (RedPhone -> Signal) links security with functionality, rather than with something dramatic/hide-worthy.

When your tools are secure, they work for you and not the other way around.

Ahhhh I'm so excited for this, but it's not in the Australian store and I can't change it to US as I have an iTunes Match sub :( Any ETA on when it'll be here?

Next step, no phone number required for accounts!

Curious why this is different than RedPhone - same company, same product(?), diff't platform - why not keep app branding?

This seems really neat. I tried it on an iOS 8 device and it hung on the verification screen. Is anyone else seeing that?

Is anyone else having trouble registering the app? I'm not receiving a SMS validation code.

Could theoretically be nice, if it would actually work.

Teligram should add this feature.

Will we eventually get video calling, too? (especially in the browser version, perhaps by using a more secure version of WebRTC?)

Also, I suggest dropping SMS support, and going "data-only" for the new Signal. Or at the very least disable all SMS/MMS stuff by default, and only leave them as opt-in options in settings. Don't even prompt users about it, because most will say yes, without really knowing what they're doing, and that the app will start eating SMS credits without realizing.

But really, you should just drop it. I mean look how successful Whatsapp is, and doesn't have any SMS support, let alone an end-to-end encrypted one.

"What could possibly go wrong?" I mean, besides the fact that it runs on iphones.

Distributing secure text/voice/video calls app through an app store of any kind is by definition not secure. Give me an .apk

Nice try, but pointless and snake oil, since the iPhone is not a secure device.

Try building a secure device that users "own" first, then spend effort on building secure services on top.

When the client device is compromised (and we know that iOS is [1]), it doesn't matter how secure the link is. If I were a sophisticated attacker and wanted to listen to your conversation, I could just tap your mic and audio output.

[1] https://pentest.com/ios_backdoors_attack_points_surveillance...

Next round of Edward Snowden leaks: "NSA created and funded 'open whisper systems' as a way to get people to think their calls were encrypted when in reality calls went straight to the NSA..."