Comment not nsa proof at all (Score 1) 183
however, security wise - the keys to decode the message and the messages are on the device. so when the app does to delete the message does it really delete ? probably not, the underlying os may well leave the message and just delete the filesystem reference. similarly for the keys. so if the device is confiscated, there's a good chance all the encrpyted messages can be recovered. also if the nsa dont run the app after confiscating the device then the app wont be able to delete its data store
with respect to the sender specifying how long the message can remain without being deleted. this depends on the receiving app honouring the 'delete after n days' part of the message. if the receiver installs a clone silent sms program which doesnt honour such requests they'll never get deleted. so the security offered to a sender is assured by the difficulty of creating a clone app. this difficulty depends on the effort silent message makes, if they dont explicitly engineer for that kind of security it will be trivial, if they do explictly engineer for that then it'll be medium difficulty. more than this cant be achieved with this architecture