I'm really curious. What is the wise CTO's recommendation for a coup's way to securely message?
As one of the other commenters said, WhatsApp and Signal still rely on third parties to host the system. But doesn't Signal simply have each device generate a private key that it claims it never knows about so even if the Signal server were hacked it still wouldn't compromise existing keys?
PGP (or Keybase.io) seems like too much work for non-techies.
I'm not as familiar with Telegram.
In the end, could you do any better than a trusted third party providing a protocol it claims generates keys on your device and doesn't share them?
Oldie but goodie - Robert Heinleins 'Moon is a harsh mistress' gives anyone interested a nice introduction into coups, cells and other things conspiracy.
But before you go live, you don't know if your peer cells are real or just illusions set up to lure you into an ineffective attempt. With Gülen and AKP being such a narrow spectrum historically, changing sides is just a tiny shift in loyalty. It would be very easy to set up fake cells in that situation, it might even happen accidentally (formerly real cells not telling their peers about getting second thoughts).
But I fully agree with your subtext: it's not a technical problem.
Have the NSA design one for you through a front and have the Americans on your side (publicly or not).
It really depends on who you are trying to depose. I wouldn't trust any device if you were going against the interests of America / NATO, there are just too many opportunities for side channels. Likewise if it were using Chinese hardware against China. Assume you're compromised in either situation regardless of how secure your encryption seems to be.
Both WhatsApp and Signal allow verification of the keys. Signal will error out if you change devices - contacts must manually OK it to continue. I think WA has this too, maybe?
Signal also had some sort of work towards preventing contact list disclosure.
At a state level, there's also traffic analysis. If you find Target A then look at their traffic, you might be able to time-coordinate messages sent to other users. (Target->Signal Servers->Recipient)
Guess they could take the Signal source and run their own copy of it, too, eh? I'd also add a time-based auto-wipe function to Signal, which is useful if your are suddenly captured. Doing it by hand is tedious, so people don't. Signal doesn't do this because they don't want people to think it implements a secure remote wipe. But they should consider the problem of an activist having their phone recovered. If the app would delete on time, it'd mitigate some damage.
But remember that Turkey is a NATO ally, so you're up against the NSA, CIA and MI6 for starters (in addition to the fine intelligence service of Turkey).
So I would think that Signal would have to hand out all registered phone numbers in Turkey - a list which could be checked against all military personnel. Given that they've detained thousands of teachers, I don't think they'd be above detaining thousands of suspected troops, even at the risk of waterboarding loyalists.
You don't need an accurate list, just some help "short listing" people.
Similar issue with Tor - if you're in the military and your mobile device used Tor before/during the coup, you'd be on a watch-list (or shot).
The best op-sec is the terrorist/stay-behind/contras: small independent cells, with no knowledge or communication with each other. Obviously some plan is needed to set up a command and control structure when the coup is "won". I don't think there are any great solutions here, that also doesn't leak enough meta-data to get you tortured and killed in the event of a failed coup.
One way would be to use any standard messaging app, but bury the message in the noise. Make it look enough like normal communication and provide only as much signal to the people who need it and could fly under the radar long enough to pull it off.
A modern, digital scheme similar to this is called 'chaffing and winnowing' [2]. Both are steganography rather than encryption, but the intent is the same -- to communicate securely over an insecure channel.
OTR messaging is encrypted (only intended recipients can read your messages), authenticated (you can verify intended recipients identity), deniable (anyone can forge messages after a conversation to look like you sent them), and forward-secret (if you loose your keys, previous conversations aren't compromised).
Also, it is wise to communicate as little as possible. Chatter can be detected to see who are involved. It often doesn't matter what you said, if you were involved or engaged with the wrong people, you may find yourself zip-tied in a stress position.
The trouble with WhatsApp in practice in this coup is the coup guys messaged in larger groups and the messages are stored on the handset. Erdogan's guys only needed to get hold on one or two unlocked handsets to get the messages. (https://xkcd.com/538/). Something like snapchat where they disappear after a bit might have been better.
As one of the other commenters said, WhatsApp and Signal still rely on third parties to host the system. But doesn't Signal simply have each device generate a private key that it claims it never knows about so even if the Signal server were hacked it still wouldn't compromise existing keys?
PGP (or Keybase.io) seems like too much work for non-techies.
I'm not as familiar with Telegram.
In the end, could you do any better than a trusted third party providing a protocol it claims generates keys on your device and doesn't share them?