The tactic you're suggesting has been tried before (the software was called Asrar, I think). It doesn't work well for them, for a couple of reasons:
1) Custom terrorist software is no easier to use than something more mainstream like PGP, but is a lot more incriminating if you're found to be using it.
2) Is it really made by fellow jihadis? Or is it a backdoored plant by western intelligence? How can you know?
The latter question is a bigger issue than you'd expect. Terrorists don't like to helpfully announce their real names and backgrounds on their websites, so the provenance of jihadi software is frequently unknown. It just sort of floats around on the internet. So it can be much harder to trust than just a plain old copy of PGP.
You might think that IS can solve these problems because it's bigger and more organised than a group like al-Qaeda. But it's not like IS has an official website with a nice SSL certificate and a big download button (CA's will generally not sell to sanctioned entities). They use networks of ad hoc and quickly suspended twitter accounts to communicate, and apparently, Telegram. So for them to distribute custom crypto software wouldn't be easy.
The tactic you're suggesting has been tried before (the software was called Asrar, I think). It doesn't work well for them, for a couple of reasons:
1) Custom terrorist software is no easier to use than something more mainstream like PGP, but is a lot more incriminating if you're found to be using it.
2) Is it really made by fellow jihadis? Or is it a backdoored plant by western intelligence? How can you know?
The latter question is a bigger issue than you'd expect. Terrorists don't like to helpfully announce their real names and backgrounds on their websites, so the provenance of jihadi software is frequently unknown. It just sort of floats around on the internet. So it can be much harder to trust than just a plain old copy of PGP.
You might think that IS can solve these problems because it's bigger and more organised than a group like al-Qaeda. But it's not like IS has an official website with a nice SSL certificate and a big download button (CA's will generally not sell to sanctioned entities). They use networks of ad hoc and quickly suspended twitter accounts to communicate, and apparently, Telegram. So for them to distribute custom crypto software wouldn't be easy.