Domain: silentcircle.com
Stories and comments across the archive that link to silentcircle.com.
Comments · 18
-
Re:not this again
i do. God forbid anyone wants anything you don't.
That's the thing. If this device is being considered for retirement, it's precisely because not enough people want it.
If what the Slashdot crowd wanted represented actual consumer tastes in any volume, then every PC would be running Linux - WITH OH GOD NO SYSTEMD - and be 100% upgradeable/replaceable. It's not, and it doesn't. Most other people don't want what a theoretical Slashdot "you" wants, and that's how the market works.
I work for a giant large evil US cellular carrier, and I can tell you it's the same for smartphones. The smartphone business is about three things: 1.) volume; 2.) volume; 3.) volume. That's why Apple and Samsung have some crazy percentage of the total profits in the market. Do you want something different? For example, a MILSPEC rugged phone? You want an intrinsically safe smartphone? You want a smartphone that supports HAM radio?
You can get it, just be prepared to pay for it. You can get almost anything you want in a smart phone, but you have to vote with your wallet, not just on Interwebs comment boards. Because you are going to pay out the wazoo for what you want because it isn't the same as what tens of millions of other users want.
Slashdot-y people said they wanted a phone that could dock and be an Android device. Motorola built one, and nobody bought it. Slashdot-y people said they wanted a super duper secure phone and nobody is buying it. I worked years ago on the "Obama Blackberry" that numerous US government agencies insisted that they needed and... wait for it... not even they bought it when they figured out how much it cost ($3500 vs. a not as secure but more functional $200 BlackBerry).
There are lots and lots of smartphones out there that meet different needs. Unless your needs happen to match with that of tens of millions of other users, please be prepared that your wallet will take a hit when you vote for it. Otherwise... if you want a smartphone from a big carrier store that you can get for next to nothing upfront, be prepared to get the exact same kind of phone that meets the needs of tens of millions of users who don't include you.
-
Re:Android?
I think it depends on the OEM. There are factors such as whether the device storage is encrypted by default, whether the bootloader is locked by default, what kind of security hardware is available on the SoC and whether it is used, whether exploits are patched, whether there is a continuing roll out for discovered exploits, whether updates are automatically installed w/o authentication, whether the baseband contains known exploits and attack vectors (cough), etc.
So there's no one answer because there's no one Android device and many phone OEMs (and the manufacturers of the underlying hardware platform) may be implementing security to different degrees. Though many of these considerations do have google guidelines and policies in place, some of which may be enforceable via google compatibility tests, there is a wide spectrum of what you can expect from Android generally speaking I think.
You might look to Google's policies and recommendations, and more importantly their Nexus devices themselves as models for what they consider best practices to be. Then there is blackphone and other distros that have security as their primary focus, so they may be good to consider as well.
-
Re:End-to-end encryption cannot come fast enough.
Redphone since 2010 https://whispersystems.org/ .
Silent Phone since 2012 https://silentcircle.com/ . -
Re:NSA involvement ?
Zimmermann might well be good and honest
... but how well does he know the people who he will employ to help him ? What if one of them has a problem: financial/drugs/marital/... that allows the NSA to put pressure on them (''help them out of their sticky situation'') in return for ''something that is in the best interests of the USA'' ?In mitigation: they do publish their source code for review. I don't know how easy it is to check that that is what is installed on the phone that you buy.
-
Re:It's required
Firstly, if you can facilitate multi-way calling then it is clearly technically feasible to support a wire tap. Secondly, unlike many other snooping regulations, CALEA explicitly obliges telecommunications companies to modify their systems and equipment in order to facilitate "lawful access" (sic). Verizon are a telco, not an app company, so they are bound by CALEA in ways that people like Silent Circle or CellTrust are not.
-
Different than Good Tech or BlackBerry?
This sounds like a pitch for a replacement to Good Technology or BlackBerry BES or MobileIron but tied to a single Android phone. I mean the headline says it's a secure phone but it looks like it will require Silent Circle as the communication go between. You can do that now on Android, BB 10, and iOS with BES 10. No special version of Android needed. Hate on BlackBerry all you want but they know security.
-
part of my toolkit...
Yet Another Information Security Professional, working in a sensitive information startup.
Of course, a lot of these have been in use long before the NSA revelations...
A few of my personal tools and our corporate-used tools:
All OSX shop configured with strict firewall, fileVault, and openVPN,
Browser plugins to block ads (adBlock Plus), scripts/flash (NoScript), popups (Adblock Plus Pop-up Addon), trackers (Ghostery), and enforce HTTPS (HTTPS-Everywhere).
GPG Tools for encrypting individual files / emails - https://gpgtools.org/
OTR for secure messaging (use Adium which has OTR support off the shelf) https://otr.cypherpunks.ca/
Silent Circle for encrypted voice and text - https://silentcircle.com/
Personal VPN for traffic encryption for browsing outside of corporate purposes, e.g. one of these:
https://www.bestvpn.com/blog/4809/best-vpn-service-top-10/
note that several offer payment methods that are anonymous, e.g. gift cards purchased with cash, i.e. http://www.paygarden.com/Obligitory Schneier:
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance -
Re:Article
If you go to https://silentcircle.com/ they shut it down "preemptively".
Yesterday, another secure email provider, Lavabit, shut down their system less they "be complicit in crimes against the American people." We see the writing on the wall, and we have decided that it is best for us to shut down Silent Mail. We have not received subpoenas, warrants, security letters, or anything else by any government, and this is why we are acting now.
Why oh why? Are there no hosters outside the US?
Also, if they (e.g. Lavabit) give up, why don't they publish their hosting source code on e.g. github? Then others (Pirate Bay, Mega) can start from there, and set up servers in Iceland, Skandinavia, Hong Kong,
.... -
SEAL Protection
What, you mean that boasting about two former SEALs on your board doesn't protect my data? I am shocked! Can't they go all Chuck Norris on the NSLs?
-
Others also bit the dust. Silent Circle closes
Silent Circle offered phone, video, and text services (Silent Phone and Silent Text) to be completely end-to-end secure with all cryptography done on the clients and their exposure to our data to be nil.
They just wrote in their blog that also closes following Lavabit's shut down to not “be complicit in crimes against the American people.”
-
Silent Circle
I'd say the obvious way to go: https://silentcircle.com/
-
The young do not know enough to be prudent....
“The young do not know enough to be prudent, and therefore they attempt the impossible -- and achieve it, generation after generation.” -- Pearl S. Buck
Given that monitoring is impossible to prevent or really limit, all efforts should be made in shaming those taking bad ACTIONS based upon collected data.
It is not impossible to prevent or limit.
There are many projects working on software and technologies to do just that. Some are:
What you're saying
RedPhone and TextSecure: https://whispersystems.org/
Wickr: https://www.mywickr.com/en/index.php/
Parley.co: http://parley.co/
Silent Circle: https://silentcircle.com/
Seecrypt: https://www.seecrypt.com/Who you're saying it to / who or where you are
Tor: https://www.torproject.org/Both (for the most part)
LEAP: https://leap.se/ (Full disclosure: I am a developer on this project)to name a few
:)Admission: I am not completely familiar with the details of many of these projects
-
Creator of PGP Has Already Fixed This
PGP Creator Phil Zimmerman has a new business, Silent Circle, that does proper encryption for voice and SMS on mobile devices.
-
Re:Realtime voice encryption apps?
You mean like Silent Circle?
-
Freedom of Speech the most vital right.
Back when the Tunisian uprisings started, and then started in Libya and Egypt the crowds on the street were carrying around posters of Mark Zuckerberg because Facebook would let them communicate and coordinate and let the world know what was going on. That was a full embrace of freedom of speech, and I even started to build a Twitter encryption tool to help make it even easier to for people to communicate freely (More complete projects have come out since *).
This was also right around the time of the State Dept WikiLeaks reveal, and instead of talking about how we need to encourage freedom of speech, and the press and assembly, Secretary Clinton made a big speech about the primary and absolute need for elections for a democratic transition in these countries. The ground could have been laid then that this was an expression of the peoples rights and take it as an opportunity to have an open accepting forum of competing ideas and that it was OK to have disagreeing views as long as everyone could express themselves.
Instead we got badly run elections more than a year later with the military pushing people around, and women mostly shut out of the process. And, no automatic thinking that uncomfortable ideas can at least be heard. As long as you have freedom of speech you can try to change the system. When that is gone certain changes become impossible. It was a huge missed opportunity to change attitudes about speech.
(*) My project was mostly done over a hackathon weekend and is on github: https://github.com/YasminApp/yasmin-client
Others include CryptTweet which needs improvement but is workable here: http://plexusproject.org/
And SilentCircle which is targeting a different user group https://silentcircle.com/ -
Re:Encrypt everything
Also that implementing and using encryption for personal use is more techy than the average being can handle. I'm hoping that https://silentcircle.com/ can approach this issue. Extra points for taking note of the founders...
-
Phil Zimmermann's post-PGP project
Phil Zimmermann's post-PGP project: privacy for a price:
https://silentcircle.com/Phil Zimmermann released PGP for free, but he's planning to charge about $20 a month for his new Silent Circle encryption service. It's unlikely to be applauded by encryption-wary law enforcement agencies.
Declan McCullagh | by Declan McCullagh | June 12, 2012 5:30 AM PDT
http://news.cnet.com/8301-1009_3-57451057-83/phil-zimmermanns-post-pgp-project-privacy-for-a-price/
"PGP creator Phil Zimmermann says he thinks people will pay $20 a month for secure communications.
(Credit: Declan McCullagh/CNET)He rocketed to privacy stardom over two decades ago with the release of PGP, the first widely available program that made it easy to encrypt e-mail. Now Phil Zimmermann wants to do the same thing for phone calls.
Zimmermann's new company, Silent Circle, plans to release a beta version of an iPhone and Android app in late July that encrypts phone calls and other communications. A final version is scheduled to follow in late September.
This time around, Zimmermann is facing not the possibility of prison time on charges of violating encryption export laws, but a more traditional challenge: convincing would-be users that protecting their privacy is worth paying Silent Circle something like $20 a month.
"I'm not going to apologize for the cost," Zimmermann told CNET, adding that the final price has not been set. "This is not Facebook. Our customers are customers. They're not products. They're not part of the inventory."
Silent Circle's planned debut comes amid recent polls suggesting that Internet users remain concerned about online data collection (or at least are willing to tell pollsters so), with Facebook topping health insurers, banks, and even the federal government as today's No. 1 privacy threat. Yet even after a decade of startups that have tried to capitalize on these concerns, consumers spending their own money remain consistently difficult to persuade that paying for privacy is worth it.
Zimmermann hopes to overcome this reluctance by offering a set of services designed from the start to be simple to use: encrypted e-mail, encrypted phone calls, and encrypted instant messaging. (Encrypted SMS text messages are eventually planned too.)
"We're going after target markets that have a special need for this," Zimmermann said. "For example, U.S. military serving overseas that wish to speak to their families."
One sales pitch unique to Silent Circle is Zimmermann's own history of high-profile support for civil liberties that recently placed him in the Internet Hall of Fame, including spending four years under threat of criminal indictment for releasing PGP in the early 1990s. At the time, encryption software was regulated as a munition, meaning unlicensed export could be a federal felony. Zimmermann later founded PGP Inc., now owned by Symantec.
Symantec has focused far more on selling PGP-branded products to corporations, not individuals. Symantec's Web page for PGP Whole Disk Encryption, for instance, boasts that the utility "provides organizations with comprehensive, high performance full disk encryption" to protect "customer and partner data."
PGP "moved too far away from individual users," Zimmermann says. "It was geared so heavily toward enterprise that I felt it was hard to use for ordinary people. That was kind of sad. My original intent was individuals. Now I get to go back to individuals again."
Also involved in Silent Circle are Mike Janke, a former Navy SEAL sniper turned privacy advocate; Vic Hyder, a Navy SEAL commander and founder of a maritime security firm; and PGP co-founder Jon Callas.
Silent Circle's app will securely scramble conversations -- using end-to-end encryption and the ZRTP protocol -- between two people if both are using its software. If only one person has the
-
Phil Zimmermann's post-PGP project: silentcircle
Phil Zimmermann's post-PGP project: privacy for a price:
https://silentcircle.com/Phil Zimmermann released PGP for free, but he's planning to charge about $20 a month for his new Silent Circle encryption service. It's unlikely to be applauded by encryption-wary law enforcement agencies.
Declan McCullagh | by Declan McCullagh | June 12, 2012 5:30 AM PDT
http://news.cnet.com/8301-1009_3-57451057-83/phil-zimmermanns-post-pgp-project-privacy-for-a-price/
"PGP creator Phil Zimmermann says he thinks people will pay $20 a month for secure communications.
(Credit: Declan McCullagh/CNET)He rocketed to privacy stardom over two decades ago with the release of PGP, the first widely available program that made it easy to encrypt e-mail. Now Phil Zimmermann wants to do the same thing for phone calls.
Zimmermann's new company, Silent Circle, plans to release a beta version of an iPhone and Android app in late July that encrypts phone calls and other communications. A final version is scheduled to follow in late September.
This time around, Zimmermann is facing not the possibility of prison time on charges of violating encryption export laws, but a more traditional challenge: convincing would-be users that protecting their privacy is worth paying Silent Circle something like $20 a month.
"I'm not going to apologize for the cost," Zimmermann told CNET, adding that the final price has not been set. "This is not Facebook. Our customers are customers. They're not products. They're not part of the inventory."
Silent Circle's planned debut comes amid recent polls suggesting that Internet users remain concerned about online data collection (or at least are willing to tell pollsters so), with Facebook topping health insurers, banks, and even the federal government as today's No. 1 privacy threat. Yet even after a decade of startups that have tried to capitalize on these concerns, consumers spending their own money remain consistently difficult to persuade that paying for privacy is worth it.
Zimmermann hopes to overcome this reluctance by offering a set of services designed from the start to be simple to use: encrypted e-mail, encrypted phone calls, and encrypted instant messaging. (Encrypted SMS text messages are eventually planned too.)
"We're going after target markets that have a special need for this," Zimmermann said. "For example, U.S. military serving overseas that wish to speak to their families."
One sales pitch unique to Silent Circle is Zimmermann's own history of high-profile support for civil liberties that recently placed him in the Internet Hall of Fame, including spending four years under threat of criminal indictment for releasing PGP in the early 1990s. At the time, encryption software was regulated as a munition, meaning unlicensed export could be a federal felony. Zimmermann later founded PGP Inc., now owned by Symantec.
Symantec has focused far more on selling PGP-branded products to corporations, not individuals. Symantec's Web page for PGP Whole Disk Encryption, for instance, boasts that the utility "provides organizations with comprehensive, high performance full disk encryption" to protect "customer and partner data."
PGP "moved too far away from individual users," Zimmermann says. "It was geared so heavily toward enterprise that I felt it was hard to use for ordinary people. That was kind of sad. My original intent was individuals. Now I get to go back to individuals again."
Also involved in Silent Circle are Mike Janke, a former Navy SEAL sniper turned privacy advocate; Vic Hyder, a Navy SEAL commander and founder of a maritime security firm; and PGP co-founder Jon Callas.
Silent Circle's app will securely scramble conversations -- using end-to-end encryption and the ZRTP protocol -- between two people if both are using its software. If only one person has the