Company Makes Inconspicuous Secure Cellphone

dponce80 writes "With concerns over privacy at an all-time high, it's refreshing to hear that Swiss company VectroTel is making a secure mobile phone. The X8 encrypts secure calls (the unit is also able to make regular calls) with a virtually unbreakable 128-bit key, itself generated through a Diffie-Hellman exchange. While transmission does get somewhat delayed, communication is secure."

unbreakable?

[legallyillegal]

virtually unbreakable 128-bit key,

isn't WEP also 128 bit?

Man in the middle

[nfarrell]

Just in case you didn't RTFA, the phone displays a hash on the display. As long as you read this one to whoever you're talking to, you more-or-less foil a man-in-the-middle attack.

I'm more worried about the proprietry algorithm for the encryption, and how it's implemented. Any conspiracy theorists will still think there's a back door for the government (or swiss secret service?) to listen in.

Anyone with anything really important to say would use GPG on an MP3 and maybe a lashing of stenography on top.

Re:Feasibility for US Market?

[Bromskloss]

is it possible to buy and use this cellphone in the US with a normal US carrier?

I think so, at least one of their phones. That one uses the three bands 900 MHz, 1800 MHz and 1900 MHz. The former two is used in europe (during a call the phones switches frequency bands depending on which one gives the best connection, or something similar), while the latter is used in USA (among other places, I think). That indicates that it is possible to use it in the states too.

Re:Are people really this paranoid?

[meringuoid]

if you want to stop the government listening in to your conversations then you're out of luck anyway , since they'll just bug you some other way.

It's far, far easier for the government to bug all the phone lines (as they're currently doing, I might add) at a central point, and then plug in to someone's conversations at will. If you're using an encrypted phone, then Echelon / Carnivore / AT&T / Dubya's Latest Secret Illegal Wiretap can't listen in. The government have to break in to your house, take a screwdriver to your phone and physically bug the thing.

Can the government spy on everybody by bugging the telephone exchange? Yes, easily, and they're doing just that. Can the government spy on everybody by secretly bugging every last individual phone? No, it would be prohibitively expensive. Have the NSA burgle every single house individually and fiddle every single phone? Impossible.

Encrypting phone calls makes it enormously more expensive and difficult for the government to spy on you. That's got to be a good thing.

How about backdoors

[Aceticon]

I vaguelly remember some investigatory documentary on Discovery or some other such channel where they were investigating how information on a bid by an European company for the rights to explore an oilfield somewhere in Asia had been intercepted by NSA and provided to the competing US companies.

The interesting (not to mention relevant) detail here is that they (the Europeans) where using a supposedly safe mobile phone (made by a Swiss company i believe) which turned out to have a backdoor that allowed NSA to decrypt the calls.

Why should we expect these guys to be any more honest than those other ones where (assuming they're actually not the same ones)?

As i see it, the best way to make sure you have a backdoor free safe phone is to have a generic open-mobile solution, a bit like a mini-PC but for a mobile phone, with an open communications API that allows development and deployment on such a mobile of software which provides the safe communications.

As long as the encryption layer is implemented by the provider and cannot be checked by any independent 3rd party, there is no guarantee whatsoever that it ain't filled with backdoors/weaknesses put there on purpose to allow the sig-int agencies (of one or more countries) to be able to spy on calls made via those mobile phones.