Slashdot Mirror

← Back to Stories (view on slashdot.org)

Company Makes Inconspicuous Secure Cellphone

Posted by ryuzaki0 on from the price-tags-that-probably-cause-physical-pain dept.

dponce80 writes "With concerns over privacy at an all-time high, it's refreshing to hear that Swiss company VectroTel is making a secure mobile phone. The X8 encrypts secure calls (the unit is also able to make regular calls) with a virtually unbreakable 128-bit key, itself generated through a Diffie-Hellman exchange. While transmission does get somewhat delayed, communication is secure."

3 of 328 comments (clear)

  1. unbreakable? by legallyillegal · · Score: 4, Interesting
    virtually unbreakable 128-bit key,

    isn't WEP also 128 bit?

    --
    ?giS
  2. Man in the middle by nfarrell · · Score: 5, Interesting

    Just in case you didn't RTFA, the phone displays a hash on the display. As long as you read this one to whoever you're talking to, you more-or-less foil a man-in-the-middle attack.

    I'm more worried about the proprietry algorithm for the encryption, and how it's implemented. Any conspiracy theorists will still think there's a back door for the government (or swiss secret service?) to listen in.

    Anyone with anything really important to say would use GPG on an MP3 and maybe a lashing of stenography on top.

  3. How about backdoors by Aceticon · · Score: 4, Interesting

    I vaguelly remember some investigatory documentary on Discovery or some other such channel where they were investigating how information on a bid by an European company for the rights to explore an oilfield somewhere in Asia had been intercepted by NSA and provided to the competing US companies.

    The interesting (not to mention relevant) detail here is that they (the Europeans) where using a supposedly safe mobile phone (made by a Swiss company i believe) which turned out to have a backdoor that allowed NSA to decrypt the calls.

    Why should we expect these guys to be any more honest than those other ones where (assuming they're actually not the same ones)?

    As i see it, the best way to make sure you have a backdoor free safe phone is to have a generic open-mobile solution, a bit like a mini-PC but for a mobile phone, with an open communications API that allows development and deployment on such a mobile of software which provides the safe communications.

    As long as the encryption layer is implemented by the provider and cannot be checked by any independent 3rd party, there is no guarantee whatsoever that it ain't filled with backdoors/weaknesses put there on purpose to allow the sig-int agencies (of one or more countries) to be able to spy on calls made via those mobile phones.