Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zimmermann's Silent Circle Now Live

Posted by timothy on from the different-zimmerman dept.

e065c8515d206cb0e190 writes "Several websites have announced the launch of Silent Circle, PGP's founder Phil Zimmermann's new suite of tools for the paranoid. After a first day glitch with a late approval of their iOS app, the website seems to now accept subscriptions. Have any slashdotters subscribed? What does SilentCircle provide that previous applications didn't have?"

9 of 127 comments (clear)

  1. Now, with centralized user tracking! by Animats · · Score: 5, Insightful

    The "Silent Circle" uses their own "Silent Network", allowing centralized user tracking. Also, the code isn't open source, so you have no idea if the crypto key generation is any good or if there are backdoors.

    1. Re:Now, with centralized user tracking! by Anonymous Coward · · Score: 5, Funny

      HURR DURR Obama Warrantless Wiretapping HURR DURR

    2. Re:Now, with centralized user tracking! by interval1066 · · Score: 5, Interesting

      Even so, with Zimmerman's involvement I tend more to a "trust" relationship than an "untrusted" one. Zimmerman is on my whitelist.

      --
      Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
    3. Re:Now, with centralized user tracking! by Anonymous Coward · · Score: 5, Funny

      Careful there. You're commenting on a story about "wanting to hide stuff" on a known gathering place for geeks and occasionally cyber-terrorists. You're in a database somewhere for simply being here.

    4. Re:Now, with centralized user tracking! by Bysshe · · Score: 5, Informative

      Considering Zimmermann's track record of not including backdoors and that he was investigated for several years much to his personal detriment for several years in the 90s for his release of PGP I think this particular protocol is pretty safe. Lastly and business case is based 100% on total security. If ever it leaked that there's any kind of backdoor it would all be for naught. I highly doubt the core team (there are 4 of them, including Zimmermann, 2 ex seals, and Callas) would risk their reputations on including a backdoor. In addition any real backdoors would flag an interference.

      --
      Read what I mean, not what I wrote.
    5. Re:Now, with centralized user tracking! by pnot · · Score: 5, Insightful

      Part of it is keeping his work closed source, which is extra scary when talking about cryptography. Being asked to trust a security solution that you can't examine is insane.

      Unless you're a crytpographer and a programmer... examining the source is pretty much pointless. It may give you a warm happy fuzzy to be able to do so, but you lack the qualifications to actually evaluate it.

      The point, surely, is not that I am necessarily a cryptographer, but that the source is available to those who are. It's not necessary for every user to independently audit the code, because the skilled individuals who do audit the code can then communicate their findings.

      "But why trust the skilled individuals?", you may ask. Answer: because I find it unlikely that all the world's cryptographers are conspiring to keep quiet about any vulnerabilities they find the code. At any rate it's a more sensible strategy than "assume that Zimmerman is both infallible and incorruptible".

    6. Re:Now, with centralized user tracking! by pnot · · Score: 5, Funny

      Lastly and business case is based 100% on total security. If ever it leaked that there's any kind of backdoor it would all be for naught.

      Lance Armstrong is innocent. His business case is based 100% on being a non-cheating cyclist: if it ever leaked that he'd taken any kind of performance enhancers, it would all be for naught.

  2. What does SilentCircle.... by Anonymous Coward · · Score: 5, Informative

    "What does SilentCircle provide that previous applications didn't have?"

    The 20$/*PER MONTH* price tag. You can also use csipsimple, it does secure messaging (using sips) and voice using the zrtp protocol. For 0$/*PER MONTH*.

    (Captcha: investor. How fitting...)

  3. CALEA by gellenburg · · Score: 5, Informative

    I wrote to Silent Circle over a week ago when news of the impending launch first started making circles.

    SC's COO was kind to respond in an attempt to allay my fears. Sadly though his answer was more "non" than one.

    A week ago replied back with a follow-up question, and have yet to receive a response.

    While my political activism is pretty much limited to change.org petitions, SC is directly marketing their services TO activists. As the Occupy movement has shown, political activism, and the free-speech that goes along with it, are becoming in jeopardy. My concern, and I feel it's a valid one, is that CALEA will give subscribers a false sense of security. After all when Microsoft purchased Skype, one of the first things they did (they had no choice) was to install CALEA intercepts.

    Hopefully somebody at Silent Circle will be able to answer this. Until then, I wouldn't recommend it. Check out The Guardian Project and Jitsi instead.

    (Note - I'm only posting this because as Silent Circle's COO, Vic Hyder is authorized to speak on behalf of the Company.)

    -----BEGIN EMAIL-----
    Mr. Hyder,

    Thank you very much for the reply and information you've provided below,
    but I'm afraid I'm still unclear on one particular point: /does Silent
    Circle fall under /CALEA/jurisdiction or not/?

    Kind regards,

    George Ellenburg

    On 10/11/12 7:43 PM, Vic Hyder wrote:
    > *George*,
    > Thanks for the note. Quick response - Silent Circle provides peer to
    > peer encryption from subscriber to subscriber. The Secure Calling Plan
    > offers members a little flexibility to use their Silent Phone number
    > to send and receive calls outside the Circle (encrypted to our servers
    > but decrypted from servers to non-subscriber). We'll let our members
    > determine what their threat model is and how they need to protect
    > their transmissions.
    >
    > Circle up.
    > *______________*
    >
    > Vic Hyder
    > Chief Operations Officer
    >
    > Silent Circle
    > Private Encrypted Communications
    > Silicon Valley | Washington DC
    >
    > w: SilentCircle.com
    >
    > This email and any files transmitted with it are confidential and
    > intended solely for the use of the individual or entity to whom they
    > are addressed. If you received this e-mail in error, please notify the
    > sender immediately and destroy and/or delete all copies. Circle up.
    >
    >
    >
    > On Oct 11, 2012, at 6:01 AM, George Ellenburg > wrote:
    >
    >> Hello-
    >>
    >> I read with interest news reports yesterday that Silent Circle was
    >> getting ready to launch. As an activist and privacy advocate, I was
    >> troubled though to read that Silent Circle was planning on offering a
    >> Secure Calling Plan amongst other communication services.
    >>
    >> I understand the obvious revenue stream such an offering will generate,
    >> but I'm intrigued as to how you plan to not comply with CALEA, or
    >> curious as to how CALEA wouldn't do an end-run around your service
    >> altogether? CALEA, as you probably know, is the Communications
    >> Assistance for Law Enforcement Act, which requires mandatory technical
    >> intercept points for Law Enforcement and Intelligence purposes.
    >>
    >> Being a United States Company, offering Communication services, located
    >> in the United States, your Company is certainly subjected to mandatory
    >> CALEA implementations.
    >>
    >> Thanks for your time. I earnestly look forward to your response.
    >>
    >> -George Ellenburg
    >>
    >
    -----END EMAIL-----