Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

CryptoPhone Sales Jump To 100,000+, Even at $3500

timothy posted about 4 months ago | from the when-envelopes-are-outlawed dept.

Encryption 68

An anonymous reader writes "Since Edward Snowden started making NSA files public last year, GSMK has seen a jump in sales. There are more than 100,000 CryptoPhones in use today. How secure they really are will be determined in the future. But I'm sure that some government agencies, not just in the U.S., are very interested in getting a list of users." For the price the company's charging for a modified Galaxy S3, it had better be as secure as they claim; otherwise, the free and open source RedPhone from Moxie Marlinspike's Whisper Systems seems like something to think about first.

cancel ×

68 comments

"Secure service"? (1)

fustakrakich (1673220) | about 4 months ago | (#46670689)

Pull the other one... A phone has more than one chip in it.

Re:"Secure service"? (1)

AmiMoJo (196126) | about 4 months ago | (#46670793)

Are you aware that not every chip in a phone has full access to everything and can be used for spying?

Re:"Secure service"? (4, Insightful)

fustakrakich (1673220) | about 4 months ago | (#46671029)

I how you are aware that it doesn't matter. Back doors are simply mandated into the service, possibly, or probably, by secret law, or it is declared illegal for use. Read the contract. Unless it specifically says the company will never, under any circumstances comply with a government order to open up its communications, then the service should not be considered secure. And even then, you still have to trust them. That is living a fantasy in today's world.

Re:"Secure service"? (2)

Jane Q. Public (1010737) | about 4 months ago | (#46671759)

"Unless it specifically says the company will never, under any circumstances comply with a government order to open up its communications, then the service should not be considered secure."

Most likely the "service" has very little if anything to do with the security, since in order to be secure, it HAS TO be encrypted on the phone prior to sending.

It is the software that needs to be evaluated, not the service. If the software on the phone doesn't allow a back door, then "the service" has no way to access the content, and it is secure. Otherwise it is not. There are few if any plausible alternative situations.

Re:"Secure service"? (1)

mmell (832646) | about 4 months ago | (#46672405)

The hardware on cell phones provides the back door. Look up how SIM cards operate and get back to us (hint: it's how T-Mobile prevented Google Wallet from using NFC on my Samsung Galaxy S4, until the most recent update sent out by Samsung - an update which was sent out by mistake and never authorized by T-Mobile).

Re:"Secure service"? (1)

Jane Q. Public (1010737) | about 4 months ago | (#46674259)

"The hardware on cell phones provides the back door. Look up how SIM cards operate and get back to us (hint: it's how T-Mobile prevented Google Wallet from using NFC on my Samsung Galaxy S4, until the most recent update sent out by Samsung - an update which was sent out by mistake and never authorized by T-Mobile)."

Your own comment proves that it's software, not hardware. If it was correctable via a software update, then it isn't the hardware's fault.

That's dumb. (0)

Anonymous Coward | about 4 months ago | (#46676157)

Setting aside the fact that "hardware" and "software" have a fine and wavering line between them, you have apparently never heard of (say) Transmeta, or FPGAs. Or even software working around hardware issues -- e.g. the kernel patch for the Intel F00F bug.

Maybe you shouldn't try to sound so authoritative about stuff. Nobody knows everything, and, unless you do, acting as an Authority is dumb.

Re:That's dumb. (1)

Jane Q. Public (1010737) | about 4 months ago | (#46678125)

"Setting aside the fact that "hardware" and "software" have a fine and wavering line between them, you have apparently never heard of (say) Transmeta, or FPGAs."

That's not "a fine and wavering line", at all. That's firmware, a third category.

"Or even software working around hardware issues -- e.g. the kernel patch for the Intel F00F bug."

That's moving the goalposts. It's a different subject from the one under discussion.

"Maybe you shouldn't try to sound so authoritative about stuff. Nobody knows everything, and, unless you do, acting as an Authority is dumb."

Since it is in the general field in which I make my living, I think I had the general qualifications to reply to GP.

The point here, which you seem to have missed, is: properly written software can make hardware (or even firmware) "back doors" irrelevant, unless your hardware has a complete second voice channel connected to the microphone that it's sending its data through. And I think it's pretty damned obvious that cell phone carriers aren't assigning 2 separate voice channels in realtime to U.S. cell phones.

Look up RedPhone. Go ahead, look it up.

Re:That's dumb. (0)

Anonymous Coward | about 4 months ago | (#46679079)

No, it's not "firmware." Not even a little. The fact that *you* think it is shows how little you truly understand hardware. I suggest you go talk with a EE and get a clearer picture of how things actually work. Especially pertaining to Transmeta *and* FPGAs, where both change the microcode.

"Moving the goalposts." How? We "fixed" a hardware issue with a software patch. That's not moving anything. Though clearly, your brain refuses to accept a reality that doesn't agree with your view of it.

Since this isn't the general field in which I make my living -- it *IS* the field in which I make my living, including years as a telecom engineer and Fortune 500 companies, and over 20 years of embedded experience -- I call BS.

I didn't miss anything. You made a flat statement that was wrong. I corrected you. Grow up, and own up. Though it's clear you can't do either.

Re:That's dumb. (1)

Jane Q. Public (1010737) | about 3 months ago | (#46688123)

" Especially pertaining to Transmeta *and* FPGA"

Pardon me. In those particular instances,, I was wrong. Those are not firmware. BUT... and here is the main thing... that is completely irrelevant to the discussion that was taking place.

There are 2 points that are relevant here:

First, you took my comment out of context, and then called it dumb. Well, guess what? Lots of things are dumb when taken out of context. The context was: GP said "back doors" in cell phone conversations (that is the context) are in hardware (GP's comment). I said no, it isn't. If you want to argue about something else, you're going to have to argue with yourself.

The second point, related to the first, is: you didn't make any specific arguments against what I said, instead you just called it dumb. That's called an "ad-hominem", and in any kind of logical debate not only does it carry no weight, it can get you kicked out.

It might have been appropriate to ask me how I knew the back doors (if any) are not in hardware. But you didn't do that.

I have news for you: you aren't always the smartest person in the room. But more to the point: even if you are the smartest person in the room, there might be somebody there who knows something you don't.

So be careful about calling people stupid, lest you end up looking stupid.

I would have explained to you how I knew that back doors in cell phones aren't in hardware, if you had only asked politely. But since you didn't, I'm not going to bother.

P.S. (0)

Anonymous Coward | about 4 months ago | (#46680675)

Any time you want to go to the mat on phones, you just let me know. Embedded systems, Linux, Android, POTS, VoIP (SIP and MGCP spoken here -- likewise RTP and RTSP), T1, BRI/PRI, ATM/SONET -- I'm there for you. We can even talk cell backend networks and equipment, too, if you'd like -- so happens my wife covers that side of the playing field. And my best man designed class 5 switches pretty much from the ground up until he got promoted to VP of a billion-dollar telecom/networking company -- I got to call the damn manufacturer when I found a bug on the switch my home phone went through; fastest patch ever. (The VP of software development was *also* at my wedding. Handy, that.)

But, really, what I'm saying here is that you appear to be just smart enough to *think* you know what you're talking about -- and more than willing to spout off -- when, in actuality, you don't. If you just stopped being so damn certain, and, instead, allowed that you might not know everything, folks would like you an awful lot more.

Really.

P.P.S. I still don't know everything -- not by a far sight. But I know what I know -- and I know what I don't. And I know where the line lies. Indeed, when hiring, one of the things I look for is a candidate who's willing to acknowledge that they *don't* know something. Because someone who's convinced they know everything is someone I don't want on my team.

Re:"Secure service"? (1)

fustakrakich (1673220) | about 4 months ago | (#46674067)

I didn't know I needed to specify every little piece of the service, which, to me, encompasses the phone, software, the bank through which you pay the bill... Once anybody receives "the letter", all your communications are up for grabs. These guys are selling snake oil. Trust is not an option.

Re:"Secure service"? (1)

AmiMoJo (196126) | about 4 months ago | (#46672445)

Um... Are you replying to the right person?

Re:"Secure service"? (1)

fustakrakich (1673220) | about 4 months ago | (#46671037)

hope... not how... hope

Thank you in advanced

'Modified' (1)

glasshole (3569269) | about 4 months ago | (#46670731)

$3500 is a lot to spend on software

Re:'Modified' (3, Interesting)

fuzzyfuzzyfungus (1223518) | about 4 months ago | (#46670895)

$3500 is a lot to spend on software

$350 million (not counting the cost of the S3s or whatever is included in the '2 years of service') to harden one of the mobile tracking and advertising OSes into something actually secure probably isn't wildly out of the ballpark (and probably far less than a proper actually-verified-with-proofs-and-stuff Secure System OS of that complexity).

On the other hand, I would be shocked, shocked to hear that their security claims are...inflated... and there's a good deal of profit margin in there.

Re:'Modified' (1)

K. S. Kyosuke (729550) | about 4 months ago | (#46671245)

And why is this a better idea than simply building a simple secure phone?

Re:'Modified' (2)

fuzzyfuzzyfungus (1223518) | about 4 months ago | (#46671347)

Probably so that people can use the Android compatibility to load it up with privacy compromising shit. Real answer? I have no reason to think that it is, except possibly for the outfit undertaking it, who can take advantage of the fact that getting phones that are ready to run basically any Android you want, off the shelf, in quantities starting at one, is cheap and easy, while other approaches are likely to be at very least more difficult (the state of graphics drivers, say, for non-Android graphics systems is pretty dire in ARM SoC land, and you can't even fall back to VGA mode like a PC.) And if you feel like dragging something smaller than an entire Linux distribution along, (bionic or libc) prepare to enjoy the...robust ecosystem... of board support for more obscure OSes that aren't deeply proprietary.

So, fully agreed that starting with a screaming heap of complexity whose development cycle has been driven largely by competitive pressures and which runs on hardware platforms generally larded with proprietary blobs and then trying to bolt on some security and privacy is the painfully wrong way to do it. However, if you want a half-assed cash-in at relatively low risk, released quickly enough to beat any competitors to the punch, and hit the market while Snowden is still hot news, 'cook an Android ROM with some of the obviously fucked stuff removed, ship.' is an eminently logical plan, if perhaps a rather cynical one.

Re:'Modified' (1)

K. S. Kyosuke (729550) | about 4 months ago | (#46671489)

If I were to design a secure communicator, I'd personally start with Forth on some nice 32b MCU. But that's just me, I'm weird.

Re:'Modified' (1)

fuzzyfuzzyfungus (1223518) | about 4 months ago | (#46671653)

Do 32bit micros have enough punch for handling a TLS-ed SIP call or the like these days? I must admit I have only the vaguest sense of their capabilities, though they would otherwise be perfectly capable of handling audio in/out, enough screen, keypad, serial link to cell modem (at least some of which still rock a very, very, extended Hayes command set, after all this time...)

Re:'Modified' (1)

K. S. Kyosuke (729550) | about 4 months ago | (#46671853)

Well, a humble PIC32 has something like 300 MIPS these days. According to Microchip, you can do 1+ MB/s with that. [microchip.com] And with voice codecs, the bit rate is fairly low. That should be more than enough for a single-(or perhaps dual-)purpose communication device (voice and text).

No mention of... (2)

Gerald (9696) | about 4 months ago | (#46670775)

...Blackphone [blackphone.ch] ?

Re:No mention of... (0)

Anonymous Coward | about 4 months ago | (#46670957)

...or Neo900 [neo900.org] ?

Re:No mention of... (1)

Tanaka (37812) | about 4 months ago | (#46671311)

Ha ha... the Blackphone is a company with a US presence. How do we know this phone hasn't already been NSA 'approved'?

Re:No mention of... (1)

Anonymous Coward | about 4 months ago | (#46671475)

How do you know the cryptophone hasn't? Unless they're 100% open source hardware and software, there's no way to know how secure they are.

Re:No mention of... (1)

The123king (2395060) | about 4 months ago | (#46672293)

At $3500 a pop, i'm sure the NSA is likely the one's who've bought the majority of the "100,000+" sold.

Re:No mention of... (1)

CauseBy (3029989) | about 4 months ago | (#46672457)

/shrug/ How do you claim to know anything at all?

Re:No mention of... (1)

Gerald (9696) | about 4 months ago | (#46672597)

How do we know this phone hasn't already been NSA 'approved'?

We don't, at least not with 100% certainty. I would think this applies to products from companies based outside the U.S. as well [nytimes.com] . Foreign intelligence is the NSA's primary mission, after all.

However, given that Blackphone was founded by a team from Silent Circle and Geeksphone chances are pretty good that the product works as advertised.

Re:No mention of... (1)

flyingfsck (986395) | about 4 months ago | (#46673851)

If the export requires an export license, then you can be sure that: a) The NSA will modify it before it gets to the user or b) It is so bad that the NSA can't be bothered to modify it.

Noticed that also. (1)

Burz (138833) | about 4 months ago | (#46674401)

Slashdot seems to be asleep when it comes to new security products, especially when its a Phil Zimmerman venture and the phone only costs about what an iPhone does.

You can still buy one? (3)

Opportunist (166417) | about 4 months ago | (#46670795)

Then rest assured that governments know how to get into them. Else we'd have seen some kind of harebrained reason why these phones can no longer be bought and used.

Re:You can still buy one? (3, Insightful)

Anonymous Coward | about 4 months ago | (#46671123)

Then rest assured that governments know how to get into them. Else we'd have seen some kind of harebrained reason why these phones can no longer be bought and used.

They just need to track who communicates with whom. The content is not relevant.

Re:You can still buy one? (0)

Anonymous Coward | about 4 months ago | (#46671327)

For industry espionage the content is relevant.

Re:You can still buy one? (3, Informative)

Anonymous Coward | about 4 months ago | (#46671499)

Then rest assured that governments know how to get into them. Else we'd have seen some kind of harebrained reason why these phones can no longer be bought and used.

I don't quite follow the reasoning going from sentence 1 to conclusion at 2. Germany is not really cowboy land. The very reason it is based in Germany is because of the privacy laws there. It's actually illegal for them to build in a backdoor. Merkel should buy one :)

When the cryptophone was at its first version, the first thing they did was to organise a hackaton for hacker friends to try to find bugs. At that time everyone could just download the software themselves, and it still is available for review: http://www.cryptophone.de/en/b... [cryptophone.de]

Before judging too quickly, maybe check some facts about Germany's laws. Disclaimer: i knew the company back in 2003, and i know its founders personally.

From Germany. (1)

Tanaka (37812) | about 4 months ago | (#46670807)

At least it's not from a US company. There is another phone like this, and it's from a US based company. And I'm thinking... yeah right, NSA honey trap.

We need secure software. We cant trust hardware at all, unless it's for a single purpose, with a verifiable protocol. The Bitcoin community are coming up with some great solutions, which will help.

Re:From Germany. (2)

spirit_fingers (777604) | about 4 months ago | (#46671325)

At least it's not from a US company. There is another phone like this, and it's from a US based company. And I'm thinking... yeah right, NSA honey trap.

We need secure software. We cant trust hardware at all, unless it's for a single purpose, with a verifiable protocol. The Bitcoin community are coming up with some great solutions, which will help.

It's an obvious strategy for a Honey Trap. What's not so obvious is whose Honey Trap it might be. Maybe it's the NSA, but it could just as easily be Russia's SVR or Israel's Mossad or China's MSS.

Re:From Germany. (2)

wiredlogic (135348) | about 4 months ago | (#46671355)

You deal realize that the GSM crypto was intentionality weakened at the request of EU intelligence services. The NSA had no role in making it weak.

Re:From Germany. (0)

Anonymous Coward | about 4 months ago | (#46675579)

It wasn't the EU services ... it was the UK (British) services:

I saw another little piece of interesting miscellany which was that the GSM digital encryption, which is of course so common for cell phones, was deliberately crippled from the beginning. Its team of designers wanted to use 128-bit keys. And it was backlash from the British government back in the early '80s that wanted to be able to crack it for surveillance purposes. So they wanted it, again, they wanted it to be good enough that individuals couldn't afford to crack it, but easy enough that they could. West Germany, on the other hand, wanted strong keys to keep East Germany from snooping. So there was a bunch of back-and-forth. And the key length was first cut in half, from 128 bits to 64. But still that was felt by the governments to be too strong. So under, as I understand it, pressure from the British government, and we talked about this once a long time ago because I remember mentioning this bizarre fact, the last 10 bits of the key are always set to zero.

from here [grc.com]

Re:From Germany. (1)

Anonymous Coward | about 4 months ago | (#46671447)

How do you know the German company isn't a honeytrap?

One word... (1)

Anonymous Coward | about 4 months ago | (#46670923)

I've said it before on the topic and I'll say it again. One word: Honeypot.

I laugh hysterically at people who fork over thousands of dollars to admit they have something to hide and lead the watchers right to them.

Re:One word... (0)

Anonymous Coward | about 4 months ago | (#46674083)

As opposed to the watchers who collect everyone's communications? I don't know what evidence, if any, you have, but real life isn't like one of those silly spy novels where the government just lies in wait for people to use encryption and then magically breaks it and harasses them.

Trap? (0)

Anonymous Coward | about 4 months ago | (#46671045)

Sounds like a perfect trap to find out terrorists.

Meh (0)

Anonymous Coward | about 4 months ago | (#46671097)

So it's basically encrypted VoIP and not GSM calls

I can do this with any mobile.

Phone tracking (0)

Anonymous Coward | about 4 months ago | (#46671111)

How is it a phone if the carriers don't know where it is? They can't let you know when someone calls you that way.... I suspect the tracking is not disabled.

I should note that its not impossible to make some improvement in this area: there is no reason the carrier has to know which phone is which, and when you have internet from another source you don't have to connect to the cell network. When you connect you could generate a new unique ID that they couldn't associate with you, and have a third party (which you have an account with, but does not have access to the carrier's tracking info) handle billing for your pseudorandom ID (They could decrypt the ID, and map the billing to your account, and pay the carrier for your bandwidth). In general, this leaks lots of metadata still, but its a major improvement over the current way things work.

However, I bet this phone does not go nearly that far: I bet its basically useless and the carrier still knows who is where and the government can compel them to log it and hand that over.

Nowhere to hide (1)

spirit_fingers (777604) | about 4 months ago | (#46671265)

It would be naïve to think that with all of the massive crytographic resources at their disposal, the NSA can't hack into this phone's communications at the push of a button.

legit crypto phones are a legit as meth (0)

Anonymous Coward | about 4 months ago | (#46671271)

You can buy both online worry free delivered to your doorstep.

The problem... (1)

ameline (771895) | about 4 months ago | (#46671647)

With something like RedPhone is that there are multiple CPUs on the phone -- in particular, the base-band is a full ARM chip with complete access to all ram on the device. And the software running there is almost never under the users control. So it doesn't matter how good red-phone is -- if it ever leaks *any* plaintext or key bits out to ram, or across any wires outside the cpu it's running on, the baseband chip and the software running on it can wiretap you. And even if those things never leak off the main cpu die, the baseband can probably inject processes/instructions into that main chip's address space that would steal those critical key bits.

Unless you have control over *all* the firmware running on *all* the processors in a phone, I wouldn't trust it any farther than I can comfortably spit out a rat.

(and this is not accounting for hardware tricks -- I think you cannot trust your communications are secure unless you trust everyone involved in its design, manufacture and programming (including the compiler and related toolchain, and its compiler and toolchain -- and so on ad-infinitum) -- and that is probably a *very* sizable list indeed -- the odds that some lettered agency (looking at *you* cse/csis, nsa, gchq, fsb, etc) have not corrupted *someone* on that large list are so small that only god/fsm could tell the difference between it and 0.)

Re:The problem... (1)

Pinky's Brain (1158667) | about 4 months ago | (#46672435)

The use of dual port memory shows just how deeply the NSA has penetrated into the industry ... lets open a huge security hole and put a huge amount of unnecessary load on the widest/fastest bus in the phone and lets tell them we need to do this for performance ... when fucking wlan can easily be put over one relatively slow LVDS pair let alone 4g.

Re:The problem... (2)

jonwil (467024) | about 4 months ago | (#46672955)

There ARE phones out there that dont give the baseband processor and other hidden CPUs access to the main RAM. The Neo900 for example doesn't give the cellular radio module ANY access to the main ARM CPU or its RAM. In fact, design of Neo900 means that only the Linux software running on the main ARM CPU can touch the main RAM. And there is no reason you cant run 100% FOSS stack on that CPU.

So if your stuff is encrypted by software on the main CPU, any backdoors in the baseband or SIM or whatever have no way to compromise that.

only really secure communication (3, Insightful)

Max_W (812974) | about 4 months ago | (#46671667)

Go to the stadium in shorts and t-shirt, freshly washed (and dried indoors). Wear new style running shoes with very thin sole, as recommended in Scott Jurek's "Eat and run".

Talk while walking via woods or a park, among trees.

Not phone, no watch, no camera, no heavy clothing.

And speak quietly anyway. Still it does not guarantee privacy.

All other talk or messaging are public. It is a new brave world where there are no secrets.

Re:only really secure communication (2)

The123king (2395060) | about 4 months ago | (#46672325)

That's why if you want to do any serious terrorist plotting or organised crime, you do what the KGB has started doing, and that is going back to pen and paper (and typewriters). If it's not electronic, it can't be easily tapped or hacked.

Re:only really secure communication (1)

Anonymous Coward | about 4 months ago | (#46672561)

If you want to succeed at any serious stuff you work alone. Any conspirator is a potential exploit mechanism no matter the comms channel. And if you absolutely have to have a conspirator (and accept the risk of compromise) you'd better make sure it's someone you don't have to communicate with remotely - like a brother. I'm looking at you, Tsarnaev...

Re:only really secure communication (1)

CauseBy (3029989) | about 4 months ago | (#46672469)

Among trees? You obviously have never read 1984.

Re:only really secure communication (0)

Anonymous Coward | about 4 months ago | (#46672701)

http://www.dailymail.co.uk/debate/article-2088911/The-Moscow-spy-rock-Johnny-English-James-Bond.html Better not talk near any rocks, for that matter....

Re:only really secure communication (1)

Neredera (1170095) | about 4 months ago | (#46678861)

Go to the stadium in shorts and t-shirt, freshly washed (and dried indoors).

Bad Idea:

[...] All the operator has to do is pinpoint a spot on the court or field using the screen, and the Audioscope works out how far that spot is from each of the mics, corrects for delay and then synchronizes the audio from all 315 of them. The result is a microphone that can pick out the pop of a bubblegum bubble in the middle of a basketball game..."

http://hardware.slashdot.org/s... [slashdot.org]

Security for the 99% (0)

Anonymous Coward | about 4 months ago | (#46672147)

Just get a VPN provider outside the US (countries hostile towards the US are good for this), and push all your traffic through your VPN, and use IP for everything, along with RedPhone and TextSecure. Also enable whole-phone encryption and autodestruct for N incorrect unlock attempts.

lolz (0)

Anonymous Coward | about 4 months ago | (#46672365)

you are always posting for vpns...they are all 100% pwned....and viewable by spy agencies...are you there at this 3rd party to verify anything?

NO...oh your a trustable sort....

and as yoda said..."it is why you fail"

Re:lolz (0)

Anonymous Coward | about 4 months ago | (#46674113)

Nothing is 100% secure. Nothing. What alternatives do you propose, other than unjustifiably mocking those who merely seek to protect themselves or others?

The NSA probably know who most the users are... (1)

The123king (2395060) | about 4 months ago | (#46672305)

At $3500 a pop, I expect it's the NSA (or another 3-4 letter agency) who've bought most of these phones.

Re:The NSA probably know who most the users are... (1)

fustakrakich (1673220) | about 4 months ago | (#46674125)

3,500 is a nice number to trigger an IRS reporting requirement. What could possibly be better for your privacy?

Use crypto, become a suspect. (1)

Anonymous Coward | about 4 months ago | (#46672307)

While the vast majority of people do not use cryptography on all their communications those who do will be noticed and put under greater scrutiny therefore in being proactive they have made themselves a target protected only by the assumption that the technology they are employing does not contained flaws know to those who wish to monitor them, a very foolish assumption.

Showden el al have done the NSA (and similar organisations in every other government) a favour by motivating targets to "break cover" while not actually providing them with any real protection. Even if I can't break your shine new phone protecting now I can still put an old school bug in your physical location now that I know I need to target you. Or arrange for you to acquire an attractive new friend with a lot if common interests etc. Old school methods become efficient on a large scale if the targets do you the favour of identifying themselves because your efforts can be much more focused.

 

Re:Use crypto, become a suspect. (1)

Pinky's Brain (1158667) | about 4 months ago | (#46672481)

Is there no stegonagraphy chat app using instagram yet? Obsessive selfie taking seems like a good cover.

Redphone / Avast! (0)

Anonymous Coward | about 4 months ago | (#46672547)

Do RedPhone and Avast! Anti-theft play nicely together yet? Last time I tried Avast! Anti-theft claimed it wouldn't work because RedPhone claimed priority over SMSes. I would have thought there ought to be some method of Anti-theft still getting the SMS after RedPhone decides it's not for it.

Software stack for encrypted comm? (1)

buybuydandavis (644487) | about 4 months ago | (#46672833)

Isn't there a software stack for encrypted comm?

Re:Software stack for encrypted comm? (0)

Anonymous Coward | about 4 months ago | (#46674331)

Isn't there a software stack for encrypted comm?

www.nsa-fix.com

Back to basics (0)

Anonymous Coward | about 4 months ago | (#46673459)

I think I'll stick with fishing line and tin cups.

Bluetooth (0)

Anonymous Coward | about 4 months ago | (#46674161)

I still want to make a bluetooth end-to-end encryption device- connects to the phone as a headset and connects to a headset as a phone and does a modem functionality to exchange public keys and set up the call. Unfortunately some carriers have clauses saying you can't send data as analog.

Not really (0)

Anonymous Coward | about 4 months ago | (#46681403)

Wouldn't it be counter productive for the folks using a secure phone? I mean, currently, the NSA or whoever wants to snoop has to snoop on EVERY call, use some filtering logic to flag a few million calls, analyze these calls to see which are actually malicious and then narrow down on the culprits.

If people start using a secure phone or secure calls, the problem becomes much simpler since now all the agency needs is a list of people who are using this. There are other methods of surveillance than snooping on phone calls and using such phones or software will just result in the search space becoming smaller making it that much easier to narrow down on the list of "suspects".

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...