Encrypted Cell Phone Hits the Market 266
notshannon writes "Reuters
reports
about a new cell phone which automatically
encrypts communications. Of course, the
matching handset will decrypt the message.
Security doesn't come cheap, around $4000
per pair, but it's probably as reliable as anyone
in these parts could wish. Favorite quote:
'We allow everyone to check the security for themselves, because we're the only ones who publish the source code,' said Rop Gonggrijp at Amsterdam-based NAH6.
Amusingly, the article cites government.nl and not
nsa.gov as the world's most prolific phone tapper."
Limited Use? (Score:4, Insightful)
I mean if it only encrypts for other cellphones of it's type on it's network the usability is rather limited.
You might as well use encrypted walkie talkies, it's not too different when you think about it.
Why not sooner? (Score:4, Insightful)
US most prolific phone tapper? (Score:4, Insightful)
*yawn* so what? (Score:3, Insightful)
Ok... let's say you're not happy with the encryption. This product will have use in every part of the world *except* the US because, I believe, encrypted voice transmission is illegal. Heck, there have even been home cordless phones available for years that would encrypt only between the handset and the base station... and you're not allowed to have them in the US for that same restriction.
So... either you're going to spend a lot of money to gain encrypted communication that you could more cheaply acquire with other technologies, or you won't be allowed to use it (in the US) without giving the government a backdoor to listen in. For $4K? Forget it.
What about GSM? (Score:3, Insightful)
How long until that happens with these technologies? I'd hope a long time, for $4000/pair.
How will you verify keys? (Score:5, Insightful)
The good news is that if people really understood crypto, key exchange would be easy. You meet in person, establish a bluetooth link, swap public keys and verify fingerprints.
The bad news is that nobody will do this, or the phone won't support it (article didn't say how key exchange happens)
So when Joe calls and it says "incoming encrypted call" are you going to answer it because you know and like Joe, even though you've never exchanged keys with him?
Key exchange can't be done through a trusted third party (except the company you work for) because there is no trusted third party. Even if you trust Bob, and he trusts Mary, you don't know where their dirty phones have been.
If your work is the trusted third party, they'll probably hold copies of your private keys so calls can be monitored later if needed. (Hopefully the phone ethier allows you to generate a new key whenever you want, or doesn't allow exporting of it's private key. Hopefully both)
Don't get me wrong, I want one. Real bad, but not $4k bad, not to test out someones (probably flawed) cryptosystem.
Even if they understand crypto and got it right, the user still has to understand it to make it all work.
If I had about 10 of these I'd give one to each of my friends and make sure they only accept encrypted calls from known keys. I'd also make the screen light up in red or green or something to show it's an encrypted call.
Then we could talk about Joe behind his back, with no chance of interception from governments.
So yeah, anyone got a real use for these?
"targeted at business executives" (Score:2, Insightful)
Don't get me wrong, I think personal privacy is very
important (for individuals as well as 'executives'), however
I think this technology is just begging to be abused.
just my 2 cents...
Terrorists? Give it a rest. (Score:2, Insightful)
Look.. law enforcement snoops on phones because they can, not because from day 1 it was required by law to let them. Yes, there are rules in the US and elsewhre that require companies to make it easier for law enforcement to snoop.. but still.
Just because some form of communication exists does NOT mean you need to make it's contents available to the government upon request.
You have the RIGHT to encrypt your communications, and keep them private, as do terrorists.
I think maybe you are a troll, though.
Re:Responsibility (Score:3, Insightful)
For instance, have the manufacturers considered the applications for which terrorists might use these?
Terrorists tend to use more secure methods, like meeting out in the middle of nowhere and talking face to face.
Re:Their concerns about Windows (from the FAQ) (Score:2, Insightful)
Re:NSA vs. the Dutch (Score:4, Insightful)
I often hear claims about nefarious activity by NSA, but considering the level of security, I am rather dubious of these claims because it leads to the question of how people broke NSA security enough to find out about this stuff.
If you want industrial espionage, check the French. Air France was discovered to have bugged every seat in first class on every flight for the French security agency. Why first class? Industrial espionage seems an obvious reason, although again, how would you know.
The government doesn't have time to spy on ordinary citizens. Unless it is doing a criminal investigation or a national security (i.e. counter-intelligence/counter-terrorism) case, it isn't going to pay attention to you.
If the rumored key phrase sniffers are out there, then they no doubt have listened to a few of mine and lots of other conversations, just to be annoyed at the waste of time.
Oh, and NSA is allowed to operate inside the US. It is the agency responsible for communications security for the US military, and as such monitors US military communications in the US in addition to providing secure systems.
Many years ago, when I was a radio operator in P-3 Orions, another radio operator in my squadron sent a false MAYDAY as if he were a ship (not aircraft) in distress. A few days later he was in the brig. Can you say "signature analysis" and "broadband recorders"? This was in the late '60s, btw, so you can imagine what sort of technology was used to be able to go back to an arbitrary frequency, pull out the false MAYDAY, and subject it to signal analysis.
The same technique is almost certainly how the KAL-007 shootdown was recorded. Basically, at least in the past and no doubt now, NSA records and archives a whole lot of spectrum in a whole lot of places.