Zimmermann's Silent Circle Now Live 127
e065c8515d206cb0e190 writes "Several websites have announced the launch of Silent Circle, PGP's founder Phil Zimmermann's new suite of tools for the paranoid. After a first day glitch with a late approval of their iOS app, the website seems to now accept subscriptions. Have any slashdotters subscribed? What does SilentCircle provide that previous applications didn't have?"
Re:Now, with centralized user tracking! (Score:5, Interesting)
Re:Phil Zimmerman is ok in my book (Score:5, Interesting)
Exactly. My reason to believe SilentCircle is in good faith is Zimmerman's history fighting for privacy. It doesn't mean I would trust that service. But I guess it gives some hope that people are going to become more aware of privacy issues in general.
Which is why I was ambivalent about this and came to get
Timely Idea, but Do It Yourself? (Score:4, Interesting)
It seems to me that if you can start with an untraceable e-mail address and consistent use of Tor, you should be on the way to building up an on-line profile that's recognizable, useful, and fairly disconnected from real life.
I'm not naive enough to think that anything I could do would be 100% safe or secure, but surely you can keep most of the prying eyes away from you.
Re:Now, with centralized user tracking! (Score:5, Interesting)
Re:Now, with centralized user tracking! (Score:5, Interesting)
Even so, with Zimmerman's involvement I tend more to a "trust" relationship than an "untrusted" one. Zimmerman is on my whitelist.
That's funny, because I almost feel the complete opposite way. I really want to trust Zimmerman, but I can't make myself do it. Part of it is keeping his work closed source, which is extra scary when talking about cryptography. Being asked to trust a security solution that you can't examine is insane.
But part of it also comes from his past. He went against the wishes of the US government and won. In my experience, that just doesn't happen... ever. The fact that he's still working in cryptography and not in some hole somewhere makes me think he's playing ball with the government. It at least raises doubts, which cannot be alleviated by reviewing the source code.
Or maybe I'm just paranoid. But cryptography is the plaything of the paranoid, and relying on the paranoid to just trust you seems a little off.
I believe him (Score:2, Interesting)
Re:Now, with centralized user tracking! (Score:3, Interesting)
From Silent Circle's CEO:
We are putting our products out open source. CALEA does not apply to us -we are a VOIP and software company. If Canada -US-UK Governments try to regulate VOIP -we will move to where we can provide it to the world. We do not have the ability to track individual user logs nor calls. We hold aggregate server IP logs for 7 days - we are working hard to get it down to 24 hours. The data we do have is:
*Authentication information — your user name and hashed password. We hash passwords with a twelve-character random salt and 20,000 iterations of HMAC-SHA256 via PBKDF2.
*Your contact email address.
*Your Silent Phone number that we issue you...
That's it. No more no less..We use ZRTP and PGP encryption. Phil created both. Jon created PGP universal and Apple's Whole Disk encryption.They have been open, peer reviewed and tested for 10-20 years. Phil, Jon Callas and Vincent Moscaritolo ( Top crypto engineer at PGP, Apple and Symantec) created our new Instant Messaging encryption called SCimp....it's being released worldwide for audit and review in a few days...we too believe in open source. We will put our products out open source. We are paranoid. We are on the firing line. There are lots of organizations who do not want us doing what we are doing. We want to push back. We worry about CALEA being highjacked again. We do Peer to peer, device to device encryption. We dont like survellience. we believe every worldwide citizen has the right to private comms. We dont like Huawei or the Chinese Government putting holes in the silicon. They dont like Silent Circle. So its a fair fight.
Our silent network is how we can do clear, very low latency Mobile video and voice on 3G, 4G, edge, and wifi- completely encrypted. Without our custom built network- customers would have poor comms- as is the case with modern day VOIP. We wanted better. We did better. Its not perfect, but we are trying hard to make it the best out there. We don't have the keys to your voice, video, text and data- you do. True security is up to the user. We only secure your comms.
We are not perfect. We are swimming as fast as we can to launch Android, our Secure PSTN calling plan, Windows 8 version and some new products in 2013... We will make mistakes. We don't stop traffic analysis. We don't secure the device. We don't peddle "military grade encryption" or snake oil VPN systems and we are not for everyone...we deserve scrutiny, skepticism, and questioning. We want to do this right. Phil has been fighting for this chance for 23 years.