New "Surveillance-Proof" App To Secure Communications Has Governments Nervous
This week, after more than two years of preparation, the finished product has hit the market. Named Silent Circle, it is in essence a series of applications that can be used on a mobile device to encrypt communications—text messages, plus voice and video calls. Currently, apps for the iPhone and iPad are available, with versions for Windows, Galaxy, Nexus, and Android in the works. An email service is also soon scheduled to launch.
The encryption is peer to peer, which means that Silent Circle doesn’t centrally hold a key that can be used to decrypt people’s messages or phone calls. Each phone generates a unique key every time a call is made, then deletes it straight after the call finishes. When sending text messages or images, there is even a “burn” function, which allows you to set a time limit on anything you send to another Silent Circle user—a bit like how “this tape will self destruct” goes down in Mission: Impossible, but without the smoke or fire.
Silent Circle began as an idea Janke had after spending 12 years working for the U.S. military and later as a security contractor. When traveling overseas, he realized that there was no easy-to-use, trustworthy encrypted communications provider available to keep in touch with family back home. Cellphone calls, text messages, and emails sent over the likes of Hotmail and Gmail can just be “pulled right out of the air,” according to Janke, and he didn’t think the few commercial services offering encryption—like Skype and Hushmail—were secure enough. He was also made uneasy by reports about increased government snooping on communications. “It offended what I thought were my God-given rights—to be able to have a free conversation,” Janke says. “And so I began on this quest to find something to solve it.”
Janke assembled what he calls an “all-star team”: Phil Zimmerman, a recent inductee to the Internet’s Hall of Fame, who in 1991 invented PGP encryption, still considered the standard for email security. Jon Callas, the man behind Apple’s whole-disk encryption (which is used to secure hard drives in Macs across the world), became Silent Circle’s chief technology officer. Other employees were top engineers and ex-special-forces communications experts based in England, Latvia, and Germany. Together, they designed their own software, created a new encryption protocol called SCimp, registered their company offshore and outside U.S. jurisdiction, then built up their own network in Canada. (They eventually plan to expand to Switzerland and Hong Kong.)
Though many encryption options already exist, they are often difficult to use, which is a barrier for those without the skills, patience, or time to learn. Silent Circle helps remove these hurdles. As a result, organizations that have a real need for secure communications but have maybe not understood how to implement them are coming forward and expressing interest in Silent Circle.
Janke says he’s already sold the technology worldwide to nine news outlets, presumably keen to help protect their journalists’ and sources’ safety through encryption. (ProPublica, for one, confirmed it’s had “preliminary discussions” with Silent Circle.) A major multinational company has already ordered 18,000 subscriptions for its staff, and a couple of A-list actors, including one Oscar winner, have been testing the beta version. The basic secure phone service plan will cost $20 a month per person, though Janke says a number of human rights groups and NGOs will be provided with the service for free.
The company has also attracted attention from 23 special operations units, intelligence agencies, and law enforcement departments in nine countries that are interested in using Silent Circle to protect the communications of their own employees—particularly on the personal devices that they use at home or bring to work. Some of these same agencies, perhaps unsurprisingly, have contacted Janke and his team with concerns about how the technology might be used by bad guys. Because Silent Circle is available to just about anyone, Janke accepts there is a real risk that a minority of users could abuse it for criminal purposes. But he argues you could say the same thing about baseball bats and says if the company is ever made aware someone is using the application for “bad illegal things”—he cites an example of a terrorist plotting a bomb attack—it reserves the right to shut off that person’s service and will do so “in seven seconds.”
Read the rest of the article here: slate.com