The Silent Phone App:
Courtesy of Silent Circle CEO Mike Janke
Back in October,
the start up tech firm Silent Circle ruffled governments’ feathers with a
“surveillance-proof” smartphone app to allow people to make secure phone calls
and send texts easily. Now, the company is pushing things even further—with a
groundbreaking encrypted data transfer app that will enable people to send
files securely from a smartphone or tablet at the touch of a button.
(For now, it’s just being released for iPhones and iPads, though Android
versions should come soon.) That means photographs, videos, spread sheets, you
name it—sent scrambled from one person to another in a matter of seconds.
The technology uses
a sophisticated peer-to-peer encryption technique that allows users to send
encrypted files of up to 60 megabytes through a “Silent Text” app. The sender
of the file can set it on a timer so that it will automatically “burn”—deleting
it from both devices after a set period of, say, seven minutes. Until now,
sending encrypted documents has been frustratingly difficult for anyone who
isn’t a sophisticated technology user, requiring knowledge of how to use and
install various kinds of specialist software. What Silent Circle has done is to
remove these hurdles, essentially democratizing encryption. It’s a game-changer
that will almost certainly make life easier and safer for journalists,
dissidents, diplomats, and companies trying to evade state surveillance or
corporate espionage.
Governments pushing for more snooping
powers, however, will not be pleased.
By design, Silent
Circle’s server infrastructure stores minimal information about its users. The
company, which is headquartered in Washington, D.C., doesn’t retain metadata
(such as times and dates calls are made using Silent Circle), and IP server
logs showing who is visiting the Silent Circle website are currently held for
only seven days. The same privacy-by-design approach will be adopted to protect
the security of users’ encrypted files. When a user sends a picture or
document, it will be encrypted, digitally “shredded” into thousands of pieces,
and temporarily stored in a “Secure Cloud Broker” until it is transmitted to
the recipient. Silent Circle, which charges $20 a month for its service, has no
way of accessing the encrypted files because the “key” to open them is held on
the users’ devices and then deleted after it has been used to open the files.
Janke has also committed to making the source code of the new technology
available publicly “as fast as we can,” which means its security can be
independently audited by researchers.
The cryptographers
behind this innovation may be the only ones who could have pulled it off. The
team includes Phil Zimmermann, the creator of PGP encryption, which is still considered
the standard for email security; Jon Callas, the man behind Apple’s whole-disk
encryption, which is used to secure hard drives in Macs across the world; and
Vincent Moscaritolo, a top cryptographic engineer who previously worked on PGP
and for Apple. Together, their combined skills and expertise are setting new
standards—with the results already being put to good use.
The new Silent Circle encrypted data transfer capability hit the Apple’s App Store last month.
No comments:
Post a Comment