Feeds

PGP founder's mobile privacy app goes live

Zimmermann & Navy SEAL pals unveil safe comms, at $20 a month

Seven Steps to Software Security

Updated Silent Circle, the secure mobile communications app backed by Phil Zimmermann, has gone live - offering protection from all but the most determined of government departments.

Silent Circle comprises a handful of iOS/Android/PC apps facilitating secure phone calls, text messaging and video calling, with secure email promised soon, all presented through an idiot-friendly interface aimed at corporate executives and international journalists rather than local freedom fighters who might find $20 a month a bit rich.

We discussed the product at length in June, and it hasn't changed significantly since then. Communication between Silent Circle subscribers is entirely secure, while calls made outside the Circle are secured to the edge (which is in Canada or Switzerland) and then enter the unsecure public networks, Secure Circle is also registered outside the USA to avoid lawful-intercept requirements.

Cryptography is very rarely broken, publicly-scrutinised algorithms such as those used by Silent Circle require enormous resources to crack, beyond the reach of all but the most determined government. Secure networks are generally broken through poor implementations or badly-designed systems around the cryptography.

A good example is Cryptocat, a web-based tool for secure communications which was lauded by Wired and the Wall Street Journal before analysts started pointing out that storing crypto* on a web server is inherently risky, as one's security is entirely dependent on the sanctity of that public-facing server.

Complete security is, of course, impossible, and given most of us couldn't spot a Chinese remainder theorem if it hit us in the face, we're required to place our trust in experts or the companies they endorse. Having been largely responsible for PGP, the crypto which got the US government so upset, Zimmermann is a brand most geeks will trust. Silent Circle will be hoping those geeks can convince their corporate colleagues that $20 a month is a small price to pay for secure communications. ®

*Cryptocat has been in touch to assure us that version 2, launched last month, fixes all the highlighted issues, securing instant text messages without dependence on the security of the web server.

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.