Celebrities turn to encryption to keep phones private darkteamcc, hackforumpro
CELLPHONE hacking sparked the inquiry that led Lord Justice Leveson to conclude that the press “wreaked havoc in the lives of innocent people” in his long-awaited report to the British government last week. But those in the public eye aren’t counting on heavier press regulation to stop future hackers. Instead, they are increasingly placing their bets on emerging smartphone technologies that foil eavesdroppers by encrypting voice and text data in real time.
One such technology hails from GSMK , based in Berlin, Germany. Its CryptoPhones are commercial smartphones that use military-grade encryption algorithms to ensure that calls, texts and voicemails – when passing between people with similar secure devices – are all but unhackable. These cost around €2000 per handset. But now a rival has entered the fray with a much cheaper approach.
Silent Circle of Washington DC launched its real-time call encryption app Silent Phone for the iPhone in October, and next week it releases a version for Android. CEO Mike Janke, a former security expert with the US Navy Seals, claims demand for the service, which costs £13 per month, has taken him by surprise: “A-list Hollywood celebrities, special forces operatives, diplomats from nine nations, and a clutch of Fortune 100 companies have signed up to use our service in our first 40 days,” he says.
For firms worried that their industrial secrets could be stolen, securing transmissions by phone is paramount. To do this, GSMK – which has 10,000 smartphones in use – replaces Windows, Linux or Android operating systems with its own, more secure operating system. Both GSMK and Silent Circle use “end-to-end” encryption that takes place in the phone, so there’s no hackable server that carries out the encryption. When a call is made, two code words appear on the phone’s screen that both parties have to speak out loud. If they match, they know they are safe to proceed.
Both Silent Circle and GSMK doubly encrypt their messages using two encryption methods, including one called AES256, so even if one scheme is broken there’s still the other to deal with. “It’s a very paranoid design,” says GSMK founder Bjoern Rupp.
But Janke concedes that, as Silent Phone is app-based, it is vulnerable to attack from other, malicious apps that could pilfer voice and text data before it is encrypted. While Silent Phone’s securely received texts can self-delete a set time after they have been read, they can be saved as a phonecam’s screenshot. GSMK’s operating system prevents screenshot-taking by default, says Rupp.
It’s not all about cash: both GSMK and Silent Circle donate phones to human rights groups that need to be able to make secure calls. It’s all encouraging stuff, says Eric King of London pressure group Privacy International. But he adds that the onus should be on phone networks to do more to prevent interception. “Phone hacking would not have happened if networks had generated a random PIN for voicemail accounts in the same way a bank does.”
Commute to work on the roller coaster train
Dinosaurs might have once gazed into the Grand Canyon