Forgot your password?
typodupeerror
Canada Communications Encryption Privacy

Phil Zimmermann's New Venture Will Offer Strong Privacy By Subscription 219

Posted by timothy
from the sounds-like-a-pretty-good-plan dept.
New submitter quantic_oscillation7 writes with this excerpt from the Register: "Phil Zimmermann and some of the original PGP team have joined up with former U.S. Navy SEALs to build an encrypted communications platform that should be proof against any surveillance. The company, called Silent Circle, will launch later this year, when $20 a month will buy you encrypted email, text messages, phone calls, and videoconferencing in a package that looks to be strong enough to have the NSA seriously worried. ... While software can handle most of the work, there still needs to be a small backend of servers to handle traffic. The company surveyed the state of privacy laws around the world and found that the top three choices were Switzerland, Iceland, and Canada, so they went for the one within driving distance."
This discussion has been archived. No new comments can be posted.

Phil Zimmermann's New Venture Will Offer Strong Privacy By Subscription

Comments Filter:
  • by Anonymous Coward on Sunday June 17, 2012 @12:42PM (#40352711)

    Canada is decent, but they can still be forced to modify their code to catch people on demand of Interpol there.

    Look what happened with Hushmail.

    • by isopropanol (1936936) on Sunday June 17, 2012 @01:22PM (#40352973) Journal

      Also there's been a bill on the order paper for a few years that would require them to backdoor it, and it looks like the bill is probably going to pass this time.

      • by Anonymous Coward on Sunday June 17, 2012 @02:25PM (#40353445)

        If I were doing a service like this, I'd split the company into five independent divisions, either owned by a holding company in Antigua, or otherwise protected the same way the telephone scammers keep a step ahead of the authorities.

        First company does the billing. Then it sends money to the other three companies, using tokens that change often. This separates users from their online userIDs.

        Second company does the client coding and makes packaged, signed executables.

        Third company takes the packaged code from company #2 and installs it. The reason for this is to make it harder for backdoors to be inserted at the whims of a local government. Users will easily see the executables have invalid signatures. Because company #2 is a separate firm, it is harder to demand they create a bongoed executable.

        Fourth company provides the VPN service, and tosses logs between IPs.

        Fifth company does the servers. Since the clients do a layer of encryption, commanding the server holding company to cough up user data is going to not give much, other than perhaps traffic analysis reports.

        This isn't perfect, but it means that if the servers get seized, the data isn't compromised. Same if the client making company gets demanded they insert a backdoor, or the network between the servers is seized.

        I would like to work on a service like this However, the main reason why I wouldn't run it is because of cynicism -- it would turn into a nice stomping ground for the child pornography crowd, not to mention a haven for people who are interested in turning the a local church or synagogue into rubble.

        • by Anonymous Coward on Sunday June 17, 2012 @04:34PM (#40354381)

          If we want freedom we have to accept an increase in terrorism an violated children. This is a very tough call that we should not avoid discussing. Anyone has evidence on how many children, synagogues we have to sacrifice for how much children? Sure would be interesting reading.

      • by arisvega (1414195)

        The company surveyed the state of privacy laws around the world and found that the top three choices were Switzerland, Iceland, and Canada, so they went for the one within driving distance.

        Going for the pro-citizen countries, are we? Switzerland has also recently allowed external investigators into its banks (as an example of on-demand privacy violations). I am not judgind it, I am only saying that it happened. So that's why the option that includes the servers sitting on a volcano and being surrounded by the ocean seems like a good choice.

    • by lightknight (213164) on Sunday June 17, 2012 @02:02PM (#40353279) Homepage

      Indeed. It's like none of them get the idea that paranoid users are paranoid, and keeping out 99.99% of all various intruders, but letting in the 0.01% via a mandated backdoor is the same, mentally speaking, as letting in 100% of all various intruders. Having a backdoor means the solution is inherently insecure, and requires trusting someone which, let's be honest, you don't know. ("Dude, it's totally cool. Your files are totally secure, except that because of a recent law, we have to create a master key that unlocks all the files, at once, and yes, if this key were ever compromised / stolen for any reason, all of our users would have their proverbial asses hanging out the window onto oncoming traffic, but yeah, come on, what are the chances that'd ever happen? Why wouldn't you want to use an almost-secure solution?").

      Not everyone using these services is a spy, thief, hacker, cracker, mentally ill, or otherwise questionable person trying to hide something. Sometimes they're just people who like the idea of living quiet lives, and would like a secure / protected e-mail service to actually live up to its name. But there are some eccentric people in positions of power which don't like that idea -> they can't sleep at night until they know for sure that there isn't a bogeyman living under your bed!

       

      • If you want no backdoor at all, better roll your own solution; that's still a legal option in many countries.

        personally, I am ok with a backdoor, provided that there are some proper controls around it, such as:
        - Access only granted to specific law enforcement agencies (listed publicly)
        - Access only granted after due process, i.e. a judge issues a wiretap warrant for a specific suspect in a specific case
        - Access is rescinded as soon as the warrant runs out
        - The government agencies themselves have prop
        • by cheekyjohnson (1873388) on Sunday June 17, 2012 @06:40PM (#40355155)

          personally, I am ok with a backdoor, provided that there are some proper controls around it, such as:

          - The government is entirely composed of perfect beings that would only use the backdoor against actual criminals.

          • "The government is entirely composed of perfect beings that would only use the backdoor against actual criminals." -> Thank you.

            I find it odd that people can interact with government officials day and day out for years, and forget that they're human beings. No human being should be invested with the kinds of powers they're after.

          • by jamstar7 (694492)

            personally, I am ok with a backdoor, provided that there are some proper controls around it, such as:

            - The government is entirely composed of perfect beings that would only use the backdoor against actual criminals.

            Except most governments these days consider all their citizens as prospective criminals. Anybody who can think for themselves and wants other than government-mandated media for their news is a potential criminal.

  • TFA (Score:4, Informative)

    by 6031769 (829845) on Sunday June 17, 2012 @12:43PM (#40352713) Homepage Journal

    Link is http://www.theregister.co.uk/2012/06/14/pgp_seal_encrypted_communications/ [theregister.co.uk] since it wasn't in the summary.

  • by icebike (68054) * on Sunday June 17, 2012 @12:47PM (#40352727)

    encrypted email, text messages, phone calls, and videoconferencing

    With the proper encryption software on the endpoints, and properly encrypted storage, why does the server location even matter?

    If nothing was actually stored on the server (or if everything stored there was encrypted with keys unknown to the operators) there would be no point in any government agency grabbing the server other than to shut it down. And nothing prevents that better than multiple sites.

    It would seem to me the best solution would be for that server to have zero knowledge about the content of any data, and serve as a store and forward repository for content where one or the other party is off line (file transfer or email). For Video conferencing and text messages the servers might serve only as a routing agent for firewall piercing (where each participant is behind a firewall). But in no case should it contain un-encrypted data, and all logging should be to /dev/null.

    Almost all of this is available today using a variety of off the shelf software with PGP keys, etc.

    Wouldn't concentrating this traffic in a single place make it easier to monitor? If nothing else, a monitoring agency can gain the equivalent of pen register data simply by doing packet analysis at the upstream of such a service provider.

    Wouldn't merely subscribing to such a service (and leaving a money trail) become a red flag?

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      why does the server location even matter?

      I'd go one step further and wonder why it needs dedicated servers at all.

      If email is end to end encrypted (a thing that's very easy to do already) it does not need any NEW infrastructure. The existing email infrastructure works just fine, the only difference being that the messages are encrypted, and anyway the encryption keys better be known only to the endpoints, or it defeats the entire purpose.

      Same for IM and other things - all that's needed is client support. The very fact that there is some custom s

      • by retchdog (1319261)

        it's been around forever and it won't go away because of this. geeks know about it, no one else does. i think zimmerman would mostly be happy that you keep doing what you're doing.

        normal people (who deserve privacy too) just might care when they can say to their neighbors "this company is taking care of it; they have Secure Servers!", secure in the fact that ex-military folks and a Huge Fucking Bundle of Money (the only thing normal people care about as far as technology goes) are involved. that's how peopl

    • Think about the business model: They're probably providing the authentication (i.e. you're really talking to whoever you think you're talking to). If they provided a way around that then you wouldn't need their subscription, would you?

      • by icebike (68054) *

        Well, if they were providing the authentication, then that would suggest that they would have way too much knowledge if you ask me.

      • by ATMAvatar (648864)
        You can do that using digital signatures already without having to resort to some central authority.
    • by Joce640k (829181)

      It should be decentralized, P2P (with redundancy).

      • It should be decentralized, P2P (with redundancy).

        You mean like so?
        1. endpoints encrypt email/files/whatever with PGP/GNUPG, etc ,etc.>br> 2. Shares public key with receiver via OOB mechanism
        3. Endpoints/send receive data via P2P mechanism (SMTP anyone?)
        4. Profit!

        Brilliant. No one else could ever have thought of that.

        • by PCM2 (4486)

          Except that if you read the summary, this is about more than just secure email. They also want to do it for text messaging, phone calls, and videoconferencing. I think it would be pretty hard to use SMTP for all of that.

    • by girlintraining (1395911) on Sunday June 17, 2012 @01:05PM (#40352853)

      With the proper encryption software on the endpoints, and properly encrypted storage, why does the server location even matter?

      You're new here. Okay, from the top ... If the server gets disappeared in some government raid, then the services offered by said server are no longer available. Sorta obvious there. The internet requires some types of centralization to function; As to any services that run on top of it. DNS, e-mail, Facebook, BGP, etc. -- everything on a packet-based network which lacks broadcast/multicast ability needs to have a static point of entry into whatever superstructure you build on top of it.

      In this case, the server acts as a mediator of identities: Person A wants to talk to Person B, so Person A subs Person B's public key, and the server returns Person B's IP address, drop box, or whatever, thus allowing the transaction to complete.

      It would seem to me the best solution would be for that server to have zero knowledge about the content of any data

      The server would regard the data as a binary blob with a source and destination. You know, just like a router does. Except the data is encrypted, so the only useful data that can be recovered is where it's going, and where it's coming from.

      But in no case should it contain un-encrypted data, and all logging should be to /dev/null.

      But what if someone unlinked /dev/null? Server should immediately self-destruct, Mission Impossible style? :P

      Almost all of this is available today using a variety of off the shelf software with PGP keys, etc.

      One word: Convenience. And another word: Cheaper.

      Wouldn't concentrating this traffic in a single place make it easier to monitor?

      Dude, the NSA is building a massive data center under a mountain in Arizona to monitor every packet sent or received on the internet domestically as you read this. The "single place" is now the entire network. Europe is doing the same thing, but requiring ISPs to store all the data instead. If you want something hard to monitor, go back to sneakernet and drop boxes.

      Wouldn't merely subscribing to such a service (and leaving a money trail) become a red flag?

      I see that you're paying with cash, instead of credit card. You filthy terrorist. Well, actually, everything these days is a red flag. Carrying a bottle of water in your car? You must be using drugs. Breast implants? Possible weapons of mass distraction. Driving a car at the speed limit -- you're paying too close of attention, you must be up to no good. Ah, the rationalizations are endless. Look, there's no technology on this planet that's going to save you from a government that decides (for whatever reason) to make you disappear. All these laws, the constitution, your rights, it's all for show and it always has been. The powerful do whatever they want, and then give it post-facto legitimacy after the fact.

      All that said, I do all my browsing on Tor. Which mostly includes posting to slashdot and reading the Skyrim wiki. If you encrypt everything, and everyone else does the same, then you have made stateful packet inspection a waste of time. Nobody should be sending packets in the clear these days anyway -- most of you are reading this from a processor with an AES encryption/decryption module built into the CPU that can run at gigabit speeds with very little overhead. -_-

      • "and then give it post-facto legitimacy after the fact." Yeh, that's the best kind of post-facto legitimacy. :)
        • "and then give it post-facto legitimacy after the fact." Yeh, that's the best kind of post-facto legitimacy. :)

          Well, not everyone knows what post-facto means! I just wanted to be extra clear. :( Slashdot isn't what it used to be.

    • by chill (34294)

      For ZRTP proxy and automated SAS would be my guess. Also for an IM presence server and you have to put e-mail servers SOMEWHERE. E-mail isn't p2p.

      http://zfone.com/docs/asterisk/man/html/u_guide.html [zfone.com]

      • by icebike (68054) *

        Also for an IM presence server and you have to put e-mail servers SOMEWHERE. E-mail isn't p2p.

        With proper encryption, it doesn't matter where that is, and concentrating it in one place isn't going to help.
        Ask Blackberry.

        • by chill (34294)

          Yes, but...

          E-mail will not work without a server. Since you need one, you might as well put it somewhere that has the tightest restrictions on privacy. A place that has the most hoops a gov't has to jump thru to force you to cough up data.

          By data I mean the non-encrypted stuff like customer name, billing info, how often e-mail is sent/received, the source and destinations, etc.

          Encryption doesn't hide any of that.

    • It's called "traffic analysis", and it's a wonderful source of intelligence even in its simplest forms.

      Of those nations, Canada seems the most likely to assist with a US official "request". Iceland would love to resist but has little power.

    • Almost all of this is available today using a variety of off the shelf software with PGP keys, etc.

      Yes, and a lot of good security software is available free and open source, but it's not very easy to use and/or effectively marketed.

      Wouldn't concentrating this traffic in a single place make it easier to monitor? If nothing else, a monitoring agency can gain the equivalent of pen register data simply by doing packet analysis at the upstream of such a service provider.

      Wouldn't merely subscribing to such a service (and leaving a money trail) become a red flag?

      Absolutely, anyone can use free HushMail, but in so doing, you are marking yourself as a less than 1% minority that cares enough about privacy of your communications to actually do something about it - and as such, I'd assume you'll be first against the wall in any witch hunt investigation since you are rare and "they" can't really be sure what all you have effectively hidden

      • by pnutjam (523990)
        I've been doing some research on this,it is essential for medical providers who want to adhere to Hippa.

        Hushmail was a bit of a pain, 4securemail seemed to work well (no affiliation and no link, google it up yourself).
        • Sorry to let my cynic show, but all medical providers who want to adhere to HIPPA have to do is subscribe to a service that claims to provide HIPPA compliance to their operations, pass the cost along to the insurance companies (and those who pay insurance premiums), and wait for somebody to scream "Bloody hell NO that's not what HIPPA means and I'm going to sue!!!" - settle, probably involving a small modification to the HIPPA compliance service procedures, rinse, lather, and repeat.

          My favorite outcome of H

          • by pnutjam (523990)
            I'm an ethical consultant who deals with small offices who want to do it right. I am working on a paper outlining the best IT practices for small medical offices. Email me if you would like to provide input.
  • by Anonymous Coward

    But if it's made up of a bunch of ex-navy seals, can you really trust that it's going to be secure against american intelligence access? And if it *IS*, what does that say about these EX-SEAL personnel? The old 'loyalty to your job' versus 'loyalty to your country' :D

    • by CRCulver (715279) <crculver@christopherculver.com> on Sunday June 17, 2012 @12:56PM (#40352815) Homepage

      But if it's made up of a bunch of ex-navy seals, can you really trust that it's going to be secure against american intelligence access?

      No, you can't completely trust that it's going to be secure. On the other hand, there's a remarkable amount of ex-SEALs who have become embittered about the government they once served, and Mike Janke is a privacy advocate. So, the involvement of SEALs isn't a guarantee that this company is in bed with the US government.

    • But if it's made up of a bunch of ex-navy seals, can you really trust that it's going to be secure against american intelligence access?

      I was going to reply with a list of the algorithms and constructions used here, and then point out that they are all standard and widely studied. Then I noticed that the website does not actually have that information, so unless someone would like to post a link (I could have just missed something obvious), no, I do not think you can really assume anything. Phil Zimmerman did good work with PGP, but that does not mean that he will do similarly good work here.

    • Indeed. That was the first red flag that caught my eye -> "ex-Navy Seal would be nice if I were expecting the offices to be physically attacked, but I don't know how well they'd hold up against various intelligence people questioning their 'loyalty' to their own..."

  • by Anonymous Coward on Sunday June 17, 2012 @12:48PM (#40352743)

    Are they aware of the Canadian Conservative party's utter contempt for online privacy and willingness to grant broad snooping powers with no oversight to completely unqualified authorities? All without a warrant? Bill C-11 is currently in the process of being rammed through along with plenty of other unpopular legislation. Need I even mention the unabashed kowtowing to the whims of U.S. media conglomerates?

    "You can either stand with us or with the child pornographers" - Vic Toews, Minister of Public Safety.

  • by WarSpiteX (98591) on Sunday June 17, 2012 @12:51PM (#40352771) Homepage

    As a Canadian resident, I wouldn't count on our privacy laws remaining strong, or - above all - being strongly enforced - with the Conservative party in power. They should have gone with Sweden or Switzerland.

    • by Mashiki (184564)

      Warrants are required in Canada, even under exigent circumstances now. The SCC recently struck down even prior existing laws(telephone) on that. The only exception is home entry in case of emergency, where you can see/hear/know a person in an obvious case of distress.

      • by Phrogman (80473)

        I do not believe that the Conservative party has any interest in maintaining the privacy of Canadians. In fact I think they are actively working to weaken/eliminate privacy here, in the same way they are actively working to destroy the environmentalist movement and scientific research into GCC. Steven Harper has only the interests of Steven Harper in mind, no one else. His focus is to stay in power long enough to change Canada in the way he wants to. Whatever gets in the way will be swept aside (latest vict

    • Re:Canada (Score:5, Informative)

      by BlueParrot (965239) on Sunday June 17, 2012 @01:47PM (#40353149)

      Sweden has few effective laws for private citizens. It's explicitly codified into law that the authorities are allowed to snoop on your communications. It's a bit better than England ( where you can be jailed for not giving police your encryption keys ) , but there's really no good way to defend against a hostile government. If you truly want to avoid government meddling with your communication your best bet is probably hiding in plain sight. I.e, make sure you and your communication appear dull enough that your government can't be bothered to look at it.

  • by guanxi (216397) on Sunday June 17, 2012 @12:52PM (#40352785)

    What do SEALs have to do with it? Are they going to infiltrate the datacenters of privacy violators and blow them up? Secure this company's underwater cables? Now some NSA or CIA signals intelligence veterans might be helpful.

    • by houghi (78078)

      What do SEALs have to do with it?

      Perhaps they wanted to be close to Heidi Klum.

    • by Dahamma (304068)

      No, duh. They are launching a subscription service in the US. The SEALs are there for the TV commercials.

      • by swillden (191260)

        No, duh. They are launching a subscription service in the US. The SEALs are there for the TV commercials.

        Because Act of Valor showed the world that SEALs are incredibly talented actors?

        • by Dahamma (304068)

          No, because it showed they don't have to be...

          • by swillden (191260)

            No, because it showed they don't have to be...

            That's debatable. The movie was enjoyable, but some of the dialog-heavy segments were stilted enough to make it difficult to maintain suspension of disbelief.

            • by Dahamma (304068)

              Eh, I wasn't talking about what it did for the movie, I was talking about about the reputation Navy SEALs have with middle America after the whole bin Laden thing (and the movie, etc).

              If you are a 65 year old retiree in Kansas, who's security software are you going to use, something called "McAfee" with commercials featuring boring guys in suits talking about IT infrastructure, or one called "Silent Circle" with a fucking Navy SEAL guarding your computer! ;)

    • by Phat_Tony (661117) on Sunday June 17, 2012 @01:29PM (#40353005)
      They may have any amount of legitimate expertise to contribute. Even if it's just on the business/managerial side of things and not the software/encryption side, not that that's necessarily the case.

      But you know one big thing they contribute just by being there? This company will be accused of being anti-American, of "helping the terrorists win." There's nothing that will help inoculate them against that as much as having a couple of combat veterans as founders.

      And to those who will say the presence of veterans means you can't trust this organization because they will provide a backdoor for the feds, the people in our armed forces hold a range of political opinions, they are not all clones. And there are a lot of them who agree with a libertarian or traditional conservative view of highly restricted government power and lots of freedom. A lot of people in the military are there to fight for our freedom, and that includes opposing the Orwellian encroachments of our own government.
    • by chill (34294)

      The SEALs mentioned both operate physical security companies. Their expertise will probably come in handy in securing the datacenters.

    • by equex (747231)
      Friend of a guy who worked in intelligence here, all your encryption is worthless, they will just park outside your lawn and point a device towards your keyboard. The electrical charge generated by each key can somehow be translated into clear text.
      • "all your encryption is worthless, they will just park outside your lawn and point a device towards your keyboard. The electrical charge generated by each key can somehow be translated into clear text."

        Failing that, they will just park outside of your lawn and point a device towards your head. The adrenaline generated by you knowing the "device" is a 7.65 long barrel can somehow be translated into clear text too.

        Obliged reference: http://xkcd.com/538/ [xkcd.com]

      • by jgrahn (181062)

        Friend of a guy who worked in intelligence here, all your encryption is worthless, they will just park outside your lawn and point a device towards your keyboard. The electrical charge generated by each key can somehow be translated into clear text.

        Not everyone who wants my data has a black van full of electronics, readily available for dispatching, in my area.

        • by equex (747231)
          No, but the people who really, really need encryption probably has a van not too far away. I use encryption mostly just to be a dick and generate the noise that the others who rely on it needs.
  • I'm sure they did their due diligence, but from what Ive seen the last couple years Canada seems to be heavily influenced by US politicians, lobbyist, etc.. And I would not be surprised to hear of a joint task force as in" go ahead eh" taking down the servers for <insert reason here> from the US privacy destruction machine. Just my tinfoil hat 2 cents.
  • by Dahamma (304068) on Sunday June 17, 2012 @01:03PM (#40352849)

    They just nee to make sure they don't discuss any details of the service at the airport...

  • that way have better world coverage and can shift if the local politics go to crap on privacy.
  • You get the apps at the iPhone/Android store, so does it just use a password? Where's the 2/3 factor authentication, or a security quiz from the system before you can start using it? Can you set an 'alarm' password that tells everyone you're under duress, or an innocuous password that only shows fake data?

    Trying to make it easy to use is commendable, but trading ease for security would be better.

  • by SilverJets (131916) on Sunday June 17, 2012 @01:42PM (#40353113) Homepage

    They teamed up with Navy SEALs to develop this. That means a branch of the US Government is involved.

    No thanks.

  • Sounds good.

    I believe them when they say it is a good privacy protection package, and $20 sounds reasonable.

    It better be open, and available for public comment, for every single line of code that goes into it otheriwse, then no, I don't believe it is safe to use.

    I want to see it and make my own determination.

    -Hack

    • by macs4all (973270)
      I don't believe that PZ has made his versions of PGP Open Source since around PGP 2.8, and maybe before.

      Someone correct me if I'm wrong; because I'm not exactly sure about that.
  • The concept of "privacy" as a paid, centralized service leaves something to be desired.

    • by SeaFox (739806)

      Sound familiar, kinda like extortion.
      Remember when the Mob approached local politicians and promised not to let out any of their secrets, for something in return?

  • Phil Zimmerman has been compromised ever since PGP 2.6 (IIRC), which was curiously released RIGHT AFTER he was hassled by the IRS. Curiously, 2.6 is incompatible with 2.3a, which was the version just BEFORE PZ was "re-educated" by the Feds.

    Now it's time for me to put some copper foil on my hat; because the tinfoil doesn't block enough of the mind-control waves...
  • by dskoll (99328)

    Canada might not be a good choice. Our privacy laws right now might be decent, but the Harper government is selling rights to write our laws to the US and to US lobbyists. Don't count on Canada having sane privacy laws nor "Intellectual Property" laws for much longer.

    The MPAA, RIAA, and NSA count more to Harper than citizens.

  • Governments and other criminal organizations can place esentially unlimited coersion on any organization or individual that publishes encryption or other security software. If the source code is not published there is no way to know that there is no back door.

    Therefore the only way such software can be known to be secure is if the source is published.

    Use free software for security.

  • Zimmerman and PGP opened a back door to their encryption on orders of the US spooks years ago - hence GPG, an open-source alternative that the spooks don't backdoor.

    Why o why would I let them have my encrypted voice communications when I know full well they'll hand the keys to the spooks?

  • This is quite interesting because if you make a project open source there is much much less that the government can do to stop your project. The thing that makes this even more interesting is this is being started by exactly the same person who PUBLISHED the source code for PGP IN A BOOK [philzimmermann.com] just to protect it from the government!

The key elements in human thinking are not numbers but labels of fuzzy sets. -- L. Zadeh

Working...