Feeds

back to article Silent Circle takes on Skype, Viber, mobile telcos with crypto-VoIP

Silent Circle has launched a global encrypted IP voice calling service that will go up against over-the-top services Skype and Viber, among others. The idea here, however, is that it will feature a way to communicate privately. It's more bad news for mobile carriers, which are already beating off roaming-revenue pinchers in the …

Bronze badge

"Encrypted" PSTN calls?

How is a call that's made "Out-Circle" really encrypted? Sure the internal VOIP leg of it inside the Silent Circle system may be, but as soon as the call goes out onto whatever nation's PSTN services it's as unencrypted and open to intercept as any other call.

As for the internal element of this that actually is encrypted, how long until the company goes the way of Lavabit?

4
1
Bronze badge

Re: "Encrypted" PSTN calls?

Exactly. When Skype pulled this schtick on PCs, there was a point - you could 'call' non-Skype contacts from the same PC; but when the selling point is the call being encrypted (which is not, at the other end) and the platform is a phone (which is, ummm, supposed to be meant to make calls already) what is the point exactly...?

0
0

Re: "Encrypted" PSTN calls?

Quite right. Only can be given serious thought when the encrypt/decrypt part is made at the mobile/handset.

Quite an opportunity for any kit maker that decides to do cheap gear that fills that void... How hard can it be for them to do it...

0
0

Re: "Encrypted" PSTN calls?

Phil W.

You're absolutely correct about the 'Out-Circle' calls. Only the member's leg of the call is protected. But if you are targeted for interception, you have that protection for all calls incoming and outgoing wherever you are in the world via your Silent Phone app. If the other end of the call is at risk of interception, both parties should have a subscription for peer-to-peer encryption. Great comment.

As for the future of the company and comparison to Ladar's Lavabit, we closed our Silent Mail service hours after Lavabit received their NSL (although we still use it internally). What Silent Circle has now are Silent Phone and Silent Text where all keys are generated by the app on each members' phones. We hold nothing and log nothing. We can close a member's account if required, but have no capability of giving keys or assisting with interception in any way. You're in control and that's how it should be.

2
0
Bronze badge

Re: "Encrypted" PSTN calls?

"Only the member's leg of the call is protected"

Which is the equivalent of no protection at all.

If a call to a PSTN user is tapped at the PSTN end, the listener can still hear what both parties are saying.

I'm not saying Silent Circle calls are useless, app to app calls are no doubt secure. But the difficulty there is you can only call someone who has a compatible device and the app, and there are already plenty of solutions for secure app to app calling.

This makes me think that the model of providing Out-Circle calls as paid service is either aimed at taking money from those who are daft enough to think it's any more secure than a normal call, or at those who are too lazy to use more than one app for calls.

My point on the comparison to Lavabit is not so much that any data is at risk but more that as a service specifically providing secure communications to prevent interception, Silent Circle is likely to find itself a target of government pressure from one nation or another both legally and through more covert means to shut down.

0
0
Silver badge

Re: Which is the equivalent of no protection at all.

I wouldn't go that far.

It seems obvious to me that the out of circle calls would be subject to standard intercept. But within circle calls won't be. It has always struck me that the biggest problem with switching to encrypted systems is the chicken and egg problem. If you switch to an encrypted system that only talks to itself you have too small a base of people to call. This seems like the best compromise possible. Within the circle you get the encryption, but you don't lose outside connectivity.

0
0
Silver badge

" ... text-revenue leaks as customers turn to ..."

My £10 a month SIM-only contract has 5,000 texts and 1GB of data included in the bundle. Is this text-revenue from the PAYG owners?

1
0

Where the packets pass..

It's important to note that while sniffing traffic from Silent Phone, you can see it all being routed through the Silent Circle servers. There exists a possibility that they are able to perform a man in the mdidle attack on your encrypted VoIP session.

Please note that I'm not claiming that they are doing this, just that a possibility exists - and that I do not have the technical knowledge of their solution to make a statement one way or the other.

I would love to read a technical analysis of the session establishement and encryption mechanisms that they use, as well as to learn the justification for routing through their own servers instead of allowing direct user to user communications (which should be possible outside of funky NAT'ed networks).

This brings to mind the recent stories on BlackBerry's lawful intercept of BBM messages that are also supposed to be secure.

1
0

Re: Where the packets pass..

"which should be possible outside of funky NAT'ed networks"

You mean like the ones that a lot of mobile carriers still provide?

1
0

Re: Where the packets pass..

Very much like the ones that a lot of mobile carriers use. It's possible that Silent Circle is simply providing an integrated STUN / ICE type service - which would be very good thinking on their part to mitigate the issues related to funky NAT.

My point is that I don't know what they're doing, and am unwilling to trust a solution (regardless of how awesome some of the people involved have been in the past) without a trusted party being able to review how it works.

0
0
Anonymous Coward

Re: Where the packets pass..

My point is that I don't know what they're doing, and am unwilling to trust a solution (regardless of how awesome some of the people involved have been in the past) without a trusted party being able to review how it works.

*Exactly* right. I'd be even more interested if the code was open rather than proprietary.

0
0

Re: Where the packets pass..

justification for routing through their own servers instead of allowing direct user to user communications

Mobile carriers all use the RFC 6598 block for NAT, unless you explicitly add a static ipv4 address to your sim plan then you'll recieve an internal IP in the 100.64.0.0/10 block and get natted out across some funky carrier NAT.

Unfortunately this is the way it is with the IPv4 address space thinning out. Services like teamviewer do the exact same thing to manage nat traversal.

0
0

useless

No .au. Hello ASIO/ASIS/FiveEyes/Laberals.

0
0
Anonymous Coward

Silent Circle offer less countries for more money, in a fair comparison

"Silent Circle claims the number of countries covered is greater than those covered by competitors such as Skype and Viber."

Actually, they're pulling a particularly sleazy and deceptive marketing trick here. They're comparing the list of countries that are included in Skype's unlimited global calling plan with those included in Silent Circle's expensive fixed minutes/month plans, which are also the only countries they let you call. Skype actually lets you call far more countries than they do - almost every country with a phone system, in fact - but they're only counting the countries that Skype lets you call dirt-cheap at prices far lower than theirs.

They pull the same trick with their price comparison, comparing their cheapest $12.95 100 minutes/month plan with the same $13.99/month unlimited global minutes Skype plan. Turns out they're such bad value for money that, for almost all the countries Silent Circle support, the bundled minutes in that plan actually cost more per minute than Skype's pay-as-you-go rate; Skype's monthly plans beat their pricing even more spectacularly.

As far as I can tell they don't even offer any more encryption or security on calls to normal telephones than Skype do. Both encrypt the segment between you and their servers, leaving the subsequent PSTN part of the calls totally unencrypted. Their whole sales pitch appears to be marketing bullshit.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon