Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Recommended Software for Encrypted Blackberry Voice Calls

Thomas Lowenthal tlowenth at princeton.edu
Tue Jan 25 05:19:47 PST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 24 January 2011 10:46, Katrin Verclas <katrin at mobileactive.org> wrote:
>We have been experimenting with CellCrypt and One Vault Voice.  Expensive
>stuff.  I think there are better secure voice options than bberry,
>personally.... such as a private VOIP phone system over  Android:
>
https://guardianproject.info/2010/05/26/how-to-setup-a-private-mobile-phone-system-for-android-and-beyond/
>(though it still needs work!)  and http://whispersys.com/.  We should talk,
C -
>we are working on this as I am writing this.


The problem with using Android devices for sensitive applications is that
neither the phone nor the SD card can be effectively encrypted by the
operating
system. Blackberries, on the other hand, have been developed in line with
corporate security policies, and so have well-tested device encryption, and
secure remote wipe capabilities. It's my understanding that iPhones also
support
some sort of device encryption, but I'm less familiar with that.

There's much less value in making encrypted voice calls when the relevant
keys
are available in plaintext on the device. That could be a significant risk
in a
regime with a poor human rights record. Whoever you're trying to keep voice
calls
from could potentially arrest the phone's bearer, confiscate the phone,
retroactively decrypt the calls, and hold them accountable. Of course,
someone
arrested with a strongly encrypted phone encourages rubber-hose decryption.
However, a remote-wipe capability reduces the associated risk.


Thomas Lowenthal
Princeton CITP
tlowenth at princeton.edu
GPG 80AF70D3

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iF4EAREIAAYFAk0+zdEACgkQMHyzSdX0lpw85wD9FAgNLgCU9jQv/qMMyI6MBFj/
ULDgXwkRymHEpHbsEmIBAJOsrzhOdYNZkwaudMs9ClkioaMIvxej3NHaqzZ+1O8o
=mFQ8
-----END PGP SIGNATURE----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20110125/a23e3c4d/attachment.html>


More information about the liberationtech mailing list