Let's talk about encryption and security some more.
Some of us care about this issue out of pure professional interest, others on principle.. which I totally grok. I tinker. I'm a tinkerer, and one of the things I tinker with is encryption. I loved Hardy Boys as a kid, so let's inform each other.
The big question, it seems to me, is mobile phone security. There are currently paid services that will encrypt your voice calls so the *content* is however secure.. probably not real secure.. but I'm gambling that more free services will appear with similar ideas.
VOIP is an option, but which VOIP? Well, we know that Google and Skype are both in the PRISM program, so Google Voice and .. uh.. Skype are out. That leaves, mostly, paid services once again filling the gap. If I were paranoid, I would marvel at the coincidence that the two big free VOIP providers .. where call logs wouldn't normally exist per se .. are also in PRISM.
so here's what you want:
Linphone - 'Open source video SIP phone for desktop & mobile.'
http://www.linphone.org/
yeaaahhhh, baby.
Warren Stupidity
(48,181 posts)Your network of acquaintances, not the content of your conversations. As such, encryption is useless. Speaking of which, the NSA stopped caring about public key encryption technology over 20 years ago, presumably because they no longer considered it a threat.
Phillip McCleod
(1,837 posts)but combinations are even better. my initial contribution was about phone call log avoidance, since that's the crux of PRISM. i pointed out that Google Voice and Skype are out and offered one alternative.. there are many, mostly payfor options. Linphone is nice because it uses SIP so you can change your VoIP 'carrier' in a sense, without changing the app that uses it.
*if* one were paranoid, an inventor, or a corporate tool - which i am not.. rather i'm a whitehat infosec geek who geeks out on infosec - i would want a combined approach. ideally, i would want..
- proxy IP, ie Tor-compliant VoIP dialer, which doesn't exist, so here's dreaming of Ubuntu/phone (masks IP)
+ open-source SIP VoIP dialer like Linphone, so that the security protocols can be reviewed/revised to suit (avoids call logs)
- encrypt audio call content over the VoIP call.. so far not possible AFAIK. once again forced to use a dedicated app like this one on gizmodo. again, can't wait for Ubuntu.com/phone for that
IM'ing is another story, though the same disconnect between encrypted content and masked IP still exists.
major point is that call logs can be avoided-ish.. though if one is a blackhat kind of person, i'm sure the MIC would find a way.
Phillip McCleod
(1,837 posts)but this isn't the eye of sauron we're talking about. big brother is not godlike, IRL.
i'm saying if one wanted to send an unbreakable and untraceable message, how would one go about it? how would you do it? i would start with principles of encryption, since they are general.. that whole 'Alice' and 'Bob' and 'Carl' thing.. and consider how i wanted to whisper my message using tools that i could realistically acquire. i would weigh the relative security of my choice against the importance of the message and the capabilities of 'Carl', etc..
what about you? how would you tell your medical marijuana supplier to meet you at the corner of 4th and Easy St?