Verizon Offers Encrypted Calling With NSA Backdoor At No Additional Charge

from the trust-us,-we're-the-phone-company dept

As a string of whistle blowers like former AT&T employee Mark Klein have made clear abundantly clear, the line purportedly separating intelligence operations from the nation's incumbent phone companies was all-but obliterated long ago. As such, it's relatively amusing to see Verizon announce this week that the company is offering up a new encrypted wireless voice service named Voice Cypher. Voice Cypher, Verizon states, offers "end-to-end" encryption for voice calls on iOS, Android, or BlackBerry devices equipped with a special app made by Cellcrypt.

Verizon's marketing materials for the service feature young, hip, privacy-conscious users enjoying the "industry's most secure voice communication" platform:


Verizon says it's initially pitching the $45 per phone service to government agencies and corporations, but would ultimately love to offer it to consumers as a line item on your bill. Of course by "end-to-end encryption," Verizon means that the new $45 per phone service includes an embedded NSA backdoor free of charge. Apparently, in Verizon-land, "end-to-end encryption" means something entirely different than it does in the real world:
"Cellcrypt and Verizon both say that law enforcement agencies will be able to access communications that take place over Voice Cypher, so long as they're able to prove that there's a legitimate law enforcement reason for doing so. Seth Polansky, Cellcrypt's vice president for North America, disputes the idea that building technology to allow wiretapping is a security risk. "It's only creating a weakness for government agencies," he says. "Just because a government access option exists, it doesn't mean other companies can access it."
Just because we put a backdoor in a product, doesn't mean those backdoors will be abused, right guys? Right? Of course this is the same Verizon that has mocked Internet companies for "grandstanding" when it comes to their latest encryption push. But while those companies have refreshingly started competing over who can respect your privacy more, Verizon's making it clear that privacy is an afterthought, even when pitching privacy services. Perhaps someday Verizon can see fit to offer "end-to-end encryption" that actually is.

Filed Under: back doors, backdoors, encryption, end to end encryption, law enforcement, nsa, surveillance, voice cypher
Companies: cellcrypt, verizon


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    ChurchHatesTucker (profile), 15 Dec 2014 @ 12:19pm

    Seems clear

    "to-end" encryption.

    reply to this | link to this | view in chronology ]

  • icon
    Violynne (profile), 15 Dec 2014 @ 12:22pm

    "Okay, dear. Got it. Pick up the girls from swimming practice and swing in and get dinner. Should be home by 8pm.

    Oh, and Phil, tell the boys poker's been canceled this week. Meg's wife is coming, but of course you already knew that."

    reply to this | link to this | view in chronology ]

  • icon
    Get off my cyber-lawn! (profile), 15 Dec 2014 @ 12:22pm

    Of course it's End-to-End encryption

    they just don't tell you that the NSA is one of the "ends"

    reply to this | link to this | view in chronology ]

  • identicon
    Scote, 15 Dec 2014 @ 12:23pm

    Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

    This is way worse than an NSA backdoor. This is an every LEO or government agency backdoor. Even the bought and paid for City of London (Corporation) Police (not to be confused with the Met) could theoretically get access.

    reply to this | link to this | view in chronology ]

    • identicon
      Rich Kulawiec, 15 Dec 2014 @ 12:28pm

      Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

      Oh, no...it's worse than that. This is backdoored for EVERYONE -- as soon as someone reverse-engineers it, or figures out how to crack it, or successfully impersonates a law enforcement agency, or hacks the underlying OS, or hands a Verizon employee an envelope with $100K in crisp tax-free income, or combinations/variations of these.

      This is pre-compromised at the factory.

      reply to this | link to this | view in chronology ]

      • identicon
        Michael, 15 Dec 2014 @ 12:30pm

        Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

        Don't worry, I'm sure one or more of those happened well before this announcement.

        reply to this | link to this | view in chronology ]

        • icon
          sigalrm (profile), 15 Dec 2014 @ 12:49pm

          Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

          Verizon - as a telephone company - cannot legally provide a voice service in the United States which doesn't accommodate lawful intercept as required by CALEA. Full Stop.

          reply to this | link to this | view in chronology ]

          • icon
            John Fenderson (profile), 15 Dec 2014 @ 12:55pm

            Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

            Then they shouldn't be offering a service that claims otherwise.

            reply to this | link to this | view in chronology ]

            • icon
              sigalrm (profile), 15 Dec 2014 @ 1:11pm

              Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

              They aren't claiming otherwise - You just have to know telco-ese:

              From Verizon's website (http://business.verizonwireless.com/content/b2b/en/solutions/technology/mobile-security/voice-cyphe r.html)

              "Voice Cypher Conferencing protects conference calls from unauthorized access, provides total control over calls in progress and can provide government-grade, end-to-end encryption to prevent voice-call interception."

              Very carefully worded but here's the rub - it all hinges on the word "authorized": Customers will assume that they get to determine who and what is "Authorized". This is an incorrect assumption based on wishful thinking, and utterly at odds with well-established US Law.

              Ultimately, the software application, as configured by the carrier determines what's "Authorized" - and "Lawful Intercept" is by definition going to get authorized. Every time.

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 15 Dec 2014 @ 1:46pm

                Re: Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

                "protects conference calls from unauthorized access"

                The very nature of a backdoor is to circumvent normal access, which is typical kept hidden from others so that unauthorized access is not made easier. Which also follows the flawed logic of security by obscurity which has already been well proven to be a fucking stupid idea.

                The Government is becoming the very thugs we are looking to be protected from, and for some have already BECOME!

                reply to this | link to this | view in chronology ]

              • icon
                John Fenderson (profile), 15 Dec 2014 @ 2:02pm

                Re: Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

                Claiming "end-to-end encryption" is claiming otherwise.

                reply to this | link to this | view in chronology ]

                • icon
                  sigalrm (profile), 15 Dec 2014 @ 2:29pm

                  Re: Re: Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

                  Because Telco's are oh-so-trustworthy, always adhere to their marketing collateral, and never redefine words, terms, and phrases to mean something other than what a technically inclined person would think they mean?

                  If Verizon copies the encrypted stream as it's delivered from endpoint to endpoint and then decrypts the copy off-line using key escrow technology, it's still technically "end-to-end" encryption because there's no encrypt/decrypt/re-encrypt step in the interception. The endpoints can talk directly to each other, negotiate their own session keys, etc. Am I splitting hairs? Absolutely. Is that the same type of hair that a telco's lawyer would split? Absolutely. And that's just one way they'll monkey around with it.

                  It's a fun new game called "exploit the loophole", and everyone's playing - even the home game.

                  I haven't picked apart the marketing collateral, but it was written by lawyers specifically for the intent of being entirely true even if intentionally misleading. But at the end of the day, by all accounts, Verizon has stated that they've built in LI capabilities. So the way to ask the question is: "Now that they've said they're doing it, how are they doing so in a way that doesn't result in them losing a false-advertising lawsuit?"

                  reply to this | link to this | view in chronology ]

                  • icon
                    John Fenderson (profile), 15 Dec 2014 @ 2:51pm

                    Re: Re: Re: Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

                    What you're saying here is "telcos lie". Which is absolutely true, and was pretty much my point.

                    reply to this | link to this | view in chronology ]

                    • icon
                      sigalrm (profile), 15 Dec 2014 @ 2:56pm

                      Re: Re: Re: Re: Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

                      Fair enough. I probably misread the intent in your post. No offense was intended.

                      reply to this | link to this | view in chronology ]

                      • icon
                        John Fenderson (profile), 15 Dec 2014 @ 3:07pm

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

                        I see nothing in anything you said that would offend me. :)

                        reply to this | link to this | view in chronology ]

                • icon
                  Uriel-238 (profile), 15 Dec 2014 @ 7:07pm

                  "End-to-end"

                  It's labeled as "end-to-end" encryption the way that new wireless data technologies two years ago were labeled as "4G".

                  reply to this | link to this | view in chronology ]

          • identicon
            Scote, 15 Dec 2014 @ 12:58pm

            Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

            "Verizon - as a telephone company - cannot legally provide a voice service in the United States which doesn't accommodate lawful intercept as required by CALEA. Full Stop."


            AKA, why you must not purchase any "secure" communications platform from Verizon or any Telco - though with all the secret stuff the NSA and the Obama administration do, including lifetime gag orders, there's no way to know for sure if *any* closed source security app is actually secure. And open source apps are just begging for subtle, really hard to notice tweaks that make one minor change or error default or whatnot that transforms secure into interceptable. There is no panacea for security. :-p

            reply to this | link to this | view in chronology ]

            • icon
              sigalrm (profile), 15 Dec 2014 @ 1:12pm

              Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

              To be fair, with lifetime gag orders, you can't necessarily trust open source, either, unless you manually vet it yourself, and lets face it - there's a very, very small percentage of the population who can do that effectively.

              reply to this | link to this | view in chronology ]

              • icon
                Chronno S. Trigger (profile), 15 Dec 2014 @ 2:20pm

                Re: Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

                "there's a very, very small percentage of the population who can do that effectively."

                But that's still thousands upon thousands of people. It only takes one to get the information out.

                reply to this | link to this | view in chronology ]

                • icon
                  sigalrm (profile), 15 Dec 2014 @ 2:41pm

                  Re: Re: Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

                  This is why a generalized erosion of trust is so insidious, and appears to be a key component of an overarching campaign.

                  It's hard to know who to trust when it comes to crypto right now, and the overall climate is one where it becomes easy to call into question the credentials of well-known crypto engineers, and a fools errand to trust anonymous contributors.

                  This is not a good spot to be in.

                  reply to this | link to this | view in chronology ]

            • icon
              John Fenderson (profile), 15 Dec 2014 @ 2:12pm

              Re: Re: Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

              "though with all the secret stuff the NSA and the Obama administration do, including lifetime gag orders, there's no way to know for sure if *any* closed source security app is actually secure."

              In all fairness, there's no way to know with 100% certainty that any security app or process is actually secure even regardless of all that secret stuff.

              Any security plan that relies entirely on any single security mechanism is a terrible security plan. This isn't a new thing at all -- it has been this way for the whole history of mankind. This is also why I discourage people from thinking of crypto as some kind of final word in security. It isn't anything of the sort.

              It's also, by the way, by PGP was named "pretty good privacy" -- to try to keep people from thinking of it as some kind of panacea.

              reply to this | link to this | view in chronology ]

      • identicon
        Scote, 15 Dec 2014 @ 12:47pm

        Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

        True, true. And it's just what I've always needed, a secure voice encryption system with all the security of a TSA approved baggage lock*. (


        *Really, "lock" should be in quotes. A zip tie is more of a lock than those things that can be opened by universal keys that pretty much anyone and everyone has or can buy or make.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 15 Dec 2014 @ 4:14pm

          Re: Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

          That's why I always use zip ties when traveling anywhere. Even if they replace it, they're not going to be using the same kind you do. And there's no way they're going to attempt to get that tie open stealthily instead of just cutting it off and replacing it. Plus, I bet a bunch of TSA guys don't bother with luggage that has a zip tie -- as the tie usually indicates someone's already been through the bag ;)

          I've had every one of my luggage locks cut; I've never had a zip tie cut.

          reply to this | link to this | view in chronology ]

      • icon
        sigalrm (profile), 15 Dec 2014 @ 12:57pm

        Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

        Rich,

        For what it's worth, the FBI has links to all of the relevant lawful intercept technical standards here: http://askcalea.fbi.gov/standards.html

        Many of them are freely available for download, although even the for-pay standards look to cap out at about $350 to purchase.

        So, not only are they "pre-compromised" as you put it - the standards documents are readily available to anyone who's bored enough to read them.

        reply to this | link to this | view in chronology ]

      • identicon
        izzyz, 21 Dec 2014 @ 3:21am

        Re: Re: Not even an NSA backdoor, its an "Every LEO and Gov. Agency Backdoor."

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 12:26pm

    Just like "Unlimited" doesn't mean unlimited to AT&T, "End-to-end Encryption" doesn't mean End-to-end encryption for Verizon.

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 15 Dec 2014 @ 12:26pm

    The ending to this story I hope for...

    Again, I accidentally tapped enter in the subject line and submitted... I think before I actually added any text.

    Is that one of our grey-hats finds and publicizes the back door within a week, after which Verizon tries to sue him or prosecute him and gets laughed out of court. Preferably without any actual jail time for the poor grey-hat.

    Backdoors and golden keys are serious vulnerabilities. Apparently we need someone to demonstrate this in a way that ridicules those who don't get it.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2014 @ 12:42pm

      Re: The ending to this story I hope for...

      Oh most of them do get it. They just want to exploit those vulnerabilities themselves, and aren't too worried about who else exploits the vulnerabilities.

      reply to this | link to this | view in chronology ]

    • identicon
      ronnor, 16 Dec 2014 @ 11:56am

      Re: The ending to this story I hope for...

      "Apparently we need someone to demonstrate this in a way that ridicules those who don't get it". Someone like Senator Feinstein or some of the Judges on the Supreme Court.

      reply to this | link to this | view in chronology ]

  • identicon
    Michael, 15 Dec 2014 @ 12:29pm

    "end-to-end"

    To be fair, they didn't say that the other end wasn't the NSA.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 12:37pm

    Very generous.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 12:39pm

    "... it is poor civic hygiene to install technologies that could someday facilitate a police state."

    Thank you, Mr. Schneier.

    reply to this | link to this | view in chronology ]

  • icon
    BentFranklin (profile), 15 Dec 2014 @ 12:41pm

    ...so long as they're able to prove that there's a legitimate law enforcement reason for doing so

    Does this mean a warrant? If so, I'm okay with that. I thought we were against warrantless surveillance.

    reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 15 Dec 2014 @ 12:59pm

      Re:

      I'm sure that it doesn't mean that at all. Requiring a warrant would be a higher level of restriction. If they required a warrant, they would have said that.

      reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 15 Dec 2014 @ 1:07pm

      "legitimate law enforcement reason"

      That's vague as fuck. Essentially, any time an officer wants to listen in, they get to do so.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2014 @ 1:54pm

      Re:

      Even if it were just with a warrant, that wouldn't be good enough. There's no way to ensure that they government won't use a national security letter.

      If companies were allowed to disclose what NSL's they are being served (perhaps after some period of time), I would be more comfortable with it.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 15 Dec 2014 @ 1:58pm

        Re: Re:

        "If companies were allowed to disclose what NSL's"

        You have already failed... it has been well proven that people like you can be fooled too easily.

        To get this passed by someone like you they will allow companies to disclose them for a day to secure your vote then rip the carpet out from under you.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2014 @ 3:00pm

      Re:

      "What? Oh no, you missunderstood. We don't want to listen to the person we want to listen to the phone. We think it is dealing drugs and before we raid the phone we want to be sure."
      If you can sue a house you can listen to a phone.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2014 @ 3:26pm

      Re:

      No, not a warrant.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 12:41pm

    Yes we need to access all of the calls made from this cellphone because my drug dog sniffed some drugs on the call.

    reply to this | link to this | view in chronology ]

  • identicon
    John Cressman, 15 Dec 2014 @ 12:49pm

    Excellent!

    I'll put this on my Christmas list... along with the front door lock that all criminals can pick and windows shades that allow neighbors to see through.

    reply to this | link to this | view in chronology ]

  • icon
    clemahieu (profile), 15 Dec 2014 @ 12:50pm

    Title 2 reclassification makes law enforcement assistance even worse.

    Unintended consequence of giving the FCC authority

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2014 @ 1:10pm

      Re:

      Title 11 for Verizon and Comcast et al, does not change any relationships the government has with Google and Netflix et al.

      reply to this | link to this | view in chronology ]

  • icon
    GeeC (profile), 15 Dec 2014 @ 12:52pm

    So it is $45 for a constant MITM running on my phone? Decisions....

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 12:54pm

    ...so long as they're able to prove that there's a legitimate law enforcement reason for doing so.

    Notice here he doesn't say "warrant" - how interesting.

    "Just because a government access option exists, it doesn't mean other companies can access it."

    Yes, of course...because that's who we're afraid of exploiting government-mandated backdoors...companies.

    Sounds like Verizon's marketing department needs a real enema if this is the best spin they can come up with.

    reply to this | link to this | view in chronology ]

  • icon
    John Fenderson (profile), 15 Dec 2014 @ 12:54pm

    A company to avoid

    It's only creating a weakness for government agencies," he says. "Just because a government access option exists, it doesn't mean other companies can access it."


    That the VP of a company can make such a ludicrous statement tells me that the company is completely incompetent when it comes to security matters and their products and services cannot be trusted (even ignoring the presence of the backdoor).

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 1:03pm

    I prefer not to be a walking target, I got rid of my mobile phone and haven't looked back. As of this month I have saved over one thousand dollars in phone bills. Happy Holidays. :)

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 1:07pm

    Well. Whaddaya know - somebody's actually selling a Tiger Rock.

    reply to this | link to this | view in chronology ]

  • icon
    connermac725 (profile), 15 Dec 2014 @ 1:20pm

    END TO END TO END

    And more for a small fee
    they should have some kind of government subsidy for the rate plan you know because the government is in on that end to end to end

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2014 @ 1:52pm

      Re: END TO END TO END

      ha ha ha...

      You much remember... Government is essentially a LEGAL racket.

      You pay them to protect you... from them!

      This is the reason that Government is the greatest threat to mankind. I can more easily defend myself from an invading army than I can from government thugs.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 1:32pm

    What's the point of making interception capabilities mandatory when criminals can just choose to use options that are truly end-to-end encrypted?

    reply to this | link to this | view in chronology ]

    • icon
      sigalrm (profile), 15 Dec 2014 @ 1:50pm

      Re:

      What's the point of making interception capabilities mandatory when criminals can just choose to use options that are truly end-to-end encrypted?

      Easy identification of targets comes to mind...

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 15 Dec 2014 @ 1:56pm

        Re: Re:

        Security theater, and good old self fulling prophecies as well.

        To make everyone a criminal ripe for picking from the crop as needed you just tweak the rules so that it is not possible for them to make it from home to work without breaking some laws, no matter how benign.

        As an officer will tell you... follow anyone long enough and they will make a mistake that justifies and excuse to pull you over. This way they can have their cake and then accuse everyone else using non-government friendly tools or encryption to begin with as we are now of being terrorists with something to hide. As I said... self fulfilling prophecy.

        reply to this | link to this | view in chronology ]

        • icon
          sigalrm (profile), 15 Dec 2014 @ 2:03pm

          Re: Re: Re:

          AC:

          Indeed. It comes back to this oldie (but goodie):

          "If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him."

          Commonly attributed to Cardinal Richelieu (1585-1642) although I gather there might be some dispute there.

          Smart guy. He would have _loved_ mobile devices.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 1:36pm

    we'll all go for that as long as the heads of Verizon and the NSA use it too, so we can listen in by the 'back door' on what they're up to! no cheating now by using different phones!!

    reply to this | link to this | view in chronology ]

  • identicon
    David, 15 Dec 2014 @ 1:42pm

    Who is this for?

    Given the backdoor, exactly who is this 'end-to-end' encryption protection protecting us from? Bueller? Bueller?

    reply to this | link to this | view in chronology ]

  • icon
    limbodog (profile), 15 Dec 2014 @ 2:20pm

    Can you even call it encrypted when so many have the password?

    At that point, isn't it just needlessly complicated?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 2:20pm

    "Cellcrypt and Verizon both say that law enforcement agencies will be able to access communications that take place over Voice Cypher, so long as they're able to prove that there's a legitimate law enforcement reason for doing so."

    Ummm, law enforcement can access communications right now as long as they're able to prove that there's a legitimate law enforcement reason for doing so. Its called a warrant. If you sign up for this, can law enforcement just say "we have a good reason" or do they still have to get a warrant?

    reply to this | link to this | view in chronology ]

  • icon
    Retsibsi (profile), 15 Dec 2014 @ 2:51pm

    Of course the beauty of this scheme is that by singing up for it you immediately go on Verizon's records as someone who appears to have something to hide.
    Sounds rather like the scheme some years ago when the UK government arranged for an article / book to publicly suggest that terrorists didn't bother with life insurance when taking a plane trip. Needless to say, having suggested a way for terrorists to hide their tracks by signing up for life insurance, anyone who then signed up for life insurance when booking a plane trip promptly became someone of interest to the security services....

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 3:20pm

    The droids you are looking for aren't here.

    reply to this | link to this | view in chronology ]

  • icon
    Berenerd (profile), 15 Dec 2014 @ 3:24pm

    they do know that if you make a back door, SOMEONE will figure out how to get into it illegally, other than the police....

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 3:27pm

    CALEA backdoors have already been used by hackers to break into Greece's phone systems and spy on Greece's prime minister, his defense and foreign affairs ministers, top military and law enforcement officials.

    http://spectrum.ieee.org/telecom/security/the-athens-affair

    Hackers used Regin to infect Belgacom's cellphone networks in Belgium. Allowing hackers to issue GSM commands directly on Belacom's network infrastructure, redirect calls, and gather location information about customers.

    http://securelist.com/blog/research/67741/regin-nation-state-ownage-of-gsm-networks/

    Why anyone would use, let alone pay for security software with intentional weaknesses designed into it for hackers and other nation states to exploit. Is beyond me.

    Especially when there's lower cost and more secure alternatives such as Silent Circle or free software solutions such as TextSecure and RedPhone.

    If you're afraid about cellphone backdoors there's even devices that encrypt your voice before it ever touches the cellphone's microphone. In that case JackPair voice encryption might float your boat.

    I believe Verizon's push for Crypto Wars v2.0 is somehow about trying to set a legal precedent for backdoors in telcom devices. Sounds like another Clipper chip to me.

    I don't believe CALEA currently requires telcoms to modify their end-to-end encryption software on order to make it wiretap friendly. Which means Verizon chose to introduce the backdoors voluntarily on their own accord. That to me, speaks about their attitude towards the privacy of their customers. Or lack of.

    I don't want hackers and foreign governments listening to my private, backdoored conversations.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 3:36pm

    My hoodie-footie PJ's have a builtin backdoor

    for NSA/FBI "end to end" surveillance.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 3:42pm

    The "Cypher" in "Voice Cypher" is just Rot13

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 3:49pm

    Backdoors don't know difference between good guys and bad guys

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Dec 2014 @ 8:08pm

      Re: good guys and bad guys

      It is a difficult distinction, in any circumstance. Particularly when so many who think themselves good guys, aren't.

      reply to this | link to this | view in chronology ]

  • icon
    Lewis V (profile), 15 Dec 2014 @ 4:25pm

    "Verizon Offers Encrypted Calling With NSA Backdoor"

    Always hated verizon. They've always been more friendly with government and special interests (i.e. MPAA/RIAA mafia) than with their regular customers. As long as they're making money, why should they care about you? Bank of america along with other institutions screwed the American people with bad home loans. Then screwed everybody by taking away they're homes and making billions of dollars more in the process. NONE went to jail. But many people, stupidly, still do business with them.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 9:39pm

    So, the only people who would buy that service are people who:

    -Are somewhat lacking in tech literacy and/or knowledge of current events.
    -Own a smartphone.
    -And need to communicate sensitive information privately.

    So, Sony employees, celebrities prone to taking nude photos, hopefully more than a few government employees...
    When (not if) this "secure calling" feature gets hacked, it's surely going to unleash yet another blockbuster dramabomb. I can't wait. :)

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2014 @ 11:27pm

    Oh, so it's a double-end-to-end encryption.

    You NSA whom you call.

    Sweet.

    reply to this | link to this | view in chronology ]

  • identicon
    DorgleFlorgle the Amateurish, 16 Dec 2014 @ 3:29am

    Hmmm

    Seth Polansky, Cellcrypt's vice president, says..."Just because a government access option exists, it doesn't mean other companies can access it."

    And this guy works in encryption software. Wow.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Dec 2014 @ 3:04pm

    Just because a government access option exists, it doesn't mean other companies can access it."

    No, it just means GOVERNMENT can access it

    You dip wad whose purpertrating that this is an okay thing

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Dec 2014 @ 4:36pm

    Let me not throw my money at the screen

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Dec 2014 @ 1:37pm

    That old joke about an amercian and a russian diplomat

    I remember that old joke about an american and russian diplomat bragging about their countries during the cold war.

    The american diplomat says: "our country is great, we can pick up the phone, dial a number and talk to the police."

    The russian diplomat says: "we don't have to dial."

    --

    It looks like the americans have copied the red menace :-)

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.