Secure Communication Comes To Android 150
An anonymous reader writes "Forbes is reporting that Moxie Marlinspike and Stuart Anderson's startup, Whisper Systems, has released a public beta of two Android applications that provide encrypted call and SMS capabilities for your Android phone. In the wake of recent GSM attacks, it'll be interesting to see if smartphones end up providing a platform that fundamentally changes the security we can expect from mobile communication."
Re:Less useful (Score:1, Insightful)
Because just rewriting the whole GSM spec is done easier than this.
Re:Slashdotter's rejoice! (Score:4, Insightful)
Well okay but say you are in Iran or Thailand and you want organize an action against your government. Secure mobile communications would be pretty handy for that.
Re:Slashdotter's rejoice! (Score:3, Insightful)
Well, okay, but say you are the government of Iran or Thailand and you don't want anyone to organize anything against you. Outlawing secure mobile communications would be pretty handy for that.
Yes, your message is secure, but without some kind of steganographic method, the fact that you're using encryption is not. And neither are you, for that matter.
"Encrypted call" is misleading (Score:5, Insightful)
It's a VOIP app that encrypts the audio. Except the fact that the protocol itself is documented this is not materially different from skype which is also encrypted and has governments apparently scrambling to crack.
A truly revolutionary app would encrypt the phone's mobile call audio.
Re:Less useful (Score:0, Insightful)
Re:Slashdotter's rejoice! (Score:3, Insightful)
Really repressive governments are very skilled in the techniques of rubber hose cryptoanalisis (well, some of the formally not-repressive ones also are, as long as they can put the encrypted data being analysed in a legal limbo)
Re:"Encrypted call" is misleading (Score:2, Insightful)
Trying to re-assemble information after being passed through a lossy pipe is hard.
It's called a "modem". We have had those things for years. You could treat cell phone audio like a lossy analog channel and run a robust modem over it. But what's the point?
If you want something that sounds speech-like, that's not a lot harder.