Discussion in 'privacy technology' started by spy1, Jun 9, 2013.
Have it set up on my iPhone to play with.
Interesting proggy to be sure spy. Just glanced the page over a bit. Curious what algorithms it uses for scrambling the data. Since my texts and communication are always open for scrutiny anyway, possibly it may serve to dissuade spam?? Telemarketers. Dunno. Compatible with unrooted Android anyway
Sounds like it does real-time voice call encryption...? That should make the government happy Unless it is the government
Looks pretty good, and way less expensive than SilentCircle...but yeah ultimately it's almost impossible to know someone doesn't have their hand in the cookie jar.
And with the untold amounts available in "unaccounted for" funds, there's no way to be sure the budget for something like this doesn't exist. I honestly can't be sure using this kind of service wouldn't put you more at risk. (With you paying for the privilege, no less.)
The app works - functionally - as advertised. Tested it out with one of my T.I.E members. Installation was relatively easy, although you had a lot of navigation and entering of stuff to do.
Whether it does what it claims to or not I couldn't tell you.
I can tell you that if you shy away from every possible solution to the problem of government eavesdropping, you're already defeated.
"A silent patriot is a defeated patriot." Steven Peter Yevchak, Sr. circa 2013
Agreed, but how to make choices? This same dilemma exists with VPN providers. How can you trust people you don't know, and who themselves are not completely transparent about who they are and what they're doing?
Wow. That's quite a leap there, Jesse Owens.
I have no idea how this is relevant to simply having a healthy awareness of potential pitfalls in proposed "solutions."
Well it depends on the product. For software, you can use open source solutions that are widely used and well-vetted, and compile the code yourself.
For something like online storage, you might go with a provider who has a good history of being more on the side of libre and less on the side of government (e.g. Kim Dotcom). As I was pointing out here and here, it's obviously not full-proof, but I tend to trust that guy to store my data a little more than say, Dropbox. (But if it's sensitive, I'm encrypting it myself anyway, so it's not like it matters much. Just one more layer.)
For a VPN, I tend to trust the TorrentFreak guys, and it seems they have a good relationship with BTGuard and PrivateInternetAccess. Not to mention, you have the individual company's claims about how they conduct business (e.g. not keeping logs, etc.)...leaving them open not only to lost business, but a class action lawsuit if it turns out they were lying (as I discussed here).
And finally, it would be pretty difficult for them to identify you when you pay in Bitcoins.
Jackman, You have a lot of good things to say here. No question. But keep this in mind:
From Merriam Webster's Dictionary:
: showing or characterized by a patronizing or superior attitude toward others
Acting in a way that betrays a feeling of patronizing superiority.
Spy1 has been around here a long time. He's been on this stuff and we used to discuss it online as far back as the late nineties.
Yeah I noticed that. 11 years on a forum is a long time. But that's actually even more of a reason I would expect such a person to be a bit more rational. Jumping from my simply having a healthy awareness of the potential pitfalls of a given security solution, to essentially accusing me of "shying away from every possible solution" is quite hasty in my opinion.
And the quote about "silent patriots" doesn't seem to have any sort of relevance at all to this particular discussion, let alone my comment. No one said anything about "a good man remaining silent" in the face of injustice or anything like that. We're not even talking about anything remotely close to standing up for justice or "patriotism". (And let's not forget, I'm the guy who not long ago had to stand up for privacy and cite such a reason as support for the legitimate need for such technology.)
I literally called attention to a potential hole in the security of a security application, and I get hit with a righteous quote about silent patriots? C'mon.
JackmanG - You're quite right. My apologies.
My only goal in testing out the app was to find out: if it actually worked; if it was relatively easy to set up and use.
The answer to both of those was "yes".
The "trust"-ability/reliability/legitimacy of the software maker/distributor is something I have no way of checking.
It was a simple functionality check and a test I felt needed done since the app itself is so inexpensive (I'd have been suspicious myself had it been free).
Out there somewhere are people who care enough about freedom and who have the requisite knowledge to design and implement legitimate, trustworthy programs to help us overcome the perverts in our government.
Since they state on their page that the app is going to be rolled out to BlackBerry10 and Windows Phone in the near future, I was hoping that maybe the $36 U.S. per year everyone would have to pay for it after the initial free trial period was over would help make it better.
Since our government has already been abundantly shown to have every other form of normal, everyday communication sewn up, I see no harm in trying this one out. Pete
Absolutely. That's what orgs like EFF and apps like PGP are all about. It's a beautiful thing.
I'm all for trying things out. And I hope it's a good, legit service. But when it comes to security/privacy applications, particularly those dealing with communication, ultimately I have a hard time finding a way to use one with any sort of real confidence. I mean, how could you, really?
lol! Well, Jack, the alternative is to simply let the government watch, listen to and view everything you do - and to adjust YOUR freedom of speech accordingly.
I'm not really into all of that, shy and quiet as I am. Have to go update another post I made here now. Good talking to you!
Steven Peter Yevchak, Sr.
~ Removed Off Topic References ~
Again, quite hasty. There are other alternatives. You could use such technologies anyway, without being confident in their security. You could work to determine the efficacy of the technologies. You could use other technologies. You could build your own technologies.
I find it quite interesting that you constantly seem to think the only two options are blind faith or all-out disregard for privacy. I guess I just don't see things in such a (what I would consider false) dichotomy. I'm not really into all of that, prudent and enterprising as I am. Have to go eat some food now. Good talking to you, too!
Jack - Have it your way. I'm good with that. Pete
Not sure what you mean by that. Again, all I did was point out a potential pitfall in a given security service, and suggest that there are almost always options. All you've done is imply that one's only choices are to either have blind faith in any product that claims to offer any kind of security, or forget about privacy altogether.
I'm really not sure if you actually believe that, or if you're just posing a straw man so as to have something to mock.
I don't see what's wrong with free, is Linux/Tor/Truecrypt less trustworthy than commercial alternatives? Too bad it's currently Android-only, like FDE.
Has anyone sent an email to the company, asking them all the technical details, where their server is, what they log, store, etc... What legal process, from who, do they recognize? If you talk about blowing up the world, can anyone find out? You know, that kind of stuff.
I must say, $3 a month is a steal for Android to iOS VOIP in a one stop shop.
You can do it with OSTEL.me, but the iOS guys have to buy PrivateGSM.
RedPhone iOS is being worked on though.
iOS is FDE AES-256. For it to be effective, you must turn off the simple pin code and select strong encryption.
Go to General>Passcode Lock>Turn OFF the "simple passcode" (the 4 digit pin) it will then prompt you for a longer more secure passphrase or whatever.
iOS pdf file on security:
I'm still amazed how many people don't realize that the iPhone and iPads are full hardware encryption (with the right implementation on your part).
That was precisely the kind of point I was making. Apps like that were brought up only a few days ago in this very forum.
But no. If you don't put blind faith in whatever security technology is put out on the market (regardless of who it comes from, or its nature), "lol! the alternative is to simply let the government watch, listen to and view everything you do - and to adjust YOUR freedom of speech accordingly."
Did you get that? Whether this Seecrypt program does what it claims to or not in terms of security, I couldn't tell you. But I can tell you that if you shy away from every possible solution to the problem of government eavesdropping, you're already defeated.
So you need to recognize that your only options are to blindly trust this Seecrypt and any other programs like it, or simply forget about privacy altogether.
Yeah I was actually pretty pleased to read these:
Here's How Law Enforcement Cracks Your iPhone's Security Code (Video)
Apple deluged by police demands to decrypt iPhones
Apple's iMessage Encryption Seems to Be Pretty Good
Yes, you're the guy! But you can spare the drama. Lockbox got it right, you definitely come across as condescending sometimes. Plus, you misunderstood my post by taking the last lines out of context, and now you are pointing to your response as though it constitutes some sort of moral victory.
Here's my full post:
Hopefully you can see that I said "Just get rid of it" because the way the data is being stored is unsafe and most users don't realize it, not because I want to take away privacy.
To expand upon my post, I will add that those users who consider major governments to be among their adversaries should know better than to place their trust in any off-the-shelf encryption products, especially free ones from secretive, unknown developers. In my opinion TrueCrypt is completely inappropriate for storing the type of data that can get a person interrogated, tortured or imprisoned.
If you disagree with my opinions about the appropriate uses of the various off-the-shelf encryption products then you are free to say so, but you don't need to stand up on a soapbox claiming that you have just struck an important blow for freedom and privacy. We disagree, that's all. Try to do so with decency.
Not at all. I understood perfectly what you said, and I claim no victory, moral or otherwise.
I simply pointed out the fallacy in your position which you seem so proud of, that anything "illegal, dangerous or incriminating" is not worth having, and that everyone should just get rid of any such information that they possess.
And my point was that,
a) It's pretty convenient for you to say that when you aren't in a position to possess such information like, say Daniel Ellsberg, or Bradley Manning, or Edward Snowden...or any of the other hundreds of whistleblowers who risked everything to expose injustice. How nice that you have the luxury to basque in ignorance and talk about how great life is without dangerous information.
b) You have no idea what could possibly be "incriminating", "dangerous", or even "illegal", given someone with significant reach in government having enough interest in destroying you...
"Allow me to follow you around for one day, and I'll log at least three felonies...committed by you."
"There's no way to rule innocent men.
The only power government has is the power to crack down on criminals.
Well, when there aren't enough criminals, one makes them.
One declares so many things to be a crime
that it becomes impossible for men to live without breaking laws."
"Give me six lines written by the hand of the most honest man, and I’ll find something in them to hang him by."
I'll link again to the two pieces I linked in that original post, and provide a nice fresh quote from the most recent whistleblower:
-Plenty to hide
-How the NSA Will Use Your Emails and Phone Calls Against You
-"...you don't have to have done anything wrong. You simply have to eventually fall under suspicion from somebody — even by a wrong call — and then they can use this system to go back in time and scrutinize every decision you've ever made, every friend you've ever discussed something with, and attack you on that basis, to sort of derive suspicion from an innocent life, and paint anyone into context of a wrongdoer."
I honestly have no idea why you would think those extra lines from your post do anything to make you look better or help your argument. They're quite irrelevant. That's why I left them out. Because my response pertained to your laughable conclusion...that anyone who doesn't have access to whatever security apparatus you personally think is secure, who possesses anything that could possibly be "illegal, dangerous or incriminating," should just get rid of it AS SOON AS POSSIBLE[exclamation point], because "life is better without it anyway."
Believe me I, nor do I believe anyone else thinks that an important blow for freedom and privacy was struck because some anonymous guy on the internet pointed out a rather comical comment made by some other random guy on an internet forum.
Too bad you didn't really understand either of my posts, but c'est la vie.
Really? hmm. Let me tell you what I think you said and you tell me how it's incorrect:
You allege that the majority of available security products are good enough to stop your kid sister from reading your files, but essentially none of them could stop major governments from reading your files. [Why does that sound so familiar?]
Therefore, anyone who possesses illegal, dangerous or incriminating data (whatever that means), and doesn't have access to whatever security apparatus you personally think is secure (whatever that is), should get rid of all of it, ASAP. It doesn't matter what that data might be, what the world might need it for, what it might mean for the public or the future or even world policy...they should just get rid of it!...because life is better without it anyway.
That's what I thought you said. Please tell me what I got wrong.
Wow, it's even 256-bit? Will a longer password negatively impact its performance?
I've noticed that setting, might change it if I store anything important.
Never seen it before, but didn't really try digging in Apple for this stuff.
Probably doesn't advertise that, at least to consumers.
Password length doesn't matter. Well, it does, if you want it cracked...but not for performance
Separate names with a comma.