Thanks, Talmon, for replying. This leaves a lot of questions open, unfortunately. There is a lengthy thread on Viber security on the Stanford University Liberation Technology list with a number of security experts, so copying your response to the list.
Regards, Katrin On Sep 21, 2012, at 12:37 PM, Talmon Marco wrote: > Dear Katrin, > > My name is Talmon Marco and I am Viber's CEO. The question you sent to > our Privacy/Support team was brought to my attention. > > Generally speaking, absent physical or software access to the device > message sent via Viber should be considered secured and fully > encrypted between the user and the server. That means that Viber has > the technical capability to access messages. To date, we have never > done this, but this is something that could be developed. > > Voice may or may not pass through our servers (depending on network > conditions). Voice is scrambled, but not encrypted. So someone who > manages to capture the voice packets going between users may, in > theory be able to access the audio. They will need a good > understanding of what we do, but theoretically, it's possible. > > Identity, login, etc. are fully encrypted, protected by secret keys > and all the other "right things". However, if you are using an Irani > phone number as your ID, it stands to reason that Irani government > could register the same number and access the activation SMS. You may > want to register using a non Irani number - pinger, for example, gives > away free US numbers. > > As for warrants, we generally accept warrants but only from countries > where we believe due process exists. Iran does not fall under this > category and as such we will not be accepting warrants issued by Iran. > > I hope this addresses your question. > > Kind Regards, > > Talmon > > --- > Talmon Marco, CEO > Viber Media, Inc. > > > > Sent from my Phone Katrin Verclas MobileActive.org kat...@mobileactive.org skype/twitter: katrinskaya (347) 281-7191 A global network of people using mobile technology for social impact http://mobileactive.org -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
