-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Feb 6, 2013, at 3:35 PM, Jeffrey Walton wrote: > On Wed, Feb 6, 2013 at 7:17 AM, Moti <[email protected]> wrote: >> Interesting read. >> Mostly because the people behind this project. >> http://www.slate.com/articles/technology/future_tense/2013/02/silent_circle_s_latest_app_democratizes_encryption_governments_won_t_be.html > > No offense to folks like Mr. Zimmermann, but I'm very suspect of his > claims. I still remember the antithesis of the claims reported at > http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/. > > I'm also suspect of "... the sender of the file can set it [the > program?] on a timer so that it will automatically “burn” - deleting > it [encrypted file] from both devices after a set period of, say, > seven minutes." Apple does not allow arbitrary background processing - > its usually limited to about 20 minutes. So the process probably won't > run on schedule or it will likely be prematurely terminated. In > addition, Flash Drives and SSDs are notoriously difficult to wipe an > unencrypted secret. > > Perhaps a properly scoped PenTest with published results would ally my > suspicions. It would be really bad if people died: "... a handful of > human rights reporters in Afghanistan, Jordan, and South Sudan have > tried Silent Text’s data transfer capability out, using it to send > photos, voice recordings, videos, and PDFs securely." No offense is taken. You don't even need a pen test. I'll tell you how it works. There's no magic there. Every message that we send has metadata on it that is a timeout. The timer starts when you get the message. So if I send you a seven minute timeout while you're on an airplane, the seven minutes starts when you receive the message. And you are correct, the iOS app model doesn't allow background tasks, so if you switch away from the app for an hour, the delete doesn't happen until you switch back to the app. Until Apple lets us do something in the background, we're stuck with that limitation. It's that simple. We hope to do better on Android. And if someone from Apple happens to be listening in, we'd love to be able to schedule some deletions. Deleting the things, however, is trivial. This is a place that iOS shines. Every file is encrypted with a unique key and if you delete the file, it is cryptographically erased. You're correct in that flash *is* notoriously difficult to wipe unencrypted secrets. Fortunately for us, all the flash on iOS is encrypted and the crypto management is easy to use. Jon -----BEGIN PGP SIGNATURE----- Version: PGP Universal 3.2.0 (Build 1672) Charset: windows-1252 wj8DBQFRE1VKsTedWZOD3gYRAvfHAJ0dd9tSABRZkJxtdM4QbcI+d/jQqACgnPN7 nZ0rsFPcGCU9KNQEqSu70HU= =nsyj -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
