Re: [liberationtech] Pressure Increases On Silent Circle To Release Application Source Code
On 02/06/2013 10:06 PM, Nadim Kobeissi wrote: http://www.forbes.com/sites/jonmatonis/2013/02/06/pressure-increases-on-silent-circle-to-release-application-source-code/ [Disclosure: Author is consultant for a Silent Circle reseller based in Japan.] That is one of the strangest disclosures I have ever seen. +n -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Pressure Increases On Silent Circle To Release Application Source Code
LOL! At least it implies that one of Silent Circle's customers or their consultants may support open sourcing the code. On Feb 6, 2013 8:09 AM, Nathan of Guardian nat...@guardianproject.info wrote: On 02/06/2013 10:06 PM, Nadim Kobeissi wrote: http://www.forbes.com/sites/jonmatonis/2013/02/06/pressure-increases-on-silent-circle-to-release-application-source-code/ [Disclosure: Author is consultant for a Silent Circle reseller based in Japan.] That is one of the strangest disclosures I have ever seen. +n -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Pressure Increases On Silent Circle To Release Application Source Code (Transactional data)
Please remind that for a service-based model the risks are not also related to the transactional data : http://privacysos.org/transactional_records It would be really nice to know which is the data-retention policy for: - connection logs - phone call logs - email logs (as they will provide also secure email) Additionally it would be very useful to know, being a service based business model (and not a software based one): - which is the policy related to the handling and to the publicity of NSL (National Security Letters) and other kind of inquiry (connection logs, phone call logs) from governmental's security agencies? Fabio On 2/6/13 5:20 PM, Brian Conley wrote: LOL! At least it implies that one of Silent Circle's customers or their consultants may support open sourcing the code. On Feb 6, 2013 8:09 AM, Nathan of Guardian nat...@guardianproject.info mailto:nat...@guardianproject.info wrote: On 02/06/2013 10:06 PM, Nadim Kobeissi wrote: http://www.forbes.com/sites/jonmatonis/2013/02/06/pressure-increases-on-silent-circle-to-release-application-source-code/ [Disclosure: Author is consultant for a Silent Circle reseller based in Japan.] That is one of the strangest disclosures I have ever seen. +n -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Pressure Increases On Silent Circle To Release Application Source Code (Transactional data)
Their existing policies indicate they don't store transactional data between SC users but they do store login and business data from an individual customer to SC. They have not yet released the email solution and haven't expanded their statements to include that data. They state they currently hold any logs for seven days and are working to reduce that to 24 hours. They have other statements on CALEA already but I'm not sure how anyone can address, at least ahead of time, NSLs specifically (by nature). They also offer anonymous purchasing options. All of this has gaps I'm sure we can all ponder on - but for now where they stand, which in relation to their peers sounds pretty good, is all at: https://silentcircle.com/web/law-compliance/ https://silentcircle.com/web/what-we-do-dont-do/ https://silentcircle.com/web/privacy/ https://silentcircle.com/web/ronin/ Will be interesting to see how it evolves and their first reports to customers about Government requests. -Ali On Wed, Feb 6, 2013 at 1:43 PM, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote: Please remind that for a service-based model the risks are not also related to the transactional data : http://privacysos.org/transactional_records It would be really nice to know which is the data-retention policy for: - connection logs - phone call logs - email logs (as they will provide also secure email) Additionally it would be very useful to know, being a service based business model (and not a software based one): - which is the policy related to the handling and to the publicity of NSL (National Security Letters) and other kind of inquiry (connection logs, phone call logs) from governmental's security agencies? Fabio On 2/6/13 5:20 PM, Brian Conley wrote: LOL! At least it implies that one of Silent Circle's customers or their consultants may support open sourcing the code. On Feb 6, 2013 8:09 AM, Nathan of Guardian nat...@guardianproject.info wrote: On 02/06/2013 10:06 PM, Nadim Kobeissi wrote: http://www.forbes.com/sites/jonmatonis/2013/02/06/pressure-increases-on-silent-circle-to-release-application-source-code/ [Disclosure: Author is consultant for a Silent Circle reseller based in Japan.] That is one of the strangest disclosures I have ever seen. +n -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
