[liberationtech] Silent Circle experiences rapid growth in wake of NSA surveillance scandal

2013-07-01 Thread Yosem Companys 
http://gcn.com/blogs/cybereye/2013/06/agencies-sudden-interest-encrypted-comm.aspx

Agencies showing sudden interest in encrypted comm

Silent Circle, the company that provides end-to-end BYOD encryption,
has introduced a Web-based management console to support large
deployments of crypto licenses. It was developed largely in response
to government demand for a tool to manage enterprisewide licensing,
said CEO Mike Janke.

Government was always a primary market for Silent Circle, but the
speed of adoption has caught the company by surprise.

“We had no idea that government customers would need a thousand
subscriptions,” said Janke, a former Navy SEAL. “We didn’t see any of
this coming. We envisioned 10 special ops guys, reporters in Sudan or
some individuals around the world.”

Silent Circle’s secure voice, text, mail and video communications have
gone in less than a year from being a point-to-point solution to an
enterprise tool. There has been strong adoption in the financial
industry and with oil companies, but “most of it was from [the Defense
Department] and other government agencies,” Janke said.

The company has benefited from current events, particularly recent
revelations about the National Security Agency’s surveillance of
Internet and telephone communications. Growth, already a strong 100
percent month-over-month, rocketed to 420 percent in the last
two-and-a-half weeks. Agencies that were buying 50 subscriptions now
are buying hundreds as concerns grow not only about government
snooping, but also of government leaking.

Encrypted communications is not new. What Silent Circle has done is
make it practical for bring-your-own-device environments by harnessing
the computing power of smart phones for crypto key management, cutting
the middle man out of the security equation. Keys remain in the hands
of the end users rather than a server, eliminating the need for trust
in a third party.

Secure peer-to-peer connections with Silent Circle Android and iOS
apps use the Zimmermann Real Time Transport Protocol, a crypto key
agreement protocol for voice over IP that uses the Diffie-Hellman key
exchange and the Secure Real Time Transport Protocol. Encryption is
done with NSA Suite B cryptography, a public interoperable set of
crypto tools that include the Advanced Encryption Standard, Secure
Hash Algorithm 2 and elliptic curve digital signature and key
agreement algorithms. The company operates its own network with SIP
servers and codecs, but all encryption and security remain on endpoint
devices.

Just 35 percent of the company’s business is in North America, with
the rest of it off-shore in countries where security has long been a
bigger issue than here. “We look at things in a bit of a bubble here
compared to the rest of the world,” Janke said. People in Europe and
Asia not only have to worry about NSA snooping, but also about their
own intelligence agencies.

Although it is available in time to take advantage of the post-PRISM
boom in secure communications, the new console was in the works well
before the NSA leaks. “It took five months for our team to create
this,” Janke said, primarily because of the security required for the
portal. The console is a business management tool only and has nothing
to do with encryption. It does not hold or manage keys and does not
have access to message content. “It in no way, shape or form touches
the technology.”

Despite the unexpected growth, Janke said Silent Circle is holding to
its course for releasing new products this year, several of which,
requested by government customers, now are in beta. These include
encrypted file transfer from desktops, secure video conference calling
and encrypted voice mail.

Posted by William Jackson on Jun 28, 2013 at 9:41 AM
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Silent Circle experiences rapid growth in wake of NSA surveillance scandal

2013-07-01 Thread Julian Oliver 
..on Mon, Jul 01, 2013 at 11:35:13AM -0700, Yosem Companys wrote:
 http://gcn.com/blogs/cybereye/2013/06/agencies-sudden-interest-encrypted-comm.aspx
 
 Agencies showing sudden interest in encrypted comm

Suckers.

-- 
Julian Oliver
http://julianoliver.com
http://criticalengineering.org
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Silent Circle experiences rapid growth in wake of NSA surveillance scandal

2013-07-01 Thread Brian Conley 
Nadim, I hope you, Arturo, and other clueful people will reach out to
reporters who may be interested in covering these issues. Let me know if I
can assist with making contacts.

Brian


On Mon, Jul 1, 2013 at 1:45 PM, Nadim Kobeissi na...@nadim.cc wrote:

 Silent Circle's response to critical security vulnerabilities has been
 *extremely* bad. They recently quietly fixed numerous critical
 vulnerabilities that could lead to a full compromise, without informing
 their users or submitting and advisory in any way.

 Pointing to the vulnerable code on their GitHub led to both myself and
 Arturo (from GlobaLeaks) to be censored.

 More information:
 https://github.com/SilentCircle/silent-phone-base/issues/5#issuecomment-20232374

 NK

 On 2013-07-01, at 2:35 PM, Yosem Companys compa...@stanford.edu wrote:

 
 http://gcn.com/blogs/cybereye/2013/06/agencies-sudden-interest-encrypted-comm.aspx
 
  Agencies showing sudden interest in encrypted comm
 
  Silent Circle, the company that provides end-to-end BYOD encryption,
  has introduced a Web-based management console to support large
  deployments of crypto licenses. It was developed largely in response
  to government demand for a tool to manage enterprisewide licensing,
  said CEO Mike Janke.
 
  Government was always a primary market for Silent Circle, but the
  speed of adoption has caught the company by surprise.
 
  “We had no idea that government customers would need a thousand
  subscriptions,” said Janke, a former Navy SEAL. “We didn’t see any of
  this coming. We envisioned 10 special ops guys, reporters in Sudan or
  some individuals around the world.”
 
  Silent Circle’s secure voice, text, mail and video communications have
  gone in less than a year from being a point-to-point solution to an
  enterprise tool. There has been strong adoption in the financial
  industry and with oil companies, but “most of it was from [the Defense
  Department] and other government agencies,” Janke said.
 
  The company has benefited from current events, particularly recent
  revelations about the National Security Agency’s surveillance of
  Internet and telephone communications. Growth, already a strong 100
  percent month-over-month, rocketed to 420 percent in the last
  two-and-a-half weeks. Agencies that were buying 50 subscriptions now
  are buying hundreds as concerns grow not only about government
  snooping, but also of government leaking.
 
  Encrypted communications is not new. What Silent Circle has done is
  make it practical for bring-your-own-device environments by harnessing
  the computing power of smart phones for crypto key management, cutting
  the middle man out of the security equation. Keys remain in the hands
  of the end users rather than a server, eliminating the need for trust
  in a third party.
 
  Secure peer-to-peer connections with Silent Circle Android and iOS
  apps use the Zimmermann Real Time Transport Protocol, a crypto key
  agreement protocol for voice over IP that uses the Diffie-Hellman key
  exchange and the Secure Real Time Transport Protocol. Encryption is
  done with NSA Suite B cryptography, a public interoperable set of
  crypto tools that include the Advanced Encryption Standard, Secure
  Hash Algorithm 2 and elliptic curve digital signature and key
  agreement algorithms. The company operates its own network with SIP
  servers and codecs, but all encryption and security remain on endpoint
  devices.
 
  Just 35 percent of the company’s business is in North America, with
  the rest of it off-shore in countries where security has long been a
  bigger issue than here. “We look at things in a bit of a bubble here
  compared to the rest of the world,” Janke said. People in Europe and
  Asia not only have to worry about NSA snooping, but also about their
  own intelligence agencies.
 
  Although it is available in time to take advantage of the post-PRISM
  boom in secure communications, the new console was in the works well
  before the NSA leaks. “It took five months for our team to create
  this,” Janke said, primarily because of the security required for the
  portal. The console is a business management tool only and has nothing
  to do with encryption. It does not hold or manage keys and does not
  have access to message content. “It in no way, shape or form touches
  the technology.”
 
  Despite the unexpected growth, Janke said Silent Circle is holding to
  its course for releasing new products this year, several of which,
  requested by government customers, now are in beta. These include
  encrypted file transfer from desktops, secure video conference calling
  and encrypted voice mail.
 
  Posted by William Jackson on Jun 28, 2013 at 9:41 AM
  --
  Too many emails? Unsubscribe, change to digest, or change password by
 emailing moderator at compa...@stanford.edu or changing your settings at
 https://mailman.stanford.edu/mailman/listinfo/liberationtech

 --
 Too many emails? Unsubscribe, change to digest, or change