Perimeter
10/16/2012
05:16 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%
Repost This

Communication Confidential: Startup Offers P2P Encrypted Voice, Text, Video

Startup Silent Circle rolls out encrypted text, voice, video -- and soon, email -- for the ultra privacy- and security-conscious

PGP email encryption creator Phil Zimmermann has co-founded a new startup offering encrypted communications services for voice, text, video, and email that operates on a new multimillion-dollar peer-to-peer network.

The privately held Silent Circle has invested somewhere between $5 million to $10 million in a custom-built, peer-to-peer network infrastructure that uses end-to-end encryption and erases the session keys after a call or text is finished.

But Silent Circle's services aren't for just anyone: "We're an encrypted communications service targeting high-end services for businesses [and individuals] around the world," says Mike Janke, co-founder and CEO of Silent Circle, which went public yesterday.

The company has four encrypted communications services: Silent Phone, Silent Eyes (for video), and Silent Text (for text messaging). Silent Mail -- encrypted email is on the horizon. The cost is $20 per user per month for all four services, and the services are aimed mainly at users who travel, especially overseas, and need to lock down their mobile devices and other communication.

Among its beta testers: Hollywood stars (not to be named, of course), NATO, and fashion designers. It's for organizations or people tired of "their intellectual property getting ripped off," says Janke, who is one of two former Navy SEALs at the company.

But Silent Circle isn't the first company to come up with a secure, private communications circle approach to privacy: Earlier this summer, startup Wickr rolled out a free app for iPhone, iPad, and iTouch devices that employs military-grade encryption and self-destruction for text, video, and picture messages. The goal of Wickr is to "leave no trace" and to, by default, ensure that online communications are not traceable by governments, corporations, or bad guys, according to the company’s mission.

Silent Circle's Janke says the concept is the same, but the products are different. "[Wickr is] just one app. We have a text app that's very similar to it, but we also are using point-to-point to build our own stand-alone network," he says. "Our product is not trying to be everything for everyone: It's for a select few professionals and individuals around the world," rather than any user, he says.

Security Investigations Inc., a boutique security firm that provides private investigation and physical security consulting services to A-list celebrities, government agencies, and dignitaries, has beta-tested Silent Circle's services. Vern Abila, president of Security Investigations, says his firm plans to use it internally as well as recommend it to its "high net-worth" individual clients,

"They designed it to look just like the iPhone screen for texting and phone calls. That will ensure people will use it a lot more," Abila says. "The peer-to-peer thing is cool ... You can talk on the phone and do video and voice at the same time and be encrypted."

Silent Circle -- led by Zimmermann, who is president -- has stuck with a self-funding model, turning away venture capital in order to remain independent and neutral. It does not store encryption keys, with the exception of its upcoming Silent Mail email service, which will allow users to either create and manage their own PGP keys or have Silent Circle's PGP Universal server generate the keys.

Voice and texting were priority in the rollout time frame. "[Voice and texting are] primarily what people do, and what everybody said they were most interested in" for encrypted communications, says Silent Circle CTO Jon Callas, who co-founded PGP.

The encrypted services initially support 4G and 3G Apple iOS devices, according to company execs; Android support is in the works.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is Senior Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web