Perimeter
10/16/2012
05:16 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Communication Confidential: Startup Offers P2P Encrypted Voice, Text, Video

Startup Silent Circle rolls out encrypted text, voice, video -- and soon, email -- for the ultra privacy- and security-conscious

PGP email encryption creator Phil Zimmermann has co-founded a new startup offering encrypted communications services for voice, text, video, and email that operates on a new multimillion-dollar peer-to-peer network.

The privately held Silent Circle has invested somewhere between $5 million to $10 million in a custom-built, peer-to-peer network infrastructure that uses end-to-end encryption and erases the session keys after a call or text is finished.

But Silent Circle's services aren't for just anyone: "We're an encrypted communications service targeting high-end services for businesses [and individuals] around the world," says Mike Janke, co-founder and CEO of Silent Circle, which went public yesterday.

The company has four encrypted communications services: Silent Phone, Silent Eyes (for video), and Silent Text (for text messaging). Silent Mail -- encrypted email is on the horizon. The cost is $20 per user per month for all four services, and the services are aimed mainly at users who travel, especially overseas, and need to lock down their mobile devices and other communication.

Among its beta testers: Hollywood stars (not to be named, of course), NATO, and fashion designers. It's for organizations or people tired of "their intellectual property getting ripped off," says Janke, who is one of two former Navy SEALs at the company.

But Silent Circle isn't the first company to come up with a secure, private communications circle approach to privacy: Earlier this summer, startup Wickr rolled out a free app for iPhone, iPad, and iTouch devices that employs military-grade encryption and self-destruction for text, video, and picture messages. The goal of Wickr is to "leave no trace" and to, by default, ensure that online communications are not traceable by governments, corporations, or bad guys, according to the company’s mission.

Silent Circle's Janke says the concept is the same, but the products are different. "[Wickr is] just one app. We have a text app that's very similar to it, but we also are using point-to-point to build our own stand-alone network," he says. "Our product is not trying to be everything for everyone: It's for a select few professionals and individuals around the world," rather than any user, he says.

Security Investigations Inc., a boutique security firm that provides private investigation and physical security consulting services to A-list celebrities, government agencies, and dignitaries, has beta-tested Silent Circle's services. Vern Abila, president of Security Investigations, says his firm plans to use it internally as well as recommend it to its "high net-worth" individual clients,

"They designed it to look just like the iPhone screen for texting and phone calls. That will ensure people will use it a lot more," Abila says. "The peer-to-peer thing is cool ... You can talk on the phone and do video and voice at the same time and be encrypted."

Silent Circle -- led by Zimmermann, who is president -- has stuck with a self-funding model, turning away venture capital in order to remain independent and neutral. It does not store encryption keys, with the exception of its upcoming Silent Mail email service, which will allow users to either create and manage their own PGP keys or have Silent Circle's PGP Universal server generate the keys.

Voice and texting were priority in the rollout time frame. "[Voice and texting are] primarily what people do, and what everybody said they were most interested in" for encrypted communications, says Silent Circle CTO Jon Callas, who co-founded PGP.

The encrypted services initially support 4G and 3G Apple iOS devices, according to company execs; Android support is in the works.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is Senior Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.