[liberationtech] NSA-resistant Android application 'burns' sensitive messages

Tue Sep 3 19:42:23 PDT 2013

http://www.itworld.com/security/371391/nsa-resistant-android-application-burns-sensitive-messages

September 03, 2013, 9:55 PM

NSA-resistant Android application 'burns' sensitive messages
Silent Circle's messaging application ensures only the sender and
receiver can view messages and files

By Jeremy Kirk, IDG News Service

Silent Circle, a company specializing in encrypted communications,
released a messaging application for Android devices on Wednesday that
encrypts and securely erases messages and files.

The application, called Silent Text, lets users specify a time period
for which the receiver can view a message before it is erased. It also
keep the keys used to encrypt and decrypt content on the user's
device, which protects the company from law enforcement requests for
the keys.

Silent Circle, whose co-founder is encryption expert Phil Zimmerman,
abandoned its privacy-focused email service in early August following
leaks by former NSA contractor Edward Snowden detailing the U.S.
government's vast electronic surveillance efforts.

The documents passed by Snowden to The Guardian and The Washington
Post newspapers describe a host of programs designed to intercept
email and phone metadata in a broad effort aimed at tracking national
security threats. The leak also prompted a vigorous privacy debate and
interest in how to better shield electronic communications from
spying.

Silent Circle in Washington, D.C., also offers a subscription service,
Silent Phone, an encrypted VoIP (voice over IP) application for secure
phone and video calls over Wi-Fi, 3G or 4G LTE over its peer-to-peer
network.

The Silent Text application generates a new encryption key for each
new message. The key is then destroyed "so even if your device is
examined, there are no keys to be had after the conversation is
complete," according to the company's website.

Only the sender and receiver can view a message. If it was intercepted
in transit, it would be unreadable unless the interloper could obtain
the encryption key or use brute-force computing power to decrypt the
content.

The "Burn Notice" feature lets the sender set a time for a text,
video, voice recording or picture to be erased from the recipient's
device. The sender can also recall or destroy previously sent
messages. It supports files up to 100 MB.

Silent Text's destruction feature is similar to one included in Wickr,
a secure encrypted messaging application for iOS.

Silent Circle, along with Lavabit -- an email provider believed to
have been used by Snowden -- shut down their email services in early
August. Lavabit's founder Ladar Levison wrote he was under pressure
from the U.S. government but could not describe the legal issues.

A short time later, Silent Circle, which said it had not received any
subpoenas, also opted to shut down its email service as a pre-emptive
move. It said it would focus instead on real-time mobile
communications, asserting that the protocols email uses make it
vulnerable to snooping.