Call Encryp­tion App Costs More Than Your iPhone. If you really had rea­son to encrypt your phone calls — or were on the pay­roll of the MI6 –  per­haps a $1,600 yearly sub­scrip­tion to a cell phone call encryp­tion app ser­vice would make sense.

[…]

While the app is free to down­load, both the caller and the receiver have to join the ser­vice that costs sev­eral times more than their phones. [Cult of Mac]

Alter­nately, you could buy Ground­wire for $9.99, and then spend another $24.99 on “ZRTP For Out­go­ing Calls” as an in-app pur­chase if you want to make out­go­ing encrypted calls. Sup­port for incom­ing calls is included in the basic app, and no yearly sub­scrip­tion is required. The price dif­fer­ence is so enor­mous that I can’t imag­ine any legit­i­mate rea­son why any­one would pay for the over­priced option. I there­fore must con­clude that it really is intended only for gov­ern­ment employees.

End-to-End Encrypted Cell Phone Calls.

Android app. (Slash­dot thread.)

[Schneier on Secu­rity]

From the article:

Red­Phone uses ZRTP, an open source Inter­net voice cryp­tog­ra­phy scheme cre­ated by Phil Zim­mer­mann, inven­tor of the widely-used Pretty Good Pri­vacy or PGP encryption.

[…]

TextSe­cure uses a sim­i­lar scheme devel­oped by cryp­tog­ra­phers Ian Gold­berg and Nikita Borisov known as “Off The Record” to exchange scram­bled text messages.

This means that you could talk securely to any­one using Zfone on a com­puter, and IM securely to any­one with Adium or another app that sup­ports the OTR protocol.

There’s also this rather impor­tant dis­tinc­tion from Skype, the “secu­rity” of which I’ve crit­i­cized before:

Whis­per Sys­tems’ apps aren’t the first to bring encrypted VoIP to smart­phones. But apps like Skype and Von­age don’t pub­lish their source code, leav­ing the rigor of their secu­rity largely a mat­ter of speculation.

This thread in Source­Forge sug­gests that the GPG­Mail plu­gin, needed to inte­grate GPG with Apple Mail, has found a new devel­oper who is updat­ing it to work with Snow Leop­ard. This is good news, as PGP is once again insist­ing that they will not update their own Mail plugin–they really want to force their cus­tomers into using their hor­ri­bly crappy encrypt­ing proxy, which is some­thing I cer­tainly won’t do.

After try­ing it for three weeks with­out prob­lems, I bought the lat­est ver­sion of PGP Desk­top Pro­fes­sional, which includes whole disk encryp­tion. Both my Mac­Book Pro’s inter­nal hard drive and the exter­nal drive I use for Time Machine back­ups have got­ten along with it just fine, even through the sys­tem update to 10.5.7. For the most part there’s no notice­able impact on per­for­mance, but then my lap­top doesn’t do any­thing really disk intensive–all my pho­tog­ra­phy work hap­pens on a dif­fer­ent com­puter which I will not be encrypt­ing. There did seem to be a slow­down in Time Machine back­ups, but that’s not an area where per­for­mance is really rel­e­vant. I would really pre­fer to use True­Crypt, but as it cur­rently can only do whole disk encryp­tion on Win­dows (where I have been using it for some time), that wasn’t an option.

The rest of the PGP Desk­top pack­age gets a mixed review. I had looked at PGP last sum­mer and dis­missed it as unac­cept­able because of the hor­ri­bly designed proxy it relies on for encrypt­ing email, but this time around I dis­cov­ered that there is also an offi­cially unsup­ported plu­gin avail­able for Mail. The plu­gin works the same way as the GPG­Mail plu­gin, but with fewer fea­tures. This is not sur­pris­ing, as they have the same author. Appar­ently some brain­less prod­uct man­ager at PGP Cor­po­ra­tion had decided to kill the plu­gin (pre­sum­ably to force users into using their worth­less proxy), and it was brought back by pop­u­lar demand.

Since the last time I looked at PGP, it’s lost the abil­ity to com­mu­ni­cate with pub­lic key servers other than the one actu­ally run by PGP Cor­po­ra­tion, which very few peo­ple use. Accord­ing to a thread on the PGP sup­port forum, the devel­op­ers know about this bug and just don’t care about fix­ing it. Well, nobody will ever accuse the PGP Cor­po­ra­tion of hav­ing good cus­tomer ser­vice or QA! For­tu­nately the key­servers have web inter­faces so the prob­lem can be worked around as long as you’re using the “unsup­ported” Mail plu­gin. Any­one fool­ish enough to use the proxy will be out of luck, though.

I ulti­mately decided to switch from GPG to PGP for my email needs, at least for the moment, because while both of them have huge prob­lems on the Mac, PGP’s refusal to work with key­servers that aren’t owned by the PGP Cor­po­ra­tion is less of a prob­lem than the hideously unus­able key­chain man­age­ment that GPG inflicts.

This was posted on the PGP-Basics mail­ing list by Robert J. Hansen:

Some researchers are claim­ing they’ve been able to make the Sheng­dong
Uni­ver­sity attack on SHA-1 a fac­tor of about 2000 times eas­ier. If
their research is cor­rect, that means SHA-1 is now attack­able by reg­u­lar
people.

These results are not unex­pected. We knew this day would come. For the
last cou­ple of years most crypto nerds have been strongly rec­om­mend­ing
peo­ple either migrate away from SHA-1 imme­di­ately, or at the very least
have a migra­tion plan put together.

If you have already migrated — then you may ignore this development.

If you have not — then it is increas­ingly urgent you do so.

Orig­i­nal URL:

http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf

Review: PGP Whole Disk Encryp­tion for Mac OS X [Paul Sta­ma­tiou]

Another good review. This one doesn’t men­tion Time Machine, but goes into more detail on cold boot attacks.

Secur­ing Your Disks with PGP Whole Disk Encryp­tion [Tid­BITS: Mac News for the Rest of Us]

A gen­er­ally good review of the new PGP disk encryp­tion soft­ware, but I do see a cou­ple of prob­lems. First, the author only hints at how it works with Time Machine, which is an area of inter­est to me. In the­ory it should be fine (although obvi­ously you’d need to encrypt Time Machine’s backup vol­ume too), but when it comes to soft­ware com­pat­i­bil­ity the­ory and prac­tice often diverge.

Sec­ond, the author says that it’s a “lim­i­ta­tion” that PGP Whole Disk Encryp­tion only secures your data when the com­puter is off, and not just while it’s asleep. I con­sider that a nec­es­sary func­tion, not a lim­i­ta­tion. Because it’s entirely pos­si­ble to recover sen­si­tive data (such as the passphrase for the hard drive) from a “sleep­ing” computer’s mem­ory, claim­ing to encrypt when a com­puter is put to sleep would only be pro­vid­ing a false sense of security.

I’m inter­ested in this prod­uct for my own use, but given PGP, Inc.‘s rather spotty record to date (they’ve man­aged to ren­der their main PGP prod­uct unus­able in the name of usabil­ity improve­ments), I’m wait­ing for a while to be sure that there aren’t any hid­den problems.

How To Talk So The Gov­ern­ment Can’t Lis­ten. Part 1: how to encrypt your e-mail in Gmail with GPG (for use with Gmail or other web mail inter­faces on Fire­fox in Win­dows) [Rad Geek People’s Daily]

A good detailed tuto­r­ial on how to use GPG to pro­tect your email within Gmail. The parts deal­ing with key man­age­ment are Windows-specific–the state of Mac sup­port for GPG is con­sid­er­ably infe­rior and Linux sup­port (at least in the Ubuntu dis­tri­b­u­tion) is bet­ter, but the details are different.