Skip to content

How To Keep NSA Computers From Turning Your Phone Conversations Into Searchable Text – The Intercept


As soon as my article about how NSA computers can now turn phone conversations into searchable text came out on Tuesday, people started asking me: What should I do if I don’t want them doing that to mine?

The Intercept’s Micah Lee wrote about this in March, in an article titled: “You Should Really Consider Installing Signal, an Encrypted Messaging App for iPhone.”

(Signal is for iPhone and iPads, and encrypts both voice and texts; RedPhone is the Android version of the voice product; TextSecure is the Android version of the text product.)

As Lee explains, the open source software group known as Open Whisper Systems, which makes all three, is gaining a reputation for combining trustworthy encryption with ease of use and mobile convenience.

Nobody – not your mobile provider, your ISP or the phone manufacturer — can promise you that your phone conversations won’t be intercepted in transit. That leaves end-to-end encryption – using a trustworthy app whose makers themselves literally cannot break the encryption — your best play.

As Lee writes:

Signal’s code is open source, meaning it can be inspected by experts, and the app also supports forward secrecy, so if an attacker steals your encryption key, they cannot go back and decrypt messages they may have collected in the past.

Using Signal and Red Phone means your voice conversations are always full scrambled. As Lee wrote:

Other apps with encryption tend to enter insecure modes at unpredictable times — unpredictable for many users, at least. Apple’s iMessage, for example, employs strong encryption, but only when communicating between two Apple devices and only when there is a proper data connection. Otherwise, iMessage falls back on insecure SMS messaging. iMessage also lacks forward secrecy and inspectable source code.

Signal also offers the ability for power users to verify the identity of the people they’re talking to, confirming that the encryption isn’t under attack. With iMessage, you just have to take Apple’s word for it.

The big announcements by Apple and Google last fall were about encrypting data on users’ phones, not the calls made by those phones.

Although regular phone calls on the iPhone are not encrypted, Apple’s extremely popular FaceTime service is encrypted by default, as is iMessage. So when you’re using those services (with another Apple user) your conversations are encrypted whether you knew it or not.

There are of course some caveats, as Lee writes:

It’s important to keep in mind that no technology is 100 percent secure, and an encrypted messaging app can only be as secure as the device you install it on. Intelligence agencies and other hackers can still exploit security bugs that have not been fixed, known as zero day exploits, to take over smartphones and bypass the encryption that privacy apps employ. But apps like Signal go a long way to making mass surveillance of billions of innocent people infeasible.

One Comment
  1. Reblogged this on TheFlippinTruth.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: