At the moment, commercially available phones require NSA personnel to communicate in code. However, NSA employees were able to freely discuss classified information using the Fishbowl phones, which were put together using off-the-shelf commercially available components.
Much easier to eavesdrop if you're not communicating in code. Technological security rises and falls with innovation but ancient spy techniques still work.
[citation][nom]otacon72[/nom]Um you can do that with any phone. Just have to add the right software and hardware.[/citation]
Yep, using a SIP Voip client and pointing it to a RFC1918 address based PBX (like Asterisk if you like open source solutions) and then having a VPN client enabled on the phone that will encapsulate everything destined for that RFC1918 address and wala. You have secure VOIP from your phone. Not hard to do. I did it on old IPAQ Phones back in the day and can do it on the iPhone now since it has a fully integrated Cisco VPN client that does both IPSEC as well as SSL VPN's. If you are going to roll it out to thousands of devices though you will need to do some QOS but it works at least on a small scale. Larger implementation will take some tweaking. Double encrypting though should add to the connection latency a good bit though.
That's why an open system is better: allows one to develop both the hardware and the software, without any platform-specific restrictions. We are talking first-gen demo devices here, but once the start is given, no telling what they'll look like few generations down. Pretty sure they'll not going to end up using commercially available VoIP software, but some program developed by themselves. Because of Android, they don't have to ask Google's permission to do it. [citation][nom]HEXiT[/nom]the watchers dont want to be watched... hmmm sounds familiar.[/citation]
I agree with that. Very familiar, indeed.
[citation][nom]gm0n3y[/nom]So the NSA is telling people to use phones based on their encryption techniques? Somehow I don't trust them.[/citation]
They did not invent the encryption, they are just using it. Believe it or not, the most widely used encryption designs are all open sourced at this point...(AES and RSA). They are that good. Even knowing the algorithm you cant see jack unless you have the needed keys.
I remember that a long time ago there was news about a encryption scheme that used 512-bit protection. It was being forbidden everywhere because of it's extreme difficulty of hacking, and governments didn't like that, since it was made to the public. Do someone remember that?
Fishbowl devices??? I picture someone wearing a fishbowl on their head so noone can hear the classified info.
[citation][nom]scook9[/nom]Even knowing the algorithm you cant see jack unless you have the needed keys.[/citation]
At least until they get that quantum chip with Shur's algo on it to solve more than just 15.
I also wonder if there are any implementation hacks like carrier iq (keystroke logging) which could intercept the voice at the device?
bahahahahaha... and yet, keywords and multilayered conversations still exist. probably just a scheme to make those within the agency feel safe to communicate over their phones so they can be listened in on too.