Silent Circle has become quite popular in recent weeks. In the wake of revelations by the government, NSA and whistle blower Edward Snowden that several thousand government contract workers with top secret clearance may have access to everyone’s private online communications, many people are reevaluating their security arrangements.
Encryption is effective, but encoding messages on a case-by-case basis is clumsy and time-consuming. Silent Circle offers a more convenient solution. DefenseNews gives details of the company’s approach to private communications. For a monthly fee, the messages you send from a particular device can’t be read and intercepted by third parties because they are encrypted to a very high standard. The system has been approved for secure government communications, but it is available to companies and individuals as well.
How Silent Circle Works
Silent Circle operates their own secure servers. Your encrypted messages or data are sent from your device to the company servers using known encryption protocols. The key for the encryption is generated on your device and is erased after the transmission is complete. The servers send your encrypted messages to the recipients. If the recipients subscribe to Silent Circle, the messages are decrypted on their devices. If they are not subscribers, they may receive an unencrypted message.
The company does not keep the keys or record the messages. They claim that, even if they were served with a court order asking them to deliver copies of messages on their servers, they could only deliver encrypted data that would not serve any investigative purposes. They don’t keep metadata such as length of calls and times or dates. Also, server logs and logs of site visitors are only kept for seven days.
If Silent Circle operates as the company claims, the service is a robust security application that offers a high level of security against third parties gaining access to your communications. Since the company is not a telephone company, it is not covered by legislation requiring such companies to provide access to law enforcement agencies. The company says that even if it is forced to provide access, it can’t decode the encrypted messages. Of more concern to many people is corporate monitoring of online communications for purposes of assessing life insurance rates, medical insurance costs, credit ratings or other commercial services. If you have health issues, family difficulties or other problems you want to keep private, the Silent Circle service fits the bill.
Silent Circle History
Silent Circle is the brainchild of former Navy Seal Mike Janke who now serves as CEO of the company. Janke had an idea for a super secure communication network while running a private defense company in Iraq. He noticed that dignitaries with high security computers couldn’t use common Internet services because the applications lacked security.
Janke called Internet Hall-of-Famer Phil Zimmermann, inventor of the Pretty Good Privacy or PGP email encryption software with his proposal, and Zimmerman agreed to help found the new company. When it started operations in October 2012, it also had on board Jon Callas and Vincent Moscaritolo, high-profile security experts who had previously worked on security and privacy for Apple. As of mid-2013, the company has rolled out applications and mobile apps allowing subscribers to send encrypted email, telephone calls, text messages and data files, with a basic subscription costing $20 per month on an annual basis.
How to Subscribe
The company operates a website at silentcircle.com. The home page offers a link to log into existing accounts, an option to select from several languages and a “Subscribe” button, as well as links to information about the Personal and Business versions. If you click subscribe, a form asks you to enter your desired user name, password email address, backup email, and real name. The backup email address and real name are optional. You enter your payment information, click the “Get In The Circle!” button and you’re ready to download the apps.
Depending on the type of computer or mobile device you are using, you have to visit the Apple App store, Google Play or the Windows application section of the company website. You download the corresponding software, install it and then log into your account. Once logged in, you add the services you want and get the corresponding activation codes. Entering the codes into the downloaded software activates the application and your subsequent communications are encoded. The company has a support section with FAQ’s and video tutorials as well as direct support you can access by opening a support ticket directly from your account.
Issues to Watch For
While the service covers the communications part of using computers and mobile devices, the company emphasizes that it can’t protect you against threats that target the computers and devices themselves. If you lose your smartphone, the thief may still get access to your messages. If malware installs key-logging software on your device, others can still get your private information. But these are risks that are under your direct control. Until now, it was difficult to reduce the risks of communication monitoring. Silent Circle has made that part easier.