Jon Callas on privacy in the modern age
by Mirko Zorz - Tuesday, 2 July 2013.
Can you introduce Silent Circle to our readers? What are its main features?

Silent Circle is a secure information service for mobile devices. It provides secure voice and video calls and secure texting with attachments through our proprietary global network and our Silent Phone and Silent Text mobile apps. The keys are on your device. Not even we can decrypt them.

We also donít keep metadata, which is suddenly very big in the news. We donít keep track of who you call or who you text. The servers have to make connections, of course, but they donít keep track of it.

We also have an email system thatís okay as email systems go, but email itself is broken beyond help from a security and privacy standpoint. Weíre using PGP Universal for it, and it works for people with the right threat model, but it doesnít have the really cool security properties of our peer-to-peer Silent Phone and Silent Text apps, for example.

As you might expect from things I wrote in response to other questions, we charge for the service. Our idea is that we are offering to use our expertise to protect your privacy, and part of the contract is that youíre paying us, so weíre obligated to do our best.

What were the most significant challenges you encountered while developing Silent Circle? How has user feedback defined the product?

The biggest challenge was deciding to do it. When we were planning the company, I was the one raining on my partnersí parade. I think I estimated that there would only be ten to twenty thousand people in the whole world willing to pay for a secure service. I was wrong and Iím pleasantly surprised.

User feedback has helped us a lot. We wouldnít have introduced our email service, Silent Mail, if people hadnít asked us for it. We have been focusing on very strong commitments to security, which is also an interesting intellectual problem Ė how do I make a service that considers me part of the threat? But people wanted something that just works, so we did email, too.

A number of other key features were requests from our early users. Theyíre the ones who asked for sending locations with text messages so they can coordinate meet-ups. They are also the ones who asked for messages that auto-delete. We took those suggestions and built them into the product because they were useful to people, and that was a surprise because they are very, very useful and very simple, too.


101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th