Is It the Dawn of the Encryption App?
We might live in an age of persistent and pervasive surveillance. The recent revelations about the secret National Security Agency programs aimed at collecting vast amounts of data on Americans and foreigners seemingly confirm what tinfoil-wearing netizens have feared for years: They're watching us; technology has turned against its users.
Amidst prying eyes, a small but growing group of hackers and programmers is working on applications that use cryptography — the science of creating techniques to hide data and render it readable only to intended recipients — to fight surveillance and give regular citizens access to what was once only reserved to computer experts.
It's a battle of geek-made encryption apps against their uniformed snooping foes.
And the spying agencies of the world are getting more adversaries every day. In fact, there are so many apps it's almost impossible to list them all: Silent Circle, Cryptocat, Redphone,Text Secure, Wickr (which Mashable has previously reported on), Ostel, Gibberbot. The list goes on and on.
"These encryption apps could well be the first wave in an entirely new revolution — one that makes truly private communication a reality," writes Matthew Green, a cryptography researcher and professors at Johns Hopkins University Information Security Institute.
Both new and old faces are riding this new wave of crytpo.
One of the apps that has gathered more attention, Silent Circle, has a familiar face at the helm: longtime cryptographer Phillip Zimmermann, who created the popular email and data encryption software Pretty Good Privacy — better known as PGP — in the early 1990s.
Zimmermann and some of his closest collaborators from the PGP years launched Silent Circle last year. It's not just an app; it's a subscription service that comprises a suite of programs that replaces one's regular apps to make calls, send texts, emails and even do videoconferencing, for $10 a month. The apps use end-to-end encryption to ensure that the communication between two Silent Circle users is secure and impossible to read, except by their intended recipients.
The service biggest strength is that it's supposed to be easy to use, and since day one, its creators have had in mind the lessons of the past. While PGP is the gold standard to encrypt data, even after 20 years, it's still very hard to use for regular computer users. Now the idea is to make privacy-enhancing tools easy for everybody to use.
"Not everyone is a crypto geek, and so there is a need to curate the experience," says Zimmermann.
"Not everyone is a crypto geek, and so there is a need to curate the experience," says Zimmermann. "You know howSteve Jobs talks about curated computing? Well, this is curated crypto."
Vinnie Moscaritolo, Silent Circle's "distinguished member of technical staff," echoes the same concept, saying that they "intentionally make [Silent Circle] look like regular apps you use." Because the idea is that "you just sit down and you use it."
Its other big strength is that the keys, used to encrypt and decrypt the communications, aren't managed by Silent Circle itself. So technically, not even the company can know what two users are telling or writing each other. Silent Circle uses the so-called Public Key cryptography, a scheme that allows two people to swap keys and communicate securely, preventing a snooper from interceptinging their communications. (To know more about how this works, watch the below video.)
