
Free, Worldwide, Encrypted Phone Calls for iPhone - david_shaw
https://whispersystems.org/blog/signal/
======
david_shaw
Many people are already familiar with Moxie Marlinspike's WhisperSystems
because of their Android apps: RedPhone for encrypted calls, and TextSecure
for SMS messages.

The release of Signal is a pretty big deal for iOS users; previously, we had
to consider a paid option like Silent Circle, or a larger corporate option
like FaceTime Audio (which isn't really the same).

Although I haven't actually used the app yet (it's registering now), the
screenshots appear to be a fairly direct port of RedPhone to iOS.

Edit: Yep! And it looks like Signal users can make secure calls to contacts
with RedPhone installed, too. Very nice.

~~~
stevengg
Moxie also made a sailing documentary that is good called hold fast
[http://vimeo.com/15351476](http://vimeo.com/15351476)

~~~
frandroid
OMG I knew the name sounded familiar. This doc is SO GOOD.

~~~
scintill76
Funny that a HN member would know his name from that rather than his security
work. I guess we're pretty diverse. :) I enjoyed that doc too.

------
autodidakto
Please authenticate with something that's not a phone number! I guess that's
the simplest for most people (look at WhatsApp), but the reason why I use
things like Signal is because I despise cell carriers. I'd like to use this on
a (cheaper) non-cellular device (for myself and family members).

The Holy Grail of Secure Communications: Group Encrypted Text, Voice, and
Video. Right now, Skype gives you the unholy grail, but you get all three
(+group). I wish Open Whisper Systems luck.

~~~
ozmbie
Why is it so hard to find cross-platform, encrypted group chat? Surely there's
a market for it.

~~~
zeeed
if mobile/tablet-only is OK, try wickr (wickr.com).

It works fairly well for me. They have a $100.000 bounty for someone who
manages to break their code/get communication contents and they're sponsored
by the EFF.

The downsides are that it's closed-source and that there's no desktop client
(yet).

~~~
andor
Threema also has group chat functionality

------
FredericJ
Hey, I'm the co-lead developer of Signal. We're looking for help with
translations, help us out to bring Signal to as many people as possible:
[https://www.transifex.com/projects/p/signal-
ios/](https://www.transifex.com/projects/p/signal-ios/) We also pay per commit
if you want to help on Open Whisper Systems projects:
[http://bithub.whispersystems.org/](http://bithub.whispersystems.org/)

~~~
dm2
These seem like incredibly generous payments for such small commits...

[https://github.com/WhisperSystems/whispersystems.org/commit/...](https://github.com/WhisperSystems/whispersystems.org/commit/4657891ac2dc5413425316197c8ffdb83f628675)

[https://github.com/WhisperSystems/whispersystems.org/commit/...](https://github.com/WhisperSystems/whispersystems.org/commit/ecb6b1cca6c51d0d7db692d333426cc82ff19e59)

[https://github.com/WhisperSystems/whispersystems.org/commit/...](https://github.com/WhisperSystems/whispersystems.org/commit/e16cc6d53a6c5c70c6476cc5544a2896f4a86ca4)

I was going to donate today, but it seems like the donations are being wasted.
I work hard for my money and if my donations go towards a trivial (and
arguably unnecessary) 2 line CSS change that would really piss me off.

Can we donate only to certain apps? I want to see TextSecure for iOS out as
soon as possible, I couldn't care less about CSS changes on your website or
escaping some readme file.

~~~
halon
I am also one of the core devs. Actually, none of the Bithub donations go
close to being a working wage for any programmer actively working on the
repository. We either get paid by grants or are volunteer. Asking us to
micromanage Bithub grants for one or two off contributors would only be more
work. We went with a "worse is better" strategy with the goal of encouraging
people to regularly commit in however they feel comfortable. It's an
experiment that we've been pleased with and if you would rather donate to a
dev individually just look at who the top contributors are and reach out. We
appreciate any support from PRs to Bitcoin to press.

~~~
dm2
Fair enough, thank you very much for working on such an awesome and important
project.

After looking at that specific developers commit history it seems like he does
commit a ton all over the place, these were just the last few and immediately
drew my attention.

~~~
halon
Yes, she is one of our 2 core Web client developers, along with one of the 2
core website maintainers, and does a lot of the docs! I would merge a request
with a smiley for Bitcoin for all the work she does.

------
eggbrain
It's great that we have more privacy options for phone calls, texts, etc. But
we still need a great "Privacy" phone, right?

There's been attempts to do so recently (Blackphone, PrivacyPhone), but both
have suffered from the same fault: a binary blob for the baseband, something
that renders all your privacy moot. I've heard the best recommendation is a
tablet + USB LTE dongle, to put some space between the two processors
("firewalling" the baseband processor a bit).

Is there a better way than this? Has anyone kinda walked through all the steps
neccesary to have a private/"secure" phone?

That being said, congratulations to Whisper Systems -- their work on things
like TextSecure and Redphone have been awesome. I hope one day they do a
Kickstarter for a whole secure mobile operating system.

~~~
sp332
It doesn't render all your privacy moot. It's limited to snooping on what you
send over the radio, which is the same as what your cell carrier would have
access to even with a secure baseband. (Edit: unless the baseband hacks into
the software running on the other side of the radio and exfiltrates data right
from your SD card... hm...)

What I would like to see is a way to verify that you're connected to a
legitimate cell tower and not an eavesdropper.

~~~
pinkyand
In many/most phones, the radio can access the ram of the device(DMA). the
reason is efficient transfer of data, but with that comes the possibility of
the radio reading everything inside the ram, including encrytion keys.

------
rdl
Why is the App Store application search process so horrible? I agree, "Signal"
and "Whisper" are bad things to have to search for, but there's basically no
way to enter a simple memorable text string in the store and get the right
app.

I ended up using a browser on the phone to go to the HN article to go to the
right app store link.

I can't believe this hasn't been solved.

~~~
thefreeman
Perhaps the idea is to encourage browsing? Like how stores like Target and
Walmart move things around all the time with the goal of forcing you to
explore the store.

Regardless I agree trying to find apps through any of the built in app stores
is a nightmare, ios, android, and windows alike.

~~~
rdl
It seems worth giving iOS apps "distinctive" names just to win the type-in
traffic, if it doesn't work better; or at least having a weird company name
with a boring product name so people can at least search on product.

Maybe kids these days do EVERYTHING on mobile, including web browsing to find
new apps; my problem is I browse on one platform without iTunes, but want the
app on my iPhone.

------
StavrosK
I wanted to donate $5 to BitHub using Bitcoin, but Coinbase's overlay doesn't
allow you to change the amount (typing a new amount in does nothing). Does
anyone know of a way around this?

Moxie, if you see this, can you publish some static address we can send funds
to as well?

~~~
thecoffman
I used it to successfully donate $5 without issue. Changing the dollar amount
seemed to work for me.

~~~
StavrosK
Hmm, thanks. It must have been some ad blocker issue, I'll try an incognito
window.

------
eliteraspberrie
It would be nice if the server software were open source as well.

Call routing information, like all metadata, can only be protected legally not
cryptographically. So it's not something I trust to people outside Canada, no
matter how much esteem I have for them.

~~~
wyager
> Call routing information, like all metadata, can only be protected legally
> not cryptographically.

In this system. You could, for example, route calls over Tor (with crippling
latency). There is no theoretical reason you can't make a fully anonymous
audio comms system.

~~~
eliteraspberrie
There is no such thing as low latency anonymity.

~~~
ig1
Have one million devices constantly streaming a random stream of data to each
other; when a device wants to communicate with another it just swaps the
random stream for the encrypted stream.

Hence a trivial example of low-latency anonymity achieved through using
bandwidth.

~~~
superuser2
There isn't enough RF bandwidth and batteries aren't good enough to support
this.

------
13throwaway
Great job guys! I'm a big fan of what whisper systems is doing. Why is this
not called redphone though? Does it have different features?

Edit: Looks like the article says it is part of a plan to merge redphone and
textsecure.

~~~
higherpurpose
Rebranding, plus they want to combine RedPhone and TextSecure into a single
app: Signal. Since they're just now starting on iOS, no point naming it
RedPhone now, just to rename it to Signal 3 months from now.

------
_uy6i
Who is Riddle Quiet Ventures, LLC? They appear to be the "seller in the App
Store"

------
chmars
Why is Signal (the app) free? What's the business model?

~~~
higherpurpose
Open source. Donations.

[https://pressfreedomfoundation.org/bundle/encryption-
tools-j...](https://pressfreedomfoundation.org/bundle/encryption-tools-
journalists)

~~~
eps
Donations is not a business model.

~~~
ig1
You do realize charitable giving represents hundreds of billions of revenue
for non-profits every year ? - and that's excluding religious donations which
are likely to represent an even larger amount.

------
dm2
I wish they had text messaging. I've been waiting so long for this and it
lacks the major feature we need! Hopefully it'll come soon.

The reason why this is important these days is that law enforcement now has
more access (because the technology is cheaper) to fake cell towers
[http://en.wikipedia.org/wiki/Stingray_phone_tracker](http://en.wikipedia.org/wiki/Stingray_phone_tracker)

Many states are denying FOIA requests regarding this spying but there are
several news stories from this year of data obtained from these fake "towers"
being used in court. They can be put in vans or just be near people or be used
at any large gathering of people.

I used an Android phone with RedPhone and this Signal app with iOS and it
works perfectly. Very well done! Need encrypted text messaging ASAP!

They are also saying TextSecure and RedPhone will be merged into Signal.
That'll be great!

I will gladly donate to this company if they will increase the speed of
development.

Question: If my phone has a limited amount of minutes and I have RedPhone or
Signal and I call someones phone who doesn't have one of these programs, does
that use my minutes or does it only use Data (or WiFi)?

~~~
tedunangst
Can a Stingray intercept iMessages?

~~~
Titanous
No, the messages are encrypted device-to-device with Apple providing a key
directory service. Apple must be complicit to read messages without physical
or backdoor access to the device.

[http://blog.quarkslab.com/imessage-
privacy.html](http://blog.quarkslab.com/imessage-privacy.html)

~~~
dm2
This has nothing to do with the Stingray devices though.

Apple can certainly decrypt any iMessage, as explained very thoroughly in the
article you linked to.

If Apple can decrypt them, then law enforcement can decrypt them, so they
don't really even need the Stingray device.

Nobody knows whether or not the NSA stores all iMessages. They certainly can,
and from everything we've seen if they can, they do, so if you are concerned
about privacy you have to assume that they do. The thing about the NSA
databases these days is that they allow multiple governments and other
government agencies to access that data.

Imagine how many peoples lives would be "ruined" if someone took that data and
published it on the internet, "here is every iMessage for the past year".

------
supernova87a
Maybe a stupid question, but is the app sending this encrypted voice over the
cellular channel, or is it making a data connection independent of the phone?

Also, on a different point, if I were trying to eavesdrop on someone's
conversation, I would probably just try to hack the microphone with a
different / already loaded app...

------
higherpurpose
Will we eventually get _video_ calling, too? (especially in the browser
version, perhaps by using a more secure version of WebRTC?)

Also, I suggest dropping SMS support, and going "data-only" for the new
Signal. Or at the very least disable all SMS/MMS stuff by default, and only
leave them as opt-in options in settings. Don't even prompt users about it,
because most will say yes, without really knowing what they're doing, and that
the app will start eating SMS credits without realizing.

But really, you should just drop it. I mean look how successful Whatsapp is,
and doesn't have _any_ SMS support, let alone an end-to-end encrypted one.

------
guelo
These guys are doing amazing high-quality work. I'm really amazed that they
can pull it off with volunteers and donations. There are very few examples of
polished front-end apps in the open source world.

------
n6mac41717
I installed it on my iPhone. I'm able to discover and call friends that have
RedPhone, but they can't see me. Is that a feature or a bug :P

~~~
clojsure
Hey. Could you please file a bug report at
[https://github.com/WhisperSystems/Signal-
iOS/issues](https://github.com/WhisperSystems/Signal-iOS/issues) ? We'll try
to work with you to fix the the issue. Thanks!

------
trounce
As soon as I registered, I started getting "No Caller ID" phone calls every
few minutes from some unknown person speaking Chinese (which I don't speak).
This is pretty annoying, to say the least.

There doesn't seem to be any way to deregister your phone number? So what now?

------
zz1
Does anyone know what the userbase of Redphone is? Is it the same as
Textsecure (around 10 milions)?

------
hruan
"Signal uses your existing number, doesn’t require a password, and leverages
privacy-preserving contact discovery to immediately display which of your
contacts are reachable with Signal."

How does contact discovery work? What happens when run on a device without a
(valid) SIM?

~~~
acdha
They've blogged a bit about this challenge in the past:

[https://whispersystems.org/blog/contact-
discovery/](https://whispersystems.org/blog/contact-discovery/)

~~~
hruan
Ah, thanks!

------
jtfairbank
Congrats Jake and the WhisperSystems crew! :D Can't wait to see you in a few
weeks bud.

------
dan_bk
How can you trust a product promising privacy when it runs on a closed-source
platform (that is further also known to collect data on the user and to be
prone to government surveillance)?

Real privacy is only possible on platforms that are 100% open-source.

------
nardi
Um. Isn't encrypted calling on iPhones already provided by FaceTime Audio?

~~~
bdesimone
Yes. And you should probably assume that their claims of end-to-end encryption
are about as solid as they were for iMessage.

[http://blog.cryptographyengineering.com/2013/06/can-apple-
re...](http://blog.cryptographyengineering.com/2013/06/can-apple-read-your-
imessages.html)

[http://arstechnica.com/security/2013/06/can-apple-read-
your-...](http://arstechnica.com/security/2013/06/can-apple-read-your-
imessages-ars-deciphers-end-to-end-crypto-claims/)

[http://www.zdnet.com/apples-imessage-encryption-claims-
refut...](http://www.zdnet.com/apples-imessage-encryption-claims-refuted-
again-7000022105/)

~~~
nardi
Didn't Apple debunk that debunking themselves in February, when they released
the iOS Security doc? [1]

According to Apple, each device's private key is generated locally and never
leaves the device, making it impossible to MITM your messages.

From page 20: "For each key pair, the private keys are saved in the device’s
keychain and the public keys are sent to Apple’s directory service (IDS),
where they are associated with the user’s phone number or email address, along
with the device’s APNs address."

[1]
[http://images.apple.com/iphone/business/docs/iOS_Security_Fe...](http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf)

~~~
thecoffman
That doesn't make it impossible to MITM - Apple still controls the keyserver.

When I ask for nardi's public key, they can give me theirs, I encrypt it with
that key and send it. They use their private key to decrypt it, store it, and
then encrypt it with your actual public key and forward it along, neither of
us any the wiser.

~~~
nardi
Ah yes, of course. It's missing secure identification.

------
borando
It's refreshing to see the rebrand (RedPhone -> Signal) links security with
functionality, rather than with something dramatic/hide-worthy.

When your tools are secure, they work for you and not the other way around.

------
girvo
Ahhhh I'm so excited for this, but it's not in the Australian store and I
can't change it to US as I have an iTunes Match sub :( Any ETA on when it'll
be here?

------
mahyarm
Next step, no phone number required for accounts!

------
felix
Curious why this is different than RedPhone - same company, same product(?),
diff't platform - why not keep app branding?

~~~
jmathai
Signal is a much more neutral brand than RedPhone. RedPhone sounds either like
an adult network or spying app.

At one of the Shuttleworth Foundation gatherings (where all Shuttleworth
fellows meet bi-annually) I remember having a conversation about the branding
of RedPhone and everyone unanimously agreed that it would hinder wider spread
adoption of the software.

I'm not sure what all the factors in re-branding were but I remember Moxie
agreeing with the sentiment at the time.

~~~
felix
Makes sense - do you know if they will be re-branding RedPhone on Android?
Just curious.

~~~
nwp90
Yes. Signal for Android will be coming, apparently, and will integrate
RedPhone and TextSecure capabilities. According to the original article,
"Signal will be a unified private voice and text communication platform for
iPhone, Android, and the browser. Later this summer, Signal for iPhone will be
expanded to support text communication compatible with TextSecure for Android.
Shortly after, both TextSecure and RedPhone for Android will be combined into
a unified Signal app on Android as well. Simultaneously, browser extension
development is already under way."

------
__david__
This seems really neat. I tried it on an iOS 8 device and it hung on the
verification screen. Is anyone else seeing that?

------
clarkm
Is anyone else having trouble registering the app? I'm not receiving a SMS
validation code.

~~~
carbocation
I also am not receiving the SMS validation code. I'll update when I get (or
don't get) the promised phone call (which comes ~4m after they think they sent
the SMS). I suspect they're just overloaded by the HN spike.

 _Edit_ : The app called, offered me a code which was rejected, and refuses to
Re-call me because "rate limit exceeded."

~~~
halon
You will have the opportunity to request another call in about 15 minutes

~~~
carbocation
Thanks! That worked. Messaging suggestion for future version: set a countdown
timer for when they can request another call.

------
tempodox
Could theoretically be nice, if it would actually work.

------
motyar
Teligram should add this feature.

~~~
zz1
Telegram should get their crypto straight, publish their server-side code and
federate to OpenWhisperSystems federation.

------
scottlocklin
"What could possibly go wrong?" I mean, besides the fact that it runs on
iphones.

------
snitko
Distributing secure text/voice/video calls app through an app store of any
kind is by definition not secure. Give me an .apk

------
lazyjones
Nice try, but pointless and snake oil, since the iPhone is not a secure
device.

Try building a secure device that users "own" first, then spend effort on
building secure services on top.

~~~
nodata
Nice idea, but in the real world you need to create a service that people
"use" first, then spend effort on building a secure device.

~~~
lazyjones
Noone's ever going to build a secure device if people are fed such snake oil
and given the impression that they have "some" or "enough" security if they
use it.

~~~
nodata
Security works in layers, and unfortunately consumers want the wrong layer
first.

~~~
lazyjones
The point is, they get 0 security and we should not pretend that they are
getting more. We are ripping off consumers if we do, what we think they want
is a poor excuse, unless we're just in it for the money/fame/other benefits.

------
alt_f4
When the client device is compromised (and we know that iOS is [1]), it
doesn't matter how secure the link is. If I were a sophisticated attacker and
wanted to listen to your conversation, I could just tap your mic and audio
output.

[1]
[https://pentest.com/ios_backdoors_attack_points_surveillance...](https://pentest.com/ios_backdoors_attack_points_surveillance_mechanisms.pdf)

~~~
alt_f4
At -3, it amazes me why people on here would down vote facts. It's not like
you're disagreeing with me - you're disagreeing with reality. Sometimes, the
stupidity of people on here is mind-boggling.

------
frequentflyeru
Next round of Edward Snowden leaks: "NSA created and funded 'open whisper
systems' as a way to get people to think their calls were encrypted when in
reality calls went straight to the NSA..."

~~~
lasermike026
Open Whisper Systems is fund by the Shuttleworth Foundation.

[https://www.shuttleworthfoundation.org/about-
us/team/](https://www.shuttleworthfoundation.org/about-us/team/)

~~~
acqq
Moxie is a fellow of the Foundation:

[https://www.shuttleworthfoundation.org/fellowship/fellows/cu...](https://www.shuttleworthfoundation.org/fellowship/fellows/current-
fellows/)

But it appears he personally only "helps" Open Whisper Systems:

[http://www.thoughtcrime.org/blog/we-should-all-have-
somethin...](http://www.thoughtcrime.org/blog/we-should-all-have-something-to-
hide/)

"I help work on Open Source security and privacy apps at Open Whisper Systems"

On more accurate side, see also 2013 report of Open Technology Fund which
granted 445K USD directly to the Open Whisper Systems in 2013.

