By Lily Hay Newman for WIRED.
As end-to-end encrypted messaging apps have exploded in popularity, several well-known services have added encrypted calls as well. Why not, right? If it works for text-based chat, voice seems like a natural extension. If only it were that easy.
Encrypting calls has plenty of value, keeping conversations strictly between the two parties. They can circumvent government wiretaps, or criminal snooping. But a host of technical challenges with facilitating the calls themselves has slowed the spread of voice over internet protocol overall. Bandwidth is expensive. Firewalls and network filters make it harder to route data streams. Even basic call quality issues, like delays and echoes, prove difficult to fix. Adding encryption on top of all of this takes additional resources and specialized developers.
All of which has delayed encrypted calling but not stopped it. And a new groundswell of enthusiasm is bringing more options than ever.
The challenges of making reliable encrypted calling starts with the underlying premise of internet-based calls. Theyre hard. While VoIP calling has become more reliable over the years, it remains technically challenging in itself, especially when people use cellular data instead of more stable ethernet or Wi-Fi connections.
Despite those challenges, Signal, the well-regarded secure communication platform, has offered encrypted calling since 2014. And when WhatsApp followed in 2016, bringing encrypted calls and video chat to more than a billion users, it helped shake off some longstanding inertia. Other secure messaging apps like Wire and Telegram have added encrypted calling over the last year. Signal itself even rolled out call quality improvements in February.
Signal developer Open Whisper Systems open-sources its code, so that companies can borrow from it to build their own encrypted chat and calling features. For example, while WhatsApps overall setup is proprietary, it bases the key exchange for its end-to-end encrypted messages and calls on Signal Protocol. Its users have to trust that it is implementing true end to end encryption in the way it claims. In exchange it brings some form of end to end encryption to an enormous user base that would probably otherwise have little exposure to or protection from the feature. And customers who dont have faith in a large provider like WhatsApp now have other options, given the recent proliferation of both VoIP in general and encryption specifically.
Theres so much happening right now in this space which is really exciting, says Nathan Freitas, the founder and director of the Guardian Project, a privacy and security nonprofit that worked on an encrypted calling platform called Open Secure Telephony Network. In 2012 there was just Skype basically. Google Hangouts didnt even exist. FaceTime existed kind of. So were really happy when theres so much public innovation that includes privacy and security.
Though not nearly as much as there could be, if everyone could get on the same page.
As with messaging, end-to-end encrypted calls require that both ends of the conversation use the same system. In other words, using Signal to call a landline wont cut it; you need to connect with another Signal user. Given this reality, many developers naturally gravitate to implementing encryption in closed systems; its easier both to manage and monetize.
For users, though, this approach has downsides. Unless the developer makes the product fully open source, or allows for extensive independent auditing, theres no guarantee that the encryption implementation works as advertised. The lock-in factor also limits who you can safely communicate with, which slows adoption.
Imagine, instead, an open communication standard that includes end-to-end encryption. It would allow secure communication with more people between different products and interfaces, because the protocols facilitating the end to end encryption would be the same.
The Guardian Projects OSTN experiment attempted to create exactly that sort of comprehensive, open communication suite. It focuses on using existing open, interoperable communication standards, employing classic protocols like ZRTP, which was developed in the mid 2000s by PGP creator Phil Zimmerman, and SRTP, which was developed in the early 2000s at Cisco. It also coordinates and controls its voice calls using the Session Initiation Protocol, developed by the telecom industry in the mid 1990s.
That retro backbone didnt come by choice; there simply arent a lot of more modern open protocol options available. Most big VoIP plus encryption advances have come from private companies like Skype (now owned by Microsoft), Google, and Apple, who offer varying degrees of encryption protection for calls and tend to value locked-in users over interoperability. That left OSTN with old tools.
While theyre very powerful, these are things that are 10, 20, 30 years old in terms of the architecture and the thinking, Freitas says. Theyre definitely showing their age.
And while a few smaller services, like PrivateWave and Jitsi, have adopted OSTN, the decision by larger companies to go it alone has limited its open-protocol dreams. Thats especially a shame for people who need absolute guarantees of security.
With proprietary apps, it can be hard for a user to tell if end-to-end encryption is enabled on both ends. Or, in the case of apps whose encryption protocols have not been fully vetted, whether it works as advertised to begin with.
For mainstream services, crypto is a nice add-on to give users the idea that they can feel more secure, but thats completely different than when your [customers] are people who are under threat, says Bjoern Rupp, the CEO of the boutique German secure communication firm CryptoPhone. If you have to fear for your life, not all secure communication systems are designed for that.
Encryption die-hards can host their own system using open standards like OSTN, similar to how you might host your own email server. Though it takes some technical knowhow, its an option that gives users real control and that isnt possible with closed systems. Another option is to use a security first service like CryptoPhone that offers an integrated, one-stop solution.
CryptoPhones can only call other CryptoPhones, but the company made that choice so it could control the security and experience of both hardware and software. To reconcile this closed system with transparency, the company is open source and invites independent review. It also has over a decade of experience. CryptoPhone has been making high-end commercial products for secure voice calling for a long time, the Guardian Projects Freitas says. They had these crypto flip phones, which were awesome.
None of which leaves the average consumer with widespread encrypted calling that works across multiple services. There may be some help on the way, though, in the form of a new, open, decentralized communication standard called Matrix that includes end to end encryption for chat, VoIP calling, and more. Matrix could be a clean, easy to implement standard underlying other software. For instance, if Slack and Google Hangouts both used the Matrix standard, you would be able to Slack someone from Hangouts and vice versa, similar to how you can send emails to anyone using their email address, regardless of what provider they use.
The net owes its existence to open interoperability, says Matthew Hodgson, technical lead of Matrix. Then people build silos to capture value, which is fair enough, but you get to a saturation point where the silos start really stifling innovation and progress through monopolism.
The catch, of course, is getting buy-in from companies that have little incentive, or getting new services built on a standard like Matrix to take off. Walled gardens tend to produce more profit than open ones.
Still, having these new options is an important first step. And combined with the broader proliferation of encrypted voice-calling apps, change finally seems to be coming from a lot of directions at once. I think theres a longer-term project going on called the internet, Freitas says. Some of us still believe in it.
- Gladstone gold does club proud - Gladstone Observer - July 19th, 2017
- Jitsi | Futurist Transhuman News Blog - euvolution.com - July 10th, 2017
- FAQ | Jitsi | Prometheism.net euvolution.com | Futurist ... - July 5th, 2017
- FAQ | Jitsi | Futurist Transhuman News Blog - June 29th, 2017
- Tsirang vegetable vendors commit to selling local chillies - Kuensel, Buhutan's National Newspaper - June 27th, 2017
- FAQ | Jitsi | Prometheism.net - euvolution.com - June 26th, 2017
- FAQ | Jitsi - June 25th, 2017
- Jitsi - PediaView.com - June 14th, 2017
- How to Configure and Set-Up Jitsi - Liberty Under Attack - June 6th, 2017
- Jitsi Meet (advanced) Projects - May 23rd, 2017
- Diaspora* and Other Free Software Are Available in the Occitan Language, Thanks to Volunteer Translators - Global Voices Online - May 23rd, 2017
- Online privacy guide for journalists - Radioinfo (subscription) - May 18th, 2017
- Your Essential List of 7 Productivity Hacks and Time Management Tips - Business 2 Community - May 11th, 2017
- 5 Apps You Didn't Know You Needed - Syracuse University News - April 3rd, 2017
- Jitsi Meet - Android Apps on Google Play - March 9th, 2017
- Snowden helping develop tools to protect journalists and whistleblowers - 'to make the game a little more fair' - Press Gazette - February 15th, 2017
- Edward Snowden's New Job: Protecting Reporters From Spies - WIRED - February 14th, 2017
- Jitsi for Windows - Secure Instant Messaging and VoIP - February 11th, 2017
- Jitsi for Mac - Download - jitsi.en.softonic.com - February 6th, 2017
- Jitsi softphone for Windows OnSIP Support - November 23rd, 2016
- Trying to install jitsi meet with apache2 - Stack Overflow - October 29th, 2016
- Jitsi - Wikipedia - October 27th, 2016
- Jitsi - Mensajera instantnea segura de texto, audio y ... - August 10th, 2016
- Jitsi - Quora - May 31st, 2016
- Chocolatey Gallery | Jitsi 2.8.5426 - May 28th, 2016
- Jitsi - - May 24th, 2016
- Jitsi - FreeBSD Wiki - May 22nd, 2016
- Jitsi - OSTN - Guardian Project Open Dev - May 21st, 2016
- Jitsi WOW.com | Prometheism.net - May 1st, 2016
- Review: Jitsi the ultimate SIP voice and video client ... - April 22nd, 2016
- Jitsi - WOW.com - April 11th, 2016
- OpenFire Jitsi as Skype(desktop sharing) and Temviewer ... - March 20th, 2016
- Jitsi Download - Softpedia - March 16th, 2016
- Why did Atlassian Acquire Jitsi? (Hint: WebRTC Multiparty ... - March 6th, 2016
- Jitsi - Wikipedia, la enciclopedia libre - December 22nd, 2015
- [jitsi-users] SIP - Lync Connect deosnt work - December 19th, 2015
- Jitsi (Build 3132) - September 24th, 2015
- A Skype alternative worth its salt: Jitsi | usability ... - September 6th, 2015
- Jitsi Configuration and Review - Callcentric - August 30th, 2015
- Jitsi SIP Softphone Review - About.com Tech - August 30th, 2015
- Jitsi, ostel.co and ISP censorship | The Guardian Project - August 30th, 2015
- Jitsi | Tiki Suite - August 30th, 2015
- Jitsi Tutorial 1 - Installation - Top Windows Tutorials - August 8th, 2015
- jitsi/jitsi-meet GitHub - July 24th, 2015
- Jitsi: A Multi-Protocol, Cross Platform Compatible Chat ... - July 24th, 2015
- JITSI - Video - April 8th, 2015
- Jitsi - secure IM & VoIP | security in-a-box - March 21st, 2015
- Nexi Unified Communication Jitsi Presentazione full - Video - February 19th, 2015
- Jitsi for Mac | MacUpdate - Apple Mac OS X Software & Apps ... - February 13th, 2015
- Jitsi Wikipdia - February 7th, 2015
- Skype Encrypted Alt. SIP Jitsi Combo - February 7th, 2015
- jitsi videollamada - Video - December 26th, 2014
- IETF91 chairs meeting Honolulu Jitsi Meet questions - Video - November 18th, 2014
- IETF91 chairs meeting Honolulu Jitsi Meet presentation - Video - November 17th, 2014
- Jitsi Flasms Dogfooding: Using your own imperfect solutions helps improve them, - Video - November 10th, 2014
- When I say join me in a jitsi meet... - Video - November 7th, 2014
- Top messaging apps flat-out flunk EFF's security review - November 5th, 2014
- Bitcoin and dark wallet could be used by terrorists. So what? - September 24th, 2014
- jitsi.org | Jitsi - September 17th, 2014
- Just Linux touch screen and Jitsi - Video - September 16th, 2014
- FOSDEM 2014 - Jitsi Videobridge And Webrtc - Video - September 16th, 2014
- The Luminosity of Free Software Episode 20 - Video - September 13th, 2014
- Using XMPP chat with Jitsi - Video - September 12th, 2014
- Jitsi - SIP Softphone - Video - September 12th, 2014
- Jitsi (Mac) - Download - Softonic - September 1st, 2014
- How to download and install Jitsi - Video - May 17th, 2014
- Eliyah Moore, Barum Jiu Jitsi Vs Cahel Gonzalez, 5 Star Martial Arts - Video - May 16th, 2014
- Jitsi VoIP softphone Hands On Tutorial - Video - May 11th, 2014
- NetSecDemo Secure FTP over Jitsi - Video - May 9th, 2014
- FLOSS Weekly 293: Jitsi Meet - Video - May 9th, 2014
- Jitsi Overview: FLOSS Weekly 293 - Video - May 9th, 2014
- Jitsi - Wikipedia, the free encyclopedia - April 26th, 2014
- Jitsi - Official Site - April 26th, 2014
- Softonic - Jitsi - Download - April 26th, 2014
- The Architecture of Open Source Applications: Jitsi - April 26th, 2014
- Jitsi - Business VoIP Phone Service | OnSIP - April 26th, 2014