If you're planning to try Verizon's new secure encrypted Voice Cypher app, bear in mind that when Verizon uses words like “secure” or “encryption,” it might not necessarily mean what ordinary non-Verizon people thinks it means.
The original purpose of encryption is supposed to be “security” -- everybody knows how easy it is for determined hackers to break into your device, eavesdrop on a supposedly private communication or otherwise grab data they're not supposed to have. (The past couple years have made it plain that even wealthy multinational corporations worth billions of dollars can't afford security good enough to keep all hackers and malware away from them; what chance do us ordinary non-billionaires have?)
Therefore, say the pro-encryption arguments, if you can't prevent hackers from intercepting that data, you can code or encrypt it so that when they do steal it, it's nothing but meaningless gibberish to them. Of course, this concept predates computers by thousands of years: codes and encryptions to keep meanings hidden have existed almost as long as writing itself.
So it's easy to understand why criminal hackers would hate the idea of their would-be victims securely encrypting their data. And, provided you have the properly cynical mindset, it's easy to understand why various branches of the U.S. government hate the idea of American citizens (or anybody else on the planet) having secure encrypted data, too.
Make it illegal
Barely two months ago in October 2014, for example, FBI director James Comey suggested that Congress ought to pass a law (or rewrite an existing one) to make it illegal for anyone in the U.S. to have securely encrypted data. Why? Because Comey wants to make sure that the U.S. government always has the ability to remotely break into anybody's devices and read whatever's there.
The National Security Agency also enjoys being able to remotely break into devices and read data at will, and Verizon's new “Voice Cypher” encrypted calling app (by Cellcrypt) allows them to do that.
Verizon's actual webpage promoting Voice Cypher doesn't mention that, of course; instead it discusses how you can “Place secure calls and send secure messages on virtually any 4G, 3G or WiFi Network” thanks to “AES 256-bit encryption, NIST FIPS 140-2 Certified.”
What the marketing copy doesn't highlight is that Voice Cypher comes with a backdoor allowing easy access to this supposedly secure and encrypted data.
But Verizon and Cellcrypt both say that only law enforcement and other authorized government officials will be allowed to walk through this backdoor to steal or peruse this supposedly secure data. For example, Cellcrypt VP Seth Polansky dismissed any suggestion that such a backdoor created a security risk. “It's only creating a [security] weakness for government agencies …. Just because a government access option exists, it doesn't mean other companies can access it.”
For those who genuinely do worry about security matters, such reassurances fail on two different levels: one, it's ridiculous to assume that criminals wouldn't be able to hack into or otherwise take advantage of password-protected things theoretically limited to law enforcement; and two, even if this backdoor genuinely is limited only to duly authorized agents of the U.S. government, who's to say they can all be trusted?
"Good police work"
Of course, right now it's too early to say how many customers will choose Voice Cypher anyway. Last week, Google executive (and Verizon rival) Eric Schmidt dismissed the idea that any devices equipped with “trapdoors” could ever be secure, and also said they're unnecessary: “[Google's] argument, which I think is clear now, is the government has so many ways — properly so, by the way — to go in the front door. They’re called warrants. They’re called good police work.”
In other words: the law and Constitution already offer police and other government authorities plenty of ways to legitimately gather evidence to arrest and prosecute criminals, when necessary. The police can even take data off your phone without your consent or help – they just have to go to court and get a warrant first, as the Constitution demands. But it is true that, without these backdoors or trapdoors or whatever you want to call them, the government cannot easily and remotely access your encrypted device without your knowledge. That, ultimately, is what's at stake here.
Indeed, in October 2012 – before James Comey took over the FBI – the FBI's own online security agents published a list of “Safety tips to protect your mobile device,” which included urging “smartphone users” to encrypt their devices if the option was available. Two years later, FBI director Comey suggested that such advice ought to be illegal.
If you are a Verizon customer, or are considering becoming one, you'll have to decide whether Voice Cypher is worth having. Verizon hopes you'll think so.