- Station Info
- Featured on 4
Thursday, June 6, 2013 - 4:22pm
NEW YORK (CNNMoney) — The U.S. National Security Agency may have compelled Verizon to give up many of its customers' call logs, but it is possible to make calls and avoid the government's watchful eyes -- in theory, anyway.
Dozens of call encryption apps are available for download on Google Android devices and Apple iPhones. Most of the apps purport to disguise your identity and even encrypt the content of your phone conversations.
Apps like Silent Circle and Wickr claim to have "military-grade encryption" and route calls over 3G, 4G or Wi-Fi networks to avoid making call logs with wireless carriers. They say their systems prevent wiretaps, and offer to blow up data like texts, photos, videos and other files "Mission Impossible" style after they are sent.
Those kind of services could appeal to some -- even outside the tinfoi hat circles -- after the Guardian reported Thursday that the U.S. government ordered Verizon's business division to fork over millions of call logs.
It's unknown if the NSA ordered Verizon to provide data about its consumer customers as well as its corporate clients, or whether the government ordered other wireless providers to give up their records as well.
"If the NSA pushes this, then it will create a whole new market for encryption software on phones," said Mark Wuergler, senior security researcher of Immunity, a security consultancy. "This is the best marketing these app developers could have hoped for."
Yet security experts warned that no third-party communications service can be fully trusted.
Microsoft's Skype, which offers supposedly private communications between parties, has been found to monitor links sent over its service. And Google is just as prone to court orders for services such as Google Voice, which can disguise your phone number to your wireless provider.
Even one of the most popular encryption systems for disguising attribution on the Internet, called The Onion Router (TOR), only encrypts data up until the "exit" point when you reach your destination. TOR was developed by the U.S. Defense Advanced Research Projects Agency, and it's entirely possible that the government could manage those end-points.
"I'm not a big conspiracy theorist, but at same time, what better way is there to stay on top of things than by designing the systems they take place in?" said Eric Fiterman, CEO of security consultancy Spotkick and a former FBI cybercrime special agent. "There are ways to communicate covertly, but the government has virtually unlimited resources."
Even Wickr admits on its website that its service might not be 100% fool-proof.
"We have made this app with the best available security technology, but we strongly encourage you to only send private messages to people you trust," the company said.
If you're really looking for something that will protect your data from the government, Immunity's Wuergler suggested Meebo, a Chinese Skype-like service.
"You'll never get the Chinese to hand over that data," he said. "It's just not going to be accessible to the American government."
Another tactic, if you're more technologically inclined, is to build your own encryption service.
"If someone really wants to keep themselves hidden, they're going to be using encryption heavily and their own tools to cut down on how much data is stored on third-party servers," Wuergler said. "Otherwise, there will be data stored on some server that you don't control, and that's exposed to the NSA."