Verizon’s New, Encrypted Calling App Comes Pre-Hacked for the NSA
Verizon has introduced a new product called Verizon Voice Cypher in the US markets yesterday. The Verizon Voice Cypher has been developed by Verizon in collaboration with a encryption company called Cellcrypt and offers end-to-end encryptions to enterprises and government customers for voice calls on iOS, Android and BlackBerry devices. This can be done with a special App that is being offered by Verizon which will allow Verizon customers to speak securely regardless of their wireless carrier. This App will also connect the users to their organisations secure system.
Sounds good!!! Well there is a catch in this App comes with a built in backdoor which will let the law enforcement agencies access to otherwise secure phone conversations.
Both Verizon and CellCrypt have stated that government agencies will be able to access communications that take place over Voice Cypher as long as they give legitimate proof of the requirement for doing so. Cellcrypt’s VP, Seth Polansky denies leaving such a backdoor is a security risk, “It’s only creating a weakness for government agencies,” he says. “Just because a government access option exists, it doesn’t mean other companies can access it.”
To be fair to Verizon, the US Communications Assistance for Law Enforcement Act requires it to build network which can be wiretapped by law enforcement agencies. But the corollary for this law is that Verizon has to decrypt communications for government authorities only if they have technology of doing it. In other words, If Verizon and Cellcrypt had build their encryption that they didnt have technology to decrypt, they wouldn’t come under the purview of this act. Google and Apple have structured their end-to-end encryption in iOS 8 and Android 5.0 lollipop similarly.
While Verizon and Cellcrypt believe that they have done nothing wrong in keeping a backdoor open for the authorities and hope that big businesses and governments will opt for Verizon Voice Cypher, privacy activists beg to differ. With Verizon courting controversy over putting headers in the HTTP section to track its customers and gauge their spending habits and the pre-installed DT Ignite App shipped on Android smartphones and tablets, it may just be giving ammo to the privacy advocacy groups to raise further banner of rights violations. ACLU believes this product will fail, ACLU’s Chris Soghoian believes that Verizon’s approach is unlikely to have wide appeal because of Verizon’s decision not to keep out law enforcement.
Other set of people believe that a pre-designed backdoor or access point is a open door invitation for cybercriminals to exploit. Only time will tell if indeed, Voice Cypher succeeds in making enterprises and governments believe in it inspite of a big gaping hole which authorities can tune into anytime.