Everybody has a cryptographic telephone in their pocket. The problems are the cryptography is weak, the endpoints are insecure and people underestimate the value of traffic analysis.
Even if the cryptography were perfect the endpoints could still be listened in on and the latter would still be a huge problem.
Mobile phone encryption only works for the phone-to-tower part. Obviously what Appelbaum is referring to is a phone that does end-to-end encryption (still leaking some info but at least the contents of your conversation should be mostly safe), but people that are not capable of making this distinction will be wary of radio intercepts rather than wholesale line tapping.
It would be a funny thing if you needed a key-signing party before you could start to call people on the phone but it may come to that yet.
It's all very do-able. Even carrier voice could be pulled up into userland code in LTE, and therefore could use open source strong encryption.
Social networks are the ideal medium to exchange keys and form and maintain a web-of-trust.
This does not fix traffic analysis, but it would blind Sauron's eye enough to make the current surveillance infrastructure so unreliable as to be useless.
What's needed is for one or two national governments to come to the conclusion that their own surveillance is so far behind the NSA that the only way to win is not to play the game and actually secure their nation's communications and sell this the way tax havens sold financial privacy.
I've noticed my use of Facebook has been restricted and constrained by mistakes I made when I first used Friendster and Tribe and Orkut. I see my family and friends making many of the same mistakes I made - playing the competitive "more friends" game and connection to people they've never met or who they really don't want "snooping" on their social life - exes, coworkers, bosses, friends-of-friendsβ¦
There's no way I'd want Facebook (or Twitter or Google or Yahoo or Microsoft or β¦ ) being any part of a "web of trust" I was using for privacy/encryption/authentication β partly because there's no doubt they're deeply in bed with the NSA (are you really suggesting Facebook's platform is trustworthy enough to exchange keys?), but at least as much because I can clearly see that most people haven't curated their social networking "connections" with anything like the rigor they might have done if they'd been told up-front that "these connections might be used to authenticate your identity and communication to others (potentially including government, law enforcement, and other legal/contractual entities), and also to authenticate your connections identities and communication to those entities."
Do you _really_ know who all of your Facebook "friends" are? Are you _sure_ the person you think that account represents is actually in control of that account? Even if they are, do you trust them enough to vouch for your identity? Are you sure enough of that trust that they wouldn't "betray" you if the NSA, or a police officer, or their local council's dog-catcher, or your car/health insurance company approached them with either a threat or a handful of cash?
Key signing enables keys to be exchanged in a hostile environment. Compare web-of-trust to x.500 directory services, which are dependent on CAs.
It also isn't necessary to use Facebook for key exchange in order to adopt social networking functionality to enhancing a web of trust.
The bottom line is you have to design a secure system to avoid having to trust cloud services. While Facebook may be the poster child for untrustworthyness, you can't trust your own machine in the basement of your house not to get hacked. What you can trust is key signing, because it requires stealing a number of identities all at once.
"It would be a funny thing if you needed a key-signing party before you could start to call people on the phone but it may come to that yet."
Voice conversations are actually much easier to secure than other types of traffic. If the two parties know each others voices, then the security of the connection can be authenticated by each party reading back the shared secret, to each other after the call has been established. This is how ZRTP works and Moxie Marlinspikes "Red Phone".
It would be a funny thing if you needed a key-signing party before you could start to call people on the phone but it may come to that yet.
It seems to me something like Bump would be the perfect avenue for this. Want to call someone securely? Bump phones, transfer public keys over Bluetooth, and compare each other's screens to make sure the keys match. Done.
Even if the cryptography were perfect the endpoints could still be listened in on and the latter would still be a huge problem.
Mobile phone encryption only works for the phone-to-tower part. Obviously what Appelbaum is referring to is a phone that does end-to-end encryption (still leaking some info but at least the contents of your conversation should be mostly safe), but people that are not capable of making this distinction will be wary of radio intercepts rather than wholesale line tapping.
It would be a funny thing if you needed a key-signing party before you could start to call people on the phone but it may come to that yet.