Send As SMS

Wednesday, March 15, 2006

ZFone? I think I'll pass

Sheesh... you mention encryption and VoIP in the same sentence and the world just goes Ga Ga.

Everyone's favorite crypto bad-boy, Phil Zimmerman, has been making the news lately, or at least on Slashdot and BoingBoing. Phil's blog has the official post where he announces the release of ZFone.

So while the world whips itself up into a frenzy of encrypted voice communication, I think I'll be sitting this one out.

Putting aside the fact that at last year's DefCon, Phil couldn't be bothered to show up on time. When he did arrive, he was unable to get ZFone to work through a firewall. We're putting these things aside because the first part is a simple ad hominem argument while the latter is expected from beta software.

My problems with ZFone are thus:

  1. what makes ZFone so special given that PGPfone and Nautilus failed so spectacularly? Readers may want to spend a few moments googling for info on these two projects. Nautilus was an early encrypted VoIP project from the Clipper chip era (early 1990's.) Not much info is available save for this article reproduced on the Risks Digest list. PGPfone was the last "official" VoIP security widget Phil Zimmerman worked on.

  2. I actually kinda like some of the features of PKI. To be sure Phil Z. is the bad boy of the crypto community. Part desperado, part rock-star, I believe he goes against any system that includes any central management facility. If you're a crypto-anarchist (sorry... I had to use the term) then that's okay. If, however, you're a corporate tool like myself charged with building products that people will buy and use, then you have to worry about things like "how easy is it to administer this system." While no-one wants the US government listening in on their private conversations. Or rather... none of my commercial customers are especially happy with the idea that phone calls made during the next business trip they take to Seoul are likely to be intercepted by the local security agencies. So the idea of having the government hold escrow keys is a total non-starter. However... it's hard to sell a system where you have to send a message to everyone and their dog about the fact that you've revoked your signature on bob's key because he turned out to be a no-good scoundrel who left your company to work for Google in China. I love web of trust... honestly I do... but assuming you simply ignore the Entrust salesman the next time he comes around, and you spend a little cash training your IT guys to manage a PKI, it's not that bad of a solution.

  3. What about the other VoIP guys? Anyone remember Skype? Tom Berson evaluated the crypto used in one of their latest clients (here's a copy of his report: 2005-031 Security Evaluation. Tom was virtually crucified for concentrating on the correctness of the crypto while ignoring other security concerns. To be fair, Tom very clearly spelled out what he was evaluating at the beginning of the report; still... people wanted more. And this is the bit that confuses me. Tom Berson can go and evaluate the crypto in a commercial product and get skewered. But Phil Zimmerman, who one could argue, is an expert in the exact same thing... doing crypto right can create a completely new system that may or may not have severe non-crypto related security problems and he's hailed as an internet rock star. Go figure. One thing I hope the next generation of crypto-geeks will take to heart... most of my friends don't want to configure PGP or ZFone. They want me to use Skype. I might be able to get them to use Gizmo, but I'll have to sacrifice a kidney in order to get them to do it...

  4. Just don't get me started about Python. I love Python. I love all the cool stuff Bryan Olsen and Paul Lambert did with crypto in Python. Its just that... If I'm going to include a semi-standard OO language on my platform, it's going to be Ruby or Mozart/Oz.

  5. The most important secret calls I make, are calls I make to people who don't have keys. I don't know if you've noticed this, but it always seems to be that you never know someone's key at exactly the moment you have to send them a credit card number. I suppose that voice communication will be the same. Only this time you'll be spending fifteen minutes on the phone explaining where to download the software and how to generate a key pair before you'll be allowed to talk about anything sensitive. I hate to say it, but I think the guys over at Voltage are on to something. They've eased off of their "completely certificateless" story from a few years ago, now talking about a hybrid IBE / Cert story where trust in a signing key comes from a certificate while your encryption key is derived from some canonical identity string. They've got a little bit further to go, and I really hope they release an open version of their client library sometime, but they've come a long way, and from a technology perspective, their stuff is ready for prime-time.

  6. Secure voice-mail?Anyone? Bueller? Anyone?


Tags: , , ,

posted by Matthew S. Hamrick @ 2:45 AM

0 Comments:

Post a Comment

<< Home