Verizon's New, Encrypted Calling App Comes Pre-Hacked for the NSA

Verizon is the latest big company to enter the post-Snowden market for secure communication, and it's doing so with an encryption standard that comes with a way for law enforcement to access ostensibly secure phone conversations.

Verizon Voice Cypher, the product introduced on Thursday with the encryption company Cellcrypt, offers business and government customers end-to-end encryption for voice calls on iOS, Android, or BlackBerry devices equipped with a special app. The encryption software provides secure communications for people speaking on devices with the app, regardless of their wireless carrier, and it can also connect to an organization's secure phone system.

Cellcrypt and Verizon both say that government agencies will be able to access communications that take place over Voice Cypher, so long as they're able to prove that there's a legitimate law enforcement reason for doing so. Seth Polansky, Cellcrypt's vice president for North America, disputes the idea that building technology to allow wiretapping is a security risk. "It's only creating a weakness for government agencies," he says. "Just because a government access option exists, it doesn't mean other companies can access it."

Phone carriers like Verizon are required by U.S. law to build networks that can be wiretapped. But the legislation known as the Communications Assistance for Law Enforcement Act requires phone carriers to decrypt communications for the government only if they have designed their technology to make it possible to do so. If Verizon and Cellcrypt had structured their encryption so that neither company had the information necessary to decrypt the calls, they would not have been breaking the law.


http://www.businessweek.com/articles/2014-12-11/verizons-new-encrypted-calling-app-comes-prehacked-for-the-nsa#r=lr-sr