Following our discussion in the last post - Juiker - Secure to talk? We would like to get a closer look at how to obtain a better communication security. And conclude by re-thinking of the security issues of using those free VoIP / mobile instant messaging apps, e.g.
Skype,
BBM,
WhatsApp,
Viber,
LINE,
Juiker, etc.
How to obtain a better communication security? We would like to exam this issue and present our solutions in two aspects: Technical and strategical.
In technical aspect:
Any voice, video, text, graph or data communications without any encryption techniques applied during the transmission are simply unprotected. Anyone who can tap the transmission wire or gather all the transmitted packets can easily intercept, listen to, eavesdrop or copy the content of communication. Therefore, maintaining a dedicated secured wire connection or having all the transmitted signals or packets encrypted are two very basic techniques to make a secure communication.
While maintaining a dedicated secure wire communication network is inconvenient and too costly, encryption is used as a relatively convenient, effective and practical method to secure communications. Encrypting your signals or packets of voice, video, text, graph or data before transmitting over the public wire / wireless communication networks (e.g. PSTN, PLMN, VPN, Internet, etc.) is the way to go for secure communications.
Most of the popular apps for free mobile voice / video calls and text messaging services have their transmission encrypted. BBM, Skype, and WhatsApp are some examples of those do encryption. By now, we do not know whether or not LINE and Juiker support encrypted transmissions. For those who have concerns of communication security, using transmission encrypted apps is a smarter choice.
Examples of free apps that support encrypted transmission VoIP features -
BBM (left), WhatsApp (center), CSIPSimple (right).
Besides, using an IP-PBX and IP phone system that supports encryption (e.g. SRTP, ZRTP, ect.) is also a considerable solution of secure telephony technology to protect your own business secrets and private communication freedom. For those who have geographic-distributed multi-site business facilities and concern about site-to-site communication security, using encrypted VPN connection tunnel technology (e.g. IPSec, SSL, etc.) can be the solution.
One thing to note - There is hardly a 100% absolute secure encryption technique. Sooner or later it can be decrypted by someone who is interested in and intended to knowing the content of communication. For example, one may resolve the original encryption key by using computer try-and-error decryption attempt after a certain period of time (say 3, 6, or 10+ years, sooner or later). Therefore, encryption shall be taken only as a relatively more secure way of communications, that can protect secrets over a period of time depending on the strength of encryption technique applied and the decryption computing power. Absolute secrets or absolutely sensitive matters should keep away from any telecommunication means all the time.
In strategical aspect:
Other than using encryption techniques, there are also some strategies that we can take to relatively improve communication security or reduce possibility of being snooped, eavesdropped or intercepted.
One of the strategies is to maintain and use your own communication devices, especially those terminal and core devices that handle the raw unencrypted voice, data or packets. Using your own on-premises IP-PBX, hard-phone and/or soft-phone equipment with trustful encryption features in a communication system is an example of possible solution architectures. The key points are to ensure that
- Unencrypted signals or data packets are handled and carried only on your own devices (e.g. your own on-premises switching equipment, IP-PBX, servers, LAN, etc.).
- All signals or data packets are encrypted before they go passing through devices and networks of other's own (e.g. telco's equipment, PSTN, PLMN, Internet, etc.).
- The encryption functionality in-use is reliable, trustful and even verifiable (e.g. open-source ZRTP protocol).
If you still have to use those communication apps / devices / platforms / services-in-the-cloud of someone else's own (e.g. Skype, BBM, WhatsApp, LINE, Juiker, etc.), the competition / conflict avoidance strategy shall be quite helpful to keep your communication better secured. The key point is to avoid using devices and/or services provided from whom have competition or interest conflict with you.
- Avoid putting your communication on and through a system managed by someone who is interested in and intended to knowing your secrets. This is quite an effective non-technical strategy that people sometimes forget to use.
For example, Apple's CEO probably will not use Google's Gmail for email on business. Google's CEO probably will not use Apple's FaceTime nor Microsoft's Skype for business telephony communications. Taiwan Semiconductor Manufacturing Company (TSMC) may not use communication apps or services from competitors' countries, because TSMC is one of the leaders in the semiconductor manufacturing industry among countries today. Using communication apps or services managed from competitors' countries may cause a higher possibility of information leakage.
Conclusion:
Who hosts and manages BBM, LINE or Juiker? Whom do you want to prevent from knowing your secrets? Who is most likely to snoop your communications? You can easily determine whether or note an app is suitable or relative more secure for you by answering these questions. Take Juiker as an example. Juiker is made and hosted by Taiwan's ITRI. How well will it fit Taiwaner's needs for convenient and secure communications at the moment now?
Hopefully the above descriptions can help to build a better understanding of communication security and improve our ability to secure communications. Welcome discussions and further inquiries for technical support and VoIP products from Suilah.com.
Suilah, that's it.
Related story on Suilah.com:
Juiker - Secure to talk? - Part 1
Related reference resources: