[messaging] JackPair

[Tony Arcieri]

On Thu, Aug 21, 2014 at 2:33 PM, Tom Ritter <tom at ritter.vg> wrote:

> Yup, that's what I was talking about
>

Well, that's all just an additional secondary sidechannel in addition to
the microphone on a Smartphone. The burner "flipphone" use case is...
retro? (thumbs up I guess) Perhaps there are physical mechanisms that
prevent a Smartphone's built-in speaker and microphone from operating at
all when a JackPhone-like headset is plugged in and maybe the acoustic
sidechannel isn't a problem... on certain phones. Seems like it'd need
phone-by-phone research, at best.

All that aside, JackPhone seems like an unwieldy, impractical solution
which despite its open source implementation leaves a lot of questions to
be answered. How does it generate random numbers which it needs for its
alleged forward secrecy enabled key exchange? Are they good?

I think JackPair is silly. If you want to make encrypted phone calls, use
ZRTP, i.e. RedPhone or Signal. Perhaps JackPair would be cool in some sort
of highly unusual activist use case, probably not involving comms over POTS.

If you do end up hearing of stories of JackPair accomplishing something
cool in the wild and can relate them without being a total OPSEC failure,
I'd love to hear them.

--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140821/fec6fc33/attachment.html>