Blackphone SilentCircle gets hacked at Def Con

‘Surveillance-proof’ Blackphone gets hacked at Def Con

Hacker Justin Case roots the phone and declares it on Twitter.

THE BLACKPHONE, which Silent Circle claims to be the world’s most secure phone, reportedly has been hacked at the Def Con hacker conference in Las Vegas.
Hacker Justin Case, who is known as @TeamAndIRC, claimed to find three vulnerabilities and hack the phone on three separate occasions to gain root access, announcing his findings on Twitter.
However, the tweets caused a bit of a stir among security experts, as the first hack supposedly was accomplished on an un-patched version of Android.

Reset the Net protest #RESETTHENET

The NSA document leaker SNOWDEN joins Google, Mozilla, Reddit, WordPress, Twitter and many others in a campaign and day of action that aims to help Internet users.

Part of the campaign is a huge social media Thunderclap that will see partner websites and supporters tweet the same protest message at the same time. Also available is a ‘privacy pack’ that includes banners and other website ephemera.

I am using private and encrypted communication app by SECUMOBI
Encrypted Calls

Snowden called on others to join him for the 5 June day of action, and implement technologies to put an end to the mass government surveillance programmes.
“This is the beginning of a moment where we the people begin to protect our universal human rights with the laws of nature rather than the laws of nations,” he said.
“We have the technology, and adopting encryption is the first effective step that everyone can take to end mass surveillance. That’s why I am excited for Reset the Net – it will mark the moment when we turn political expression into practical action, and protect ourselves on a large scale. Join us on 5 June, and don’t ask for your privacy. Take it back.”
Snowden’s statement comes a day after Google announced that it was joining the Reset the Net campaign. Reset the Net already has many backers including Reddit and it will use the day to highlight privacy issues and security measures. The effort is supported by the Fight for the Future internet activist organisation.

Mass surveillance is illegitimate. I’m taking steps to take my freedoms back and I expect governments and corporations to follow in my footsteps and take steps to stop all mass government surveillance. After you sign, protect yourself here.

Encrypted Email End-To-End by Google

Making end-to-end encryption easier to use
Tuesday, June 3, 2014 12:56 PM
posted by Stephan Somogyi, Product Manager, Security and Privacy

Your security online has always been a top priority for us, and we’re constantly working to make sure your data is safe. For example, Gmail supported HTTPS when it first launched and now always uses an encrypted connection when you check or send email in your browser. We warn people in Gmail and Chrome when we have reason to believe they’re being targeted by bad actors. We also alert you to malware and phishing when we find it.

Today, we’re adding to that list the alpha version of a new tool. It’s called End-to-End and it’s a Chrome extension intended for users who need additional security beyond what we already provide.

“End-to-end” encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser.

While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use. To help make this kind of encryption a bit easier, we’re releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption tools.

However, you won’t find the End-to-End extension in the Chrome Web Store quite yet; we’re just sharing the code today so that the community can test and evaluate it, helping us make sure that it’s as secure as it needs to be before people start relying on it. (And we mean it: our Vulnerability Reward Program offers financial awards for finding security bugs in Google code, including End-to-End.)

Once we feel that the extension is ready for primetime, we’ll make it available in the Chrome Web Store, and anyone will be able to use it to send and receive end-to-end encrypted emails through their existing web-based email provider.

We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection. But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it.

You can find more technical details describing how we’ve architected and implemented End-to-End here.
Making end-to-end encryption easier to use
Tuesday, June 3, 2014 12:56 PM
posted by Stephan Somogyi, Product Manager, Security and Privacy

Secure Encrypted Communication (Voice, Messages, Emails) Market Value

Hardware Encryption Market to reach $166.67 Billion by 2018 at a 62.17% CAGR

Encryption of data is a process of converting it into a form, where it becomes unintelligible to any person without access to a key/password to decrypt the data. The two forms of encryption that exist currently are the hardware-based encryption and software based encryption.
The major difference between hardware encryption and software encryption is that in hardware encryption, the encryption and decryption processes are done by a dedicated processor on the hardware encrypted device. In software encryption, the resources of the device on which the software is installed, are used for the encrypting and decrypting the data. This makes hardware encryption much faster. Another advantage of hardware encryption is that the cryptographic key is stored in a separate inaccessible portion of memory storage, thus making it more secure than software encryption.
Currently the cost of adding hardware encryption capability to storage products is still slightly high ($ 20-30, on an average). Also, the flooding in Thailand and the earthquake in Japan in 2011 pushed the prices of all hard disk drives up in 2012. This was mainly because all the top players in the digital storage industry have manufacturing plants in the APAC region, especially in Thailand. Thus a demand-supply imbalance caused a drastic rise in the average selling price of hard disk drives in 2012. Such external factors have delayed the adoption and wide spread deployment of hardware encrypted products. The hardware encryption market is on the road to recovery and the product prices are starting to come down again and this is driving the market forward.
The global hardware encryption market revenue is expected to reach $14.86 billion by end of 2013. It is also expected to grow to $166.67 billion in 2018 at a CAGR of 62.17%. Similarly, volumes are estimated to grow from roughly 59.76 million units to 691.79 million units in 2018 at a CAGR of 63.20%. This growth is heralded by the consumer electronics applications market for hardware encryption products. The hardware encryption applications in the Military Defense and Aerospace (MDA) applications sector is also expected to grow rapidly in the coming five years.
The Total addressable market (TAM) revenue for hardware encrypted hard disk drives is estimated to grow from $48.57 billion in 2013 to $146.37 billion in 2018. Thus, the market penetration of hardware encrypted HDDs into this TAM stands at 20.07% in 2013 and is expected to grow to 69.05% by 2018. The rapid adoption of hardware encryption is expected in the near future. The TAM revenue for hardware encrypted USB drives is estimated to grow from $6.82 billion in 2013 to $19.14 billion in 2018. The market penetration of hardware encrypted USB drives into this TAM stands at 33.17% in 2013 and is expected to grow to 63.81% by 2018. The TAMs have been calculated by the addition of the TAMs for each of the respective application markets.
When geographical markets North America, Europe, Asia Pacific and the Rest of the World are considered, APAC has the major share in the market with expected revenue of roughly $5.15 billion in 2013. The CAGR of the market’s primary base – APAC, for the period 2013 to 2018 is calculated to be 58.40%. Europe and North America are the fastest growing regions, with expected CAGRs of 64.03% and 63.69% respectively from 2013 to 2018, due to the major growth spurts expected in the consumer electronics sector in the developing countries in this region.
The major players in this market are Seagate Technology PLC (U.S.), Toshiba Corporation (Japan), Western Digital Corporation (U.S.), Samsung Electronics Co. Ltd. (South Korea), Micron Technology, Inc. (U.S.), SanDisk Corporation (U.S.), Kingston Technology Corporation (U.S.), Imation Corporation (U.S.) and so on.

Consumer electronics and Military, Defense & Aerospace (MDA) are the major applications for hardware encrypted products. But since the storage devices are inevitably used in almost all the application sectors, the Total Addressable Market (TAM) for hardware encrypted devices is very huge.

This report is focused on giving a bird’s eye-view of the complete hardware encryption industry with regards to the products market with detailed market segmentations; combined with qualitative analysis of each and every aspect of the classifications done by semiconductors, products, applications, sub-applications, verticals, and geography. All the numbers, both – revenue & volume, at every level of detail, are forecasted till 2018 to give a glimpse of the potential revenue base in this market.
As VoIP technology becomes more heavily integrated into the workplace, so too do the opportunities for hackers.
Voice information during a VoIP call is generally
routed unsecured through data packets on a public
network. There is software that can capture, reconstruct
and/or modify these sensitive voice conversations.
Standard VoIP implementations offer numerous
undesirable opportunities for creative hackers [6]:
- Eavesdropping and recording phone calls
- Tracking calls
- Stealing confidential information
- Modifying phone calls
- Making free phone calls
- Pranks / Practical jokes
- Board room bugging
- Sending spam (voice or email)
There are currently several competing VoIP
standards in the market (such as SIP [7], IAX [8] and
H.323 [9]), and very few practical security standards
available to secure them. Furthermore, many
enterprises that have adopted VoIP technology have
not been able to effectively secure these solutions as a
result of multi-vendor incompatibilities [10].

Hardware Encryption Market – By Algorithms (AES, RSA), Architectures (FPGA, ASIC), Products (Hard Disk Drives, USB Drives and In-Line Encryptors), Applications, Verticals and Geography – Analysis & Forecast (2013 – 2018)

Today’s IP news roundup highlights some of the latest headlines in VoIP, unified communications and more:
Infonetics Research revealed that the global VoIP market is expected to rise from $63 billion in 2012 to $82.7 billion by 2017. Their latest “VoIP and UC Services and Subscribers” market share and forecast report also stated that the use of SIP trunking jumped 83% between 2011 and 2012, as more multi-site businesses adopt it for flexibility and cost savings. Meanwhile, hosted VoIP and unified communications services revenue increased 17% in the same time period. For more information on the VoIP services market, see the Infonetics press release.
Your employees are the biggest threat to your network. AlgoSec’s “State of Network Security Policy Management” survey revealed that 64.5% of respondents believe that insiders pose the biggest risk to their organization. According to an article on the Channelnomics blog, “Respondents cite the bring-your-own-device (BYOD) trend as a major source of security breaches, while 40 percent report employee devices increase the overall risk of network and application outages.” Meanwhile, 60% of respondents cite “poor processes and a lack of visibility into security policies as one of the most significant obstacles to accurately detecting security threats.” For more information on the “State of Network Security Policy Management” survey, see Channelnomics.
New e-book outlines ways to secure your network and support your mobile workforce. The Business 2 Community blog ran an excerpt from Avaya’s 2013 Guide: TheCollaboration Trends, which outlines ways to protect your network from hackers when you adopt unified communications. According to the article, “Researchers at Avaya’s VIPER Lab and NACR have found that an unprotected IP phone gateway will be found and broken into by hackers located anywhere in the world within a week. Our research shows you can expect hackers to use your corporate network to rack up about $2,000 worth of fraudulent calls in just 8 hours–or half the time between the end of one workday and the start of the next one.” However, a number of security measures, such as encrypting your VoIP calls and using session border controllers, can help keep the hackers out. For more information on how to protect your network while supporting unified communications, see the Business 2 Community article.
- See more at:

2014 Market Share, Size, and Forecasts: WW, NA, EMEA, APAC, CALA
Equipment and Software
Enterprise Unified Communications and Voice Equipment (Q)
Enterprise Telepresence and Video Conferencing Equipment (Q)
Enterprise Session Border Controllers (Q)
VoIP and UC Services and Subscribers (A)
Business Cloud VoIP and UC Services (A)
SIP Trunking Services (A)

North America Business VoIP Service Scorecard (A)

North American Enterprise Surveys
SIP Trunking and eSBC Strategies (A)
UC Cloud and On-Premises Strategies and Vendor Leadership (A)

Continuous Research Service
Analyst Research Notes: VoIP, UC, and IMS (O)

How to check if your Hosted VOIP PBX is Secure?

Are You Using a Hosted VoIP System? Investigate It As soon as possible.

Has the service provider provisioned your voice services with security in mind?

Evaluate services such as VLAN configuration, user authentication, and encryption, as well as the security of configuring and signaling methods. Also investigate any HIPAA, SOX, PCI, or other compliance guidance that may apply.

A client of our hosted contact center service wanted voice encryption on its phones because it’s highly protective of its data and it’s also subject to regulatory compliance

,” says XYZ, CIO at (NDA company signed). A Cisco Registered Partner, USAN provides contact center communications and optimization solutions that give users flexible ways to engage customers across channels.
Secure Encrypted VOIP APP android solution made in Sweden
For this client, (NDA company signed) chose the Secure Real-Time Transfer Protocol (SRTP) because it’s easy for users to use, has less overhead than IPsec protocols, and does not cause any difference in voice quality, says XYZ, vice president of managed services.

“By integrating SECUMOBI micro SD card, we give the client a customized encrypted solution that implements SRTP based on the configuration file in their VOIP server that is associated with the phone’s MAC address,” says Elias KAI, co-Founder of

WhatsApp Location unsecure to share with friends

Do not share your location with your friends on WhatsApp until this issue is fixed!

Published on Apr 13, 2014

When you send your location over WhatsApp, the location image is unencrypted! Do not share your location until this bug is fixed.

Researchers at UNH discover a bug in WhatsApp’s location sending feature.


We recently discovered what we believe to be a flaw in the way WhatsApp sends location data when it downloads the location from google maps. The main issue is that the location image is unencrypted, leaving it open for interception through either a Rouge AP, or any man-in-the middle attacks. In the spirit of keeping the world a safer place, we felt that it is best to send this bug/vulnerability to the WhatsApp team directly, which we did. They responded professionally with the following message:

” Hello XXXXXX, Thank you for your report. We have already implemented this solution in the latest beta versions of our app. We will be rolling this fix out to the general public with the next release on each platform. If you have any other questions or concerns, please feel free to contact us. We would be happy to help!”

We would like to note that we think WhatsApp is a great application, and the reason for us publicizing this on the Blog is so that people will not share their location on WhatsApp until this Bug is fixed.

Below we describe our experimental setup, the results, and the ramifications.

Network Forensics Experimental Setup

The mobile traffic was captured using the Windows 7 virtual wifi miniport adapter feature. The host computer was connected to the Internet via an Ethernet cable so that the wireless card was not in use. The Ethernet connection was set to share its Internet access with the virtual wifi miniport adapter — this helped us mimic a Rouge Access Point (AP). We were now able to capture the traffic over the wireless network using NetworkMiner and Wireshark. This is explained more elaborately in the posted video.


When sending a location over WhatsApp we were able to reconstruct the location image that was sent as shown in our video. We note that the capturing of the location seems to occur only when the image was downloaded from google maps to be sent. The source was listed as google maps and the destination was the IP of the tested phone. We were not able to intercept the image until the message was sent from the phone, indicating that the download of the image did not occur until the message was actually sent. To validate our results, we ran multiple different experiments, and in one case, we installed tcpdump on the phone device, and found similar results.


When the image is being downloaded from google maps, it should be done over an encrypted tunnel.


Anyone, including the service providers will be able to collect this information — and anyone that sets up a rouge AP, or any man-in-the middle attacks such as ARP poisoning will be able to capture this unencrypted traffic and view the locations being sent from a phone.


Science & Technology

Standard YouTube License

Thumbnail47:33 Lumea lui Banciu – 14 aprilie 2014 – emisiune completa by B1TVChannel 1,702 views
Thumbnail45:49 The End of the Universe: Big Crunch, Big Chill or Big Rip? by HD Universe Channel 257,066 views
Thumbnail5:23 Viber Security Vulnerabilities: Images, Doodles, Location and Videos sent over Viber is unencrypted by UNHcFREG 5,839 views
Thumbnail3:18 HOW TO Spy on Whatsapp messages (100% FREE) MUST SEE ,MUST HAVE by MrWakeupProductive 191,719 views
Thumbnail12:31 Jordan Belfort: “Insanity happens.” by CNN 340,196 views
Thumbnail1:10 [HD] Nivaldo Prieto chora ao falar de Luciano do Valle | Gol | 20/04/2014 by RenJG+ 8,927 views
Thumbnail58:52 Strain Hunters India Expedition (FULL HD MOVIE) by greenhouseseeds 2,267,676 views
Thumbnail5:07 Dard Dilon ke Kam Ho Jaate Full SOng Lyrics.. | The Expose by pria songs 79,857 views
Thumbnail12:03 Nokia X Unboxing + Full Demo and First Impressions (White) by Danny Winget 37,579 views
Thumbnail3:51 ULTRA STREET FIGHTER IV プレイ解説 ヒューゴー編 by taitochannel 26,490 views
Thumbnail3:06 Bebezinho Discutindo Hora de Dormir Com o Pai !!! by lucianolusela 81,953 views
Thumbnail4:35 WhatsApp para PC (YouWave 4.1.1 FULL) 2014 by Tuto.Ze.Bra 10,450 views
Thumbnail52:52 Angra 2001 Rebirth Full Album by Roberto Silveira 31,689 views
Thumbnail23:15 Top 20 Best Android Apps 2014 by Explore Gadgets 532,879 views
Thumbnail1:26:39 Malware Hunting with the Sysinternals Tools by TECHED 26,651 views
Thumbnail9:49 TEENS REACT TO SMARTPHONES by TheFineBros 4,134,219 views
Thumbnail1:04:29 Night Of a Thousand Laughs |Volume 16| by AFRICAplus TV 190,002 views
Thumbnail12:05 Climate Change 2014: Impacts, Adaptation, and Vulnerability by IPCCGeneva 17,323 views
Thumbnail5:03 Top 5 Worst Phones Ever! by Austin Evans 1,727,765 views
Thumbnail21:30 Octodad – Dadliest Catch – Aquarium [3] by iBallisticSquid 773,250 views

YouTube home

Press & Blogs
Creators & Partners

Policy & Safety
Send feedback
Try something new!

Is VIBER Secure? Images, Videos Vulnerabilities Hacking time

Viber Security Vulnerabilities: Images, Doodles, Location and Videos sent over Viber is unencrypted

All comments (11)
Share your thoughts
18 hours ago

bbm is the best ,, thanks for your video 
Institute of Information Security via Google+
1 day ago

Researchers find security flaw in #Viber messaging app that allows un-encrypted data transfer between users. #infosec
Mian Muhammad Arif via Google+
2 days ago (edited)

Feel good that i am not one of those who love these crappy apps(and many more) for messaging. #whatsapp #viber
23 hours ago

Viber by far is not the only one – “GV Mobile +” on the iPhone has the same issue (as easily seen by looking at the screen shots on the AppStore)
Cisco Wolf via Google+
1 day ago
Christopher Burgess originally shared this

VIBER – if you use viber – take a moment and understand how they did NOT configure their AWS data stores containing your information with security in mind. Your video, photos and texts are available for perusal by third parties. For more details than contained in this video, you may wish to read this piece:
Viber’s poor security practices threaten user privacy

1 day ago

Köszi #viber :/
Viber Security Vulnerabilities: Images, Doodles, Location and Videos sent over Viber is unencrypted 
2 days ago

Robert M. via Google+
1 day ago

Christopher Burgess
1 day ago

If you use VIBER please read and heed
Christopher Burgess originally shared this

VIBER – if you use viber – take a moment and understand how they did NOT configure their AWS data stores containing your information with security in mind. Your video, photos and texts are available for perusal by third parties. For more details than contained in this video, you may wish to read this piece:
Viber’s poor security practices threaten user privacy

Balázs Szabó via Google+
1 day ago
@androbeee originally shared this

Köszi #viber :/
Viber Security Vulnerabilities: Images, Doodles, Location and Videos sent over Viber is unencrypted 
Nena D’mente via Google+
1 day ago
Christopher Burgess originally shared this

VIBER – if you use viber – take a moment and understand how they did NOT configure their AWS data stores containing your information with security in mind. Your video, photos and texts are available for perusal by third parties. For more details than contained in this video, you may wish to read this piece:
Viber’s poor security practices threaten user privacy

Encrypted Chat Messages & Voice Calls by

SECUMOBI has launched to a private circle, governmental agencies and business partners a unique encrypted mobile communication solution.

You could subscribe to SECUMOBI services and receive a micro sd card that you can insert into any Android mobile phone, download the VOIP Chat messaging app, enter your pin code and start securely communicating with private contacts that has also SECUMOBI.

SECUMOBI is offering a highly secure AES 256-bit encryption and aiming to become the secure global communication VOIP – VOLTE operator.

Secure Encrypted VOIP APP android solution made in Sweden


Confidentiality and Privacy by a Swedish company

SecuMobi provides end-to-end encryption of calls and messages between SecuMobi users with “perfect forward secrecy” by generating a unique encryption key for each call. Security card performs all cryptographic functions, including encrypting the speech stream.


Local storage of public keys used authentication by a user.
Support for offline verification of credentials to ensure user identity

SECUMOBI Usability

User friendly – works like a regular mobile phone
Individual phone books give freedom to call anyone who has SecuMobi.
Configurable settings to customize the application according to personal preferences
Separation of advanced setting
Ability to configure auto-start when the phone is switched on
Always works when mobile data is working. The subscription must allow Internet telephony , such as Skype
Discreet – used on ordinary mobile phones without external accessories
Is always ready to use
Support selected Nokia Symbian S60 phones ( SecuMobi 3)
Supports Android 2.3 Gingerbread and 4.0 Ice Cream Sandwich ( SecuMobi 4)
Fast call setup and minimal latency due to unique encryption technology


Verified for use in the EDGE network and better. Often function even in the GPRS network
Supports STUN / ICE to get through firewalls
Configurable support for keepalive in mobile networks and WiFi networks


All safety features are available on the safety card
Bluetooth disabled during secure conversations
Encryption is based on hardware tokens , a secure μSD card with integrated crypto – processor
Private and public keys are generated on μSD card. The private key is protected and never leaves the card.
Protection against attacks from the side channels
Security Profile compliant with the recommendations of the NSA Suite B
Authentication through ECC 384
Speech encryption based on AES 256 with unique key for each call.
AES 256 and digital signatures to protect the storage of messages and phone book.
Fixed bit-rate codec
Access to the card is protected by PIN and PUK codes


SecuMobi product package consists of:

A safe μSD card
A mobile app , downloadable from the server
PIN and PUK card security


SecuMobi client uses the SIP protocol service offered by Exformation as a globally available service or as a customized solution with a customer-specific server. For distribution outside of the EU, permission must be granted for export to the purchaser and end user certificate must be issued by the client.

SECUMOBI micro SD Security Card

Gisecke & Devrient Secure mobile card Voice Edition 2.0 Smart card in μSD form factor Advanced protection technology security cards including side channel attack.
SD flash memory , 2 GB
Cryptographic Processor on board
Key generation on card
FIPS certified
The security module hardware is Common Criteria certified IAL 5

SECUMOBI: Real time Encryption in Voice Calls and Chat messages communication

Authenticated Diffie- Hellman 384 bit elliptic curve cryptography
AES 256 -bit keys for encryption of calls and text
Unique key for each call – Perfect Forward Security
PIN -protected services in the security card
The third level of protection of SECUMOBI software application is also the protection of the devices used for calling, that is protection against spy softwares. During every call the SECUMOBI VoIP application continuously monitors the device used for the conversation in order to ensure that no other software can access the voice signals. In case the SECUMOBI VoIP application detects a spy software on the phone, it turns off immediately.
The special closed secure VOIP SECUMOBI network, the unique cryptochip protecting the network keys and the application protecting the phone, together guarantee the security of SECUMOBI susbscribers calls.
It is possible to customize the key length and ECC parameters to create fully closed user groups or customize safety profile.

SECUMOBI Secure VOIP Voice Call Quality

Last AMR technology not using VBR
High call quality worldwide in networks supporting EDGE or better
Low Delay
Fast call setup
Can also be used in GPRS network
Mobile Handset compliance

Most phones using Android 3.2 and 4.0
Nokia S60 3rd edition feature pack 2 handsets with Symbian 9.3 , E52 and E72
Requires telephone with room for μSD card
SecuMobi compatibility with Windows 7 PC is in progress. Blackberry and Windows Mobile 7 has been evaluated

Power and network

Low Power Standby
Low power consumption from security card.

You can download and start using SECUMOBI