I love using Signal and will continue to make modest donations, but I would really appreciate an improvement in audio call quality. I still use Silent Circle for calls because it is so tiring to talk when the bitrate is low.
> I still use Silent Circle for calls because it is so tiring to talk when the bitrate is low.
To be fair, that's a high bar. Our (SC) phone guys are masters at optimizing audio quality. I would be extremely surprised if any other app (encrypted or not) had significantly better audio quality than Silent Phone.
Having used all the encrypted call possibilities there are , you are, in my opinion, absolutely spot on. SC has exceptional clarity. WA isn't bad.
Can you talk more about "our guys" in respect to the fact that the CIA and NSA use the Blackphone? Should I, as a casual business person, be wondering that the handsets you supply to them are in some way compromised? I know that both the NSA and the CIA are interested in my phone conversations, which is why I ironically bought a Blackphone (for when I assume they are listening) and others which make their life harder (but I do accept that I do this more for the kicks of making them work for their intel)
tl:dr - is SC actually secure given that the company has been short on cash for a while and that the CIA and NSA equip their agents with the same phones. I don't mind talking because I have nothing to hide, but backdoor code is usually the case if you are selling 10k phone units to US LE.
As far as I know (and I'm not really very high up in the hierarchy, nor do I know much about the Blackphone hardware), the NSA and CIA are buying them because they are secure. I heard they had a list of phones/apps they are allowed to use internally, and SC was pretty much the only app that made the list at the time.
Keep in mind that "an organization using a secure app" and "an organization wanting to spy on people" are pretty independent goals. I haven't poked around in the client source too much (although I have implemented some stuff for the Android client), but:
1) Nothing in the client seemed out of place.
2) I've seen every line of code running on the web backend and there's nothing untoward going on.
3) Given the culture, I think many of the high-level people would quit before they compromised the product. Especially Phil, who has been sued by the US government for exporting strong cryptography before.
I have to agree. Privacy is a right. It's not often you run into a free alternative that offer sync capabilities across all platforms and devices. You also have a way to restrict or remove access from unknown fingerprints. The only downside I see about Wire is that the option to "submit crash reports and usage data" is enabled by default but that's just an Advanced options visit away from disabling. Give Wire a try and give their white papers covering how they approach [1] privacy and [2] security a read.
I'm a web developer, so I don't really know much, but I know it has to do with our SIP guys losing their minds if the echo canceller is a bit too aggressive on a specific device. They're just very detailed-oriented and want things to be perfect. I swear, one of them is a bat, he can tell I switched phones just because the mic sounds different.
I'd guess both SC and WhatsApp use opus, whereas Signal at the moment is using speex. There is an issue open at github, but it does not seem to be a priority.
I haven't read very much about it, but there seems to be concerns about opus leaking data about the call. I don't know how, but from android5.0 there is an opus encoder included that supports CBR mode.
I've never noticed a quality issue... because I've never had a call connect at all (to be fair, it's been a while since I accidentally clicked the "call" button and checked, since I've long given up on trying to use it deliberately).
Agreed. WhatsApp calls are near flawless when connections are good, I'm sure WS can reach audio quality parity.
I often get disconnected on Signal after 20 minutes or so on a voice call, but I suspect that's due to the other end being behind a VPN with awful latency.
Did FB/WA clarify that they use the OW audio encryption algos, or did they just put the OW 'trophy' on the wall without the actual implementation?
WhatsApp is, I agree, very good quality for what it is, but I would never trust it or FB with anything but social/personal calls. Social Media platforms are for other people to hand over their lives to. Let them subsidize my detachment from their usage, and I thank them for it. I'm sure there will come a day where you can't use WA without a FB account, at which point it is dead to me and my social contacts will be the first to know about it via WA.
"WhatsApp calls are also end-to-end encrypted When a WhatsApp user initiates a call:
1 The initiator builds an encrypted session with the recipient (as outlined in Section Initiating Session Setup), if one does not already exist
2 The initiator generates a random 32-byte SRTp master secret
3 The initiator transmits an encrypted message to the recipient that signals an incoming call, and contains the SRTp master secret
4 If the responder answers the call, a SRTp encrypted call ensues"
From wikipedia:
"Signal voice calls are encrypted with SRTP and the ZRTP key-agreement protocol, which was developed by Phil Zimmermann.[1][57]"
So from where I'm reading they seem to be doing more or less the same thing when it comes to encrypting voice calls.
SRTP and ZRTP is only for negotiating what to use. You can still use different codecs. I'd guess Wire, WA and SC use opus (since it is by far the best), while signal is still using speex.
ZRTP makes negotiation possible, so a roll-out of opus should be possible without breaking older clients.
Unless this is some non-standard variant, ZRTP only negotiates a key exchange for use when encrypting the audio packets (the 'S' in 'SRTP'). Neither of those protocols has anything to do with codec selection, which is done via a SDP sent over SIP, or some other signaling protocol.
Sorry. I should just shut up about things I don't know much about. I thought the rtp part did negotiation, since they specify a "payload type" field and remembered the zrtp config in jitsi where you can specify codecs, and jumped to conclusions.
The payload type field ends up just letting you do stuff like send RTP events (like DTMF tones) over RTP by sending a different payload type that the other end can interpret in a different way than as being part of your main audio stream. Either way tho, all the payload types that you should expect to see over the channel should be negotiated beforehand, using another protocol.
But no worries... there are a ton of moving parts in these protocols, and even though I've been working with them for a while, I still tend to forget details here and there, too.
If they seem to be doing something that is "more or less" the same then my radar is triggered for them not actually declaring they are delivering totally encrypted (ie no backdoor tomfoolery) voice calls.
Over the past year, we've been progressively rolling out Signal Protocol support for all WhatsApp communication across all WhatsApp clients. This includes chats, group chats, attachments, voice notes, and voice calls across Android, iPhone, Windows Phone, Nokia S40, Nokia S60, Blackberry, and BB10.
that's interesting. I'm running a 2 year old Xperia Z3 and it never occurred to me that my CPU might be the issue, but SC seems to handle audio quality just fine
