Silent Circle (software)#Silent Circle Instant Message Protocol

{{Infobox company

|name = Silent Circle

|logo = Silent Circle.png

|logo_size = 300px

|logo_caption =

|image =

|image_caption = Silent Circle logo

|trading_name =

|native_name =

|native_name_lang =

|type = Private

|traded_as =

|industry = Software

|genre =

|fate =

|predecessor =

|successor =

|foundation = {{Start date|2011|10}}

|founder =

|defunct =

|location_city = Washington DC, United States

|locations =

|area_served =

|key_people = Gregg Smith - CEO

|products =

|production =

|services =

|revenue =

|operating_income =

|net_income =

|aum =

|assets =

|equity =

|owner =

|num_employees =

|parent =

|divisions =

|subsid =

|footnotes =

|intl =

|romanized =

|former type =

|homepage = {{URL|https://www.silentcircle.com/}}

|bodystyle =

}}

Silent Circle is an encrypted communications firm based in Washington DC.{{Cite web|url = https://www.cyberscoop.com/back-in-america-with-a-black-eye-silent-circle-rebuilds-focused-on-software/|title = Back in America with a black eye, Silent Circle rebuilds with focus on software |date = 27 July 2017|accessdate = 22 May 2020 |last = O'Neill|first = Patrick Howell}} Silent Circle provides multi-platform secure communication services for mobile devices and desktops. Launched October 16, 2012, the company operates under a subscription business model.{{cite magazine|url=https://www.fastcompany.com/3001938/phil-zimmermanns-silent-circle-builds-secure-seductive-fortress-around-your-smartphone|title=Phil Zimmermann's Silent Circle Builds A Secure, Seductive Fortress Around Your Smartphone|author=Ungerleider, Neal |date=5 October 2012 |magazine= Fast Company |accessdate=2015-05-23}} The encryption part of the software used is free software/open source and peer-reviewed. For the remaining parts of Silent Phone and Silent Text, the source code is available on GitHub, but under proprietary software licenses.{{cite web|url=https://github.com/SilentCircle/|title=SilentCircle|website=GitHub|accessdate=2015-05-23}}

History

In November 2011, Mike Janke called Phil Zimmermann with an idea for a new kind of private, secure version of Skype. Zimmermann agreed to the project and called Jon Callas, co-founder of PGP Corporation and Vincent Moscaritolo. Janke brought in security expert Vic Hyder, and the founding team was established.{{cite web|last=Bort|first=Julie|title=An Internet Hall Of Famer And Some Navy SEALs Want To Make Your iPhone Safer |url=http://www.businessinsider.com/phil-zimmermann-silent-circle-2012-9|work=Business Insider, Inc.|accessdate=12 March 2013}}{{cite web|last1=Takahashi|first1=Dean|title=Crypto wiz Phil Zimmermann leads charge to make phone calls really private|url=https://venturebeat.com/2014/08/08/crypto-wiz-phil-zimmermann-leads-charge-to-make-phone-calls-really-private/|publisher=Venturebeat|accessdate=26 January 2015|date=8 August 2014}} The company was founded in the Caribbean island of Nevis, but moved its headquarters to Le Grand-SaconnexMoneyhouse: [https://www.moneyhouse.ch/en/company/silent-circle-sa-11156315771 Silent Circle SA] (excerpt from the commercial register) near Geneva, Switzerland in 2014 in search of a country with "stronger privacy laws to protect its customers' information."{{Cite news|url=http://www.techrepublic.com/article/defending-the-last-missing-pixels-phil-zimmermann/|title=Defending the last missing pixels: Phil Zimmermann speaks out on encryption, privacy, and avoiding a surveillance state|last=Ranger|first=Steve|date=23 June 2015|work=TechRepublic}}

On August 9, 2013, through their website, Silent Circle announced that the Silent Mail service would be shut down, because the company could "see the writing on the wall" and felt it was not possible to sufficiently secure email data with the looming threat of government compulsion and precedent set by the Lavabit shutdown the day before.{{cite news|last=Tsukayama|first=Hayley|title=Lavabit, Silent Circle shut down e-mail: What alternatives are left?|url=https://www.washingtonpost.com/business/technology/lavabit-silent-circle-shut-down-e-mail-what-alternatives-are-left/2013/08/09/639230ec-00ee-11e3-96a8-d3b921c0924a_story.html|accessdate=10 August 2013|newspaper=Washington Post|date=Aug 9, 2013}}

In January 2015, Silent Text had a serious vulnerability that allowed an attacker to remotely take control of a Blackphone device. A potential attacker only needed to know the target’s Silent Circle ID number or phone number.{{cite web|last1=Dowd|first1=Mark|title=BlackPwn: BlackPhone SilentText Type Confusion Vulnerability|url=http://blog.azimuthsecurity.com/2015/01/blackpwn-blackphone-silenttext-type.html|publisher=Azimuth Security|accessdate=1 December 2015|date=27 January 2015}} Blackphone and Silent Circle patched the vulnerability shortly after it had been disclosed.{{cite web|last1=Mimoso|first1=Michael|title=Memory Corruption Bug Patched in Blackphone Silent Text App|url=https://threatpost.com/memory-corruption-bug-patched-in-blackphone-silent-text-app/110703/|website=Threatpost|publisher=Kaspersky Lab|accessdate=1 December 2015|date=28 January 2015}}

In March 2015 there was a controversy when Information Security specialist and hacker Khalil Sehnaoui identified that Silent Circle's warrant canary had been removed from their site.{{cite web |url=https://www.zdnet.com/article/silent-circle-denies-secret-gag-order-data-warrant/ |title=Silent Circle: We haven't been served a single demand for data |date=8 March 2015 |work=ZDNet |publisher=CBS Interactive |access-date=3 November 2015}}

In January 2017 Gregg Smith was named CEO with a renewed focus on serving the large business space as well as Government entities. At the same time Tony Cole, VP and Global Government CTO of FireEye, was named to the Board of Directors.{{Cite web|url=http://www.marketwired.com/press-release/silent-circle-appoints-gregg-smith-as-chief-executive-officer-2194780.htm|title=Silent Circle Appoints Gregg Smith as Chief Executive Officer}} Shortly after Smith became CEO, the company moved back from Switzerland to the United States.{{Cite web|url=https://www.cyberscoop.com/back-in-america-with-a-black-eye-silent-circle-rebuilds-focused-on-software/|title = Back in America with a black eye, Silent Circle rebuilds with focus on software|date = 27 July 2017}}

Reception

In November 2014, Silent Phone and Silent Text received top scores on the Electronic Frontier Foundation's secure messaging scorecard, along with "ChatSecure + Orbot", Cryptocat, TextSecure, and "Signal / RedPhone". They received points for having communications encrypted in transit, having communications encrypted with keys the providers don't have access to (end-to-end encryption), making it possible for users to independently verify their correspondent's identities, having past communications secure if the keys are stolen (forward secrecy), having their code open to independent review (open source), having their security designs well-documented, and having recent independent security audits.{{cite web | url = https://www.eff.org/secure-messaging-scorecard | publisher = Electronic Frontier Foundation | title = Secure Messaging Scorecard. Which apps and tools actually keep your messages safe? | date = 2014-11-04}}

However, as of August 2020, the page for the secure messaging scorecard states that it is out of date and should not be used in privacy- and security-related decision-making.

Products

The company's products{{cite web|last=Ridden|first=Paul|title=PGP creator aims to keep digital communications strictly confidential with Silent Circle|date=30 July 2012|url=http://www.gizmag.com/silent-circle-encryption-suite/23500/|publisher=Gizmag|accessdate=12 March 2013}} enable encrypted mobile phone calls, text messaging, and video chat.

=Current=

Its current products include the following:

Silent Phone: Encrypted voice calls, video calls and text messages on mobile devices. Currently available for iOS, Android, and Silent Circle’s Silent OS on Blackphone. It can be used with Wi-Fi, EDGE, 3G or 4G cellular anywhere in the world.

=Discontinued=

Its discontinued products include the following:

Blackphone: A smartphone designed for privacy created by Silent Circle and built by SGP Technologies, a joint venture between Silent Circle and Geeksphone. There have been no more news or updates since 2018. PrivatOS was Discontinued on June 30, 2016.{{cite web|title=A Eulogy: PrivatOS. June 1, 2014 – June 30, 2016 - Privacy Delivered|url=https://www.silentcircle.com/blog/an-epitaph-privatos-june-1-2014-june-30-2016-privacy-delivered/|archive-url=https://web.archive.org/web/20160818085653/https://www.silentcircle.com/blog/an-epitaph-privatos-june-1-2014-june-30-2016-privacy-delivered/|url-status=dead|archive-date=18 August 2016|type=Blog|publisher=Silent Circle|accessdate=9 February 2020|date=30 June 2016}}
GoSilent: Personal Firewall with integrated VPN and Cloud Analytics. The product was introduced after Silent Circle acquired Maryland start-up Kesala. It was sold by Silent Circle's new owner in 2018{{Cite web|url=https://technical.ly/baltimore/2018/11/02/attila-security-raises-2-5m-moves-into-fulton-based-datatribe/|title=Attila Security raises $2.5M, moves into Fulton-based DataTribe|date=2 November 2018}}
Silent Text: Discontinued September 28, 2015.{{cite web|title=What is Silent Phone?|url=https://support.silentcircle.com/customer/en/portal/articles/2118686-what-is-silent-phone-|website=Support.silentcircle.com|publisher=Silent Circle|accessdate=4 October 2015|date=17 September 2015}} A stand-alone application for encrypted text messaging and secure cloud content transfer with a “burn notice” feature for permanently deleting messages from devices. Its features were merged into Silent Phone.
Silent Mail: Discontinued August 9, 2013. Silent Mail used to offer encrypted email on Silent Circle’s private, secure network and compatibility with popular email client software.

Silent Circle Instant Message Protocol

Silent Circle Instant Message Protocol (SCIMP) was an encryption scheme that was developed by Vincent Moscaritolo. It enabled private conversation over instant message transports such as XMPP (Jabber).{{cite web|url=https://silentcircle.com/scimp-protocol|archiveurl=https://web.archive.org/web/20150904164326/https://silentcircle.com/products-and-solutions/technology/scimp/|archivedate=4 September 2015|accessdate=13 December 2015|title=Silent Circle's SCIMP page}}{{Citation needed|date=November 2017}}

SCIMP provided encryption, perfect forward secrecy and message authentication.{{cite web|url=https://silentcircle.com/sites/default/themes/silentcircle/assets/downloads/SCIMP_paper.pdf|archiveurl=https://web.archive.org/web/20150402122917/https://silentcircle.com/sites/default/themes/silentcircle/assets/downloads/SCIMP_paper.pdf|archivedate=2 April 2015|title=Silent Circle Instant Messaging Protocol Protocol Specification|author1=Moscaritolo, Vinnie |author2=Belvin, Gary |author3=Zimmermann, Phil |publisher= Silent Circle|date=5 December 2012|accessdate=31 October 2013}} It also handled negotiating the shared secret keys.

=History=

The protocol was used in Silent Text. Silent Text was discontinued on September 28, 2015, when its features were merged into Silent Circle's encrypted voice calling application called Silent Phone. At the same time, Silent Circle transitioned to using a protocol that uses the Double Ratchet Algorithm instead of SCIMP.{{cite web|last1=Armasu|first1=Lucian|title=TextSecure, RedPhone Private Communications Apps Now Combined Into 'Signal' App|url=http://www.tomshardware.com/news/signal-unifies-textsecure-redphone-apps,30471.html|website=Tom's Hardware|publisher=Purch Group, Inc.|accessdate=8 March 2016|date=3 November 2015}}

Business model

The company is privately funded and operates under a subscription business model.

References

External links

{{Official website|https://www.silentcircle.com/}}

Category:Cryptographic software

Category:Cryptography companies

Category:Swiss brands