In the wake of an embarrasing and very public display of misdeeds by Detroit mayor Kwame Kilpatrick, I immediately understood the importance of data encryption. Especially, when the information could be official government business or a personal piece of text that you do not want anyone but the recipient to see. I suppose the problem with the current SMS model is that the ILECbehave as a proxy for all information that passes through their servers. So by law, if say AT&T was subpoened for police officials, they would be inclined to give up the data. That simply is bad business. However, what if you could erect your own proxy before the data ever reached their servers?
From my limited knowledge of SMS, I believe it contains similar message headers to that of email. So, I imagine that encryption methods like GPG would suffice to prevent clear text SMS transmissions.
Recently, I was doing a bit of debugging with my ekiga softphone. Running the application with the following flag 'ekiga -d 4 ' revealed all of the message headers associated with initiating a VOIP conversation the To and From headers are very similar to SMTP headers. The ACK and INVITE headers were also quite familiar.
Phil Zimmermann's ZFone application encrypts VOIP traffic quite easily. More accurately, all VOIP traffic that uses established RFC standards. ZFone does not encrypt Skype traffic because Skype does not use SIP or any other industry standard protocol.
I will be looking for an SMS encryption method, you should too..
Encryption was the least of the man issues. I'm pretty sure both of their devices had GPS tracking and investigators were able to triangulate their positions using phone records to get him caught up by lying under oath...
GPS tracking? I think that's used for position, not recording text messages. The cell phone company kept track of those messages, much like ISPs can log all emails that are sent to/from an email server. If those messages are encrypted, then they would still be on the server, but the admins wouldn't have the PGP or GPG keys to unscramble them.
Even so, they would have been better off using voice communication. All of those phone calls would have been logged, but the phone calls would not have been recorded. Of course it's not convenient to talk on the phone to your other woman if you happen to be in the presence of your wife.
I think the simple answer is 1. don't get caught up and 2. don't rely so heavily on text messaging. When encryption for text messages becomes available, it still begs the question "is this something we want to deploy?" Sometimes it's important to hide data (things that you don't want your competitors to see), but you don't want to have this technology leveraged by the wrong forces. Terrorist attacks would become easier to plan, synchronize, and conceal with encryption, for example.
I think the obsession with text messaging is beginning to creep into the 'going too far' category. I watched a cousin of mine send a text message with standard phone keys (not the breakout thumb keyboard on many smartphones), and I was simply blown away by how fast his thumb moved over the buttons as he formed his text message. He typed a message on the phone as fast as I'm typing these words to this screen with this keyboard. I don't understand the fascination with text messaging, because email is already encrypted and many smart phones allow you to send emails just as easily as text messages. There's even IRC clients for smartphones these days. Yet people (including the Detroit mayor) are texting away their lives.
Even if encryption existed for SMS dude would have still been caught since the pagers belonged to the government. 1) There is no expectation of privacy. 2) If encryption was employed, it would have been at the behest of the government meaning they could have defeated it if need be. 3) A subpoena is not needed because the pager/account was not Kilpatrick's personal pager/account.
This is simply a case of not using your employer's resources for personal/private activities. They own all data associated with those resources. Furthermore, if you work for the government, your employer is "the people" and everything is a matter of public record.