Misplaced Pages

#199800

63-527: In November 2011, Mike Janke called Phil Zimmermann with an idea for a new kind of private, secure version of Skype . Zimmermann agreed to the project and called Jon Callas , co-founder of PGP Corporation and Vincent Moscaritolo. Janke brought in security expert Vic Hyder, and the founding team was established. The company was founded in the Caribbean island of Nevis , but moved its headquarters to Le Grand-Saconnex near Geneva, Switzerland in 2014 in search of

126-629: A software engineer on the Nuclear Weapons Freeze Campaign as a military policy analyst . From 2016 to 2021, he worked at Delft University of Technology as an Associate Professor in the Cybersecurity section at the Faculty of Electrical Engineering, Mathematics, and Computer Science. In 1991, he wrote the popular Pretty Good Privacy (PGP) program, and made it available (together with its source code) through public FTP for download,

189-514: A 3G handset or USB wireless broadband adapter, the IP address has no relationship with any physical location known to the telephony service provider, since a mobile user could be anywhere in a region with network coverage, even roaming via another cellular company. At the VoIP level, a phone or gateway may identify itself by its account credentials with a Session Initiation Protocol (SIP) registrar. In such cases,

252-402: A computer or mobile device), will connect to the VoIP service remotely. These connections typically take place over public internet links, such as local fixed WAN breakout or mobile carrier service. In the case of a private VoIP system, the primary telephony system itself is located within the private infrastructure of the end-user organization. Usually, the system will be deployed on-premises at

315-509: A country with "stronger privacy laws to protect its customers' information." On August 9, 2013, through their website, Silent Circle announced that the Silent Mail service would be shut down, because the company could "see the writing on the wall" and felt it was not possible to sufficiently secure email data with the looming threat of government compulsion and precedent set by the Lavabit shutdown

378-487: A few and must be used in concert. These functions include: VoIP protocols include: Mass-market VoIP services use existing broadband Internet access , by which subscribers place and receive telephone calls in much the same manner as they would via the PSTN. Full-service VoIP phone companies provide inbound and outbound service with direct inbound dialing . Many offer unlimited domestic calling and sometimes international calls for

441-555: A first-come, first-served basis. Fixed delays cannot be controlled as they are caused by the physical distance the packets travel. They are especially problematic when satellite circuits are involved because of the long distance to a geostationary satellite and back; delays of 400–600 ms are typical. Latency can be minimized by marking voice packets as being delay-sensitive with QoS methods such as DiffServ . Network routers on high volume traffic links may introduce latency that exceeds permissible thresholds for VoIP. Excessive load on

504-482: A flat monthly subscription fee. Phone calls between subscribers of the same provider are usually free when flat-fee service is not available. A VoIP phone is necessary to connect to a VoIP service provider. This can be implemented in several ways: It is increasingly common for telecommunications providers to use VoIP telephony over dedicated and public IP networks as a backhaul to connect switching centers and to interconnect with other telephony network providers; this

567-453: A framework for consolidation of all modern communications technologies using a single unified communications system. Voice over IP has been implemented with proprietary protocols and protocols based on open standards in applications such as VoIP phones, mobile applications, and web-based communications . A variety of functions are needed to implement VoIP communication. Some protocols perform multiple functions, while others perform only

630-470: A given network path due to competition from other users for the same transmission links. VoIP receivers accommodate this variation by storing incoming packets briefly in a playout buffer , deliberately increasing latency to improve the chance that each packet will be on hand when it is time for the voice engine to play it. The added delay is thus a compromise between excessive latency and excessive dropout , i.e. momentary audio interruptions. Although jitter

693-448: A link can cause congestion and associated queueing delays and packet loss . This signals a transport protocol like TCP to reduce its transmission rate to alleviate the congestion. But VoIP usually uses UDP not TCP because recovering from congestion through retransmission usually entails too much latency. So QoS mechanisms can avoid the undesirable loss of VoIP packets by immediately transmitting them ahead of any queued bulk traffic on

SECTION 10

#1732870085200

756-530: A media gateway (aka IP Business Gateway) and connects the digital media stream, so as to complete the path for voice and data. Gateways include interfaces for connecting to standard PSTN networks. Ethernet interfaces are also included in the modern systems which are specially designed to link calls that are passed via VoIP. E.164 is a global numbering standard for both the PSTN and public land mobile network (PLMN). Most VoIP implementations support E.164 to allow calls to be routed to and from VoIP subscribers and

819-439: A service provider or telecommunications carrier hosting the telephone system as a software solution within their own infrastructure. Typically this will be one or more data centers with geographic relevance to the end-user(s) of the system. This infrastructure is external to the user of the system and is deployed and maintained by the service provider. Endpoints, such as VoIP telephones or softphone applications (apps running on

882-567: A site within the direct control of the organization. This can provide numerous benefits in terms of QoS control (see below ), cost scalability, and ensuring privacy and security of communications traffic. However, the responsibility for ensuring that the VoIP system remains performant and resilient is predominantly vested in the end-user organization. This is not the case with a Hosted VoIP solution. Private VoIP systems can be physical hardware PBX appliances, converged with other infrastructure, or they can be deployed as software applications. Generally,

945-441: A subscriber to select a new telephone carrier without requiring a new number to be issued. Typically, it is the responsibility of the former carrier to "map" the old number to the undisclosed number assigned by the new carrier. This is achieved by maintaining a database of numbers. A dialed number is initially received by the original carrier and quickly rerouted to the new carrier. Multiple porting references must be maintained even if

1008-1037: A threat to democracy and privacy, because of their profit-oriented revenue models that "are all about exploiting our personal information" and "[deepen] the political divides in our culture", and hoped Okuna would help solve these problems. In 2013, an article on "Zimmermann's Law" quoted Phil Zimmermann as saying "The natural flow of technology tends to move in the direction of making surveillance easier", and "the ability of computers to track us doubles every eighteen months", in reference to Moore's law . Zimmermann has received numerous technical and humanitarian awards for his pioneering work in cryptography : Simon Singh 's The Code Book devotes an entire chapter to Zimmermann and PGP. In 2022 Steven Johnson covered his story and achievements in Zimmermann's profile for Hidden Heroes - The Crypto Wars: How Philip Zimmermann Fought for Our Right to Privacy. VoIP Voice over Internet Protocol ( VoIP ), also called IP telephony ,

1071-448: A variety of other applications. DSL modems typically provide Ethernet connections to local equipment, but inside they may actually be Asynchronous Transfer Mode (ATM) modems. They use ATM Adaptation Layer 5 (AAL5) to segment each Ethernet packet into a series of 53-byte ATM cells for transmission, reassembling them back into Ethernet frames at the receiving end. Using a separate virtual circuit identifier (VCI) for voice over IP has

1134-519: Is a method and group of technologies for voice calls for the delivery of voice communication sessions over Internet Protocol (IP) networks, such as the Internet . The broader terms Internet telephony , broadband telephony , and broadband phone service specifically refer to the provisioning of voice and other communications services ( fax , SMS , voice messaging ) over the Internet, rather than via

1197-470: Is a random variable, it is the sum of several other random variables that are at least somewhat independent: the individual queuing delays of the routers along the Internet path in question. Motivated by the central limit theorem , jitter can be modeled as a Gaussian random variable . This suggests continually estimating the mean delay and its standard deviation and setting the playout delay so that only packets delayed more than several standard deviations above

1260-399: Is characterized by several metrics that may be monitored by network elements and by the user agent hardware or software. Such metrics include network packet loss , packet jitter , packet latency (delay), post-dial delay, and echo. The metrics are determined by VoIP performance testing and monitoring. A VoIP media gateway controller (aka Class 5 Softswitch) works in cooperation with

1323-708: Is focused on VoIP for medium to large enterprises, while another is targeting the small-to-medium business (SMB) market. Skype , which originally marketed itself as a service among friends, has begun to cater to businesses, providing free-of-charge connections between any users on the Skype network and connecting to and from ordinary PSTN telephones for a charge. In general, the provision of VoIP telephony systems to organizational or individual users can be divided into two primary delivery methods: private or on-premises solutions, or externally hosted solutions delivered by third-party providers. On-premises delivery methods are more akin to

SECTION 20

#1732870085200

1386-595: Is generally uncommon for those private connectivity methods to be provided by Hosted or Cloud VoIP providers. Communication on the IP network is perceived as less reliable in contrast to the circuit-switched public telephone network because it does not provide a network-based mechanism to ensure that data packets are not lost, and are delivered in sequential order. It is a best-effort network without fundamental quality of service (QoS) guarantees. Voice, and all other data, travels in packets over IP networks with fixed maximum capacity. This system may be more prone to data loss in

1449-491: Is no longer necessary to carry both a desktop phone and a cell phone. Maintenance becomes simpler as there are fewer devices to oversee. VoIP solutions aimed at businesses have evolved into unified communications services that treat all communications—phone calls, faxes, voice mail, e-mail, web conferences, and more—as discrete units that can all be delivered via any means and to any handset, including cellphones. Two kinds of service providers are operating in this space: one set

1512-471: Is often referred to as IP backhaul . Smartphones may have SIP clients built into the firmware or available as an application download. Because of the bandwidth efficiency and low costs that VoIP technology can provide, businesses are migrating from traditional copper-wire telephone systems to VoIP systems to reduce their monthly phone costs. In 2008, 80% of all new Private branch exchange (PBX) lines installed internationally were VoIP. For example, in

1575-519: Is packetized and transmission occurs as IP packets over a packet-switched network . They transport media streams using special media delivery protocols that encode audio and video with audio codecs and video codecs . Various codecs exist that optimize the media stream based on application requirements and network bandwidth; some implementations rely on narrowband and compressed speech , while others support high-fidelity stereo codecs. The most widely used speech coding standards in VoIP are based on

1638-444: Is received by a center the location is automatically determined from its databases and displayed on the operator console. In IP telephony, no such direct link between location and communications end point exists. Even a provider having wired infrastructure, such as a DSL provider, may know only the approximate location of the device, based on the IP address allocated to the network router and

1701-412: Is to reduce the maximum transmission time by reducing the maximum transmission unit . But since every packet must contain protocol headers, this increases relative header overhead on every link traversed. The receiver must resequence IP packets that arrive out of order and recover gracefully when packets arrive too late or not at all. Packet delay variation results from changes in queuing delay along

1764-489: The Dark Mail Alliance . The goal of the organization is to work on a new protocol to replace PGP that will encrypt email metadata, among other things that PGP is not capable of. Zimmermann was also involved in the social network Okuna , formerly Openbook, which aimed to be an ethical and privacy-friendly alternative to existing social networks, especially Facebook . He sees today's established social media platforms as

1827-458: The E.164 number to URI mapping (ENUM) service in IMS and SIP. Echo can also be an issue for PSTN integration. Common causes of echo include impedance mismatches in analog circuitry and an acoustic path from the receive to transmit signal at the receiving end. Local number portability (LNP) and mobile number portability (MNP) also impact VoIP business. Number portability is a service that allows

1890-861: The linear predictive coding (LPC) and modified discrete cosine transform (MDCT) compression methods. Popular codecs include the MDCT-based AAC-LD (used in FaceTime ), the LPC/MDCT-based Opus (used in WhatsApp ), the LPC-based SILK (used in Skype ), μ-law and A-law versions of G.711 , G.722 , and an open source voice codec known as iLBC , a codec that uses only 8 kbit/s each way called G.729 . Early providers of voice-over-IP services used business models and offered technical solutions that mirrored

1953-400: The public switched telephone network (PSTN), also known as plain old telephone service (POTS). The steps and principles involved in originating VoIP telephone calls are similar to traditional digital telephony and involve signaling, channel setup, digitization of the analog voice signals, and encoding. Instead of being transmitted over a circuit-switched network , the digital information

Silent Circle (software) - Misplaced Pages Continue

2016-543: The PSTN/PLMN. VoIP implementations can also allow other identification techniques to be used. For example, Skype allows subscribers to choose Skype names (usernames) whereas SIP implementations can use Uniform Resource Identifier (URIs) similar to email addresses . Often VoIP implementations employ methods of translating non-E.164 identifiers to E.164 numbers and vice versa, such as the Skype-In service provided by Skype and

2079-967: The United States, the Social Security Administration is converting its field offices of 63,000 workers from traditional phone installations to a VoIP infrastructure carried over its existing data network. VoIP allows both voice and data communications to be run over a single network, which can significantly reduce infrastructure costs. The prices of extensions on VoIP are lower than for PBX and key systems. VoIP switches may run on commodity hardware, such as personal computers . Rather than closed architectures, these devices rely on standard interfaces. VoIP devices have simple, intuitive user interfaces, so users can often make simple system configuration changes. Dual-mode phones enable users to continue their conversations as they move between an outside cellular service and an internal Wi-Fi network, so that it

2142-420: The United States. The maximum strength allowed for legal export has since been raised and now allows PGP to be exported. The investigation lasted three years, but was finally dropped without filing charges after MIT Press published the source code of PGP. In 1995, Zimmermann published the book PGP Source Code and Internals as a way to bypass limitations on exporting digital code. Zimmermann's introduction says

2205-426: The architecture of the legacy telephone network. Second-generation providers, such as Skype , built closed networks for private user bases, offering the benefit of free calls and convenience while potentially charging for access to other communication networks, such as the PSTN. This limited the freedom of users to mix-and-match third-party hardware and software. Third-generation providers, such as Google Talk , adopted

2268-548: The book contains "all of the C source code to a software package called PGP" and that the unusual publication in book form of the complete source code for a computer program was a direct response to the U.S. government's criminal investigation of Zimmermann for violations of U.S. export restrictions as a result of the international spread of PGP's use. After the government dropped its case without indictment in early 1996, Zimmermann founded PGP Inc. and released an updated version of PGP and some additional related products. That company

2331-446: The classic PBX deployment model for connecting an office to local PSTN networks. While many use cases still remain for private or on-premises VoIP systems, the wider market has been gradually shifting toward Cloud or Hosted VoIP solutions. Hosted systems are also generally better suited to smaller or personal use VoIP deployments, where a private system may not be viable for these scenarios. Hosted or Cloud VoIP solutions involve

2394-399: The concept of federated VoIP . These solutions typically allow dynamic interconnection between users in any two domains of the Internet, when a user wishes to place a call. In addition to VoIP phones , VoIP is also available on many personal computers and other Internet access devices. Calls and SMS text messages may be sent via Wi-Fi or the carrier's mobile data network. VoIP provides

2457-558: The day before. In January 2015, Silent Text had a serious vulnerability that allowed an attacker to remotely take control of a Blackphone device. A potential attacker only needed to know the target’s Silent Circle ID number or phone number. Blackphone and Silent Circle patched the vulnerability shortly after it had been disclosed. In March 2015 there was a controversy when Information Security specialist and hacker Khalil Sehnaoui identified that Silent Circle's warrant canary had been removed from their site. In January 2017 Gregg Smith

2520-436: The enterprise markets because of LCR options, VoIP needs to provide a certain level of reliability when handling calls. A telephone connected to a land line has a direct relationship between a telephone number and a physical location, which is maintained by the telephone company and available to emergency responders via the national emergency response service centers in form of emergency subscriber lists. When an emergency call

2583-421: The first widely available program implementing public-key cryptography . Shortly thereafter, it became available overseas via the Internet, though Zimmermann has said he had no part in its distribution outside the United States. The very first version of PGP included an encryption algorithm, BassOmatic , developed by Zimmermann. After a report from RSA Security , who were in a licensing dispute with regard to

Silent Circle (software) - Misplaced Pages Continue

2646-404: The jitter buffer. VoIP metrics reports are exchanged between IP endpoints on an occasional basis during a call, and an end of call message sent via SIP RTCP summary report or one of the other signaling protocol extensions. VoIP metrics reports are intended to support real-time feedback related to QoS problems, the exchange of information between the endpoints for improved call quality calculation and

2709-508: The known service address. Some ISPs do not track the automatic assignment of IP addresses to customer equipment. IP communication provides for device mobility. For example, a residential broadband connection may be used as a link to a virtual private network of a corporate entity, in which case the IP address being used for customer communications may belong to the enterprise, not the residential ISP. Such off-premises extensions may appear as part of an upstream IP PBX. On mobile devices, e.g.,

2772-525: The latter two options will be in the form of a separate virtualized appliance. However, in some scenarios, these systems are deployed on bare metal infrastructure or IoT devices. With some solutions, such as 3CX, companies can attempt to blend the benefits of hosted and private on-premises systems by implementing their own private solution but within an external environment. Examples can include data center collocation services, public cloud, or private cloud locations. For on-premises systems, local endpoints within

2835-498: The mean will arrive too late to be useful. In practice, the variance in latency of many Internet paths is dominated by a small number (often one) of relatively slow and congested bottleneck links . Most Internet backbone links are now so fast (e.g. 10 Gbit/s) that their delays are dominated by the transmission medium (e.g. optical fiber) and the routers driving them do not have enough buffering for queuing delays to be significant. A number of protocols have been defined to support

2898-475: The network root prefix to determine how to route a call. Instead, they must now determine the actual network of every number before routing the call. Therefore, VoIP solutions also need to handle MNP when routing a voice call. In countries without a central database, like the UK, it may be necessary to query the mobile network about which home network a mobile phone number belongs to. As the popularity of VoIP increases in

2961-405: The number is routed to a mobile phone number on a traditional mobile carrier. LCR is based on checking the destination of each telephone call as it is made, and then sending the call via the network that will cost the customer the least. This rating is subject to some debate given the complexity of call routing created by number portability. With MNP in place, LCR providers can no longer rely on using

3024-416: The page for the secure messaging scorecard states that it is out of date and should not be used in privacy- and security-related decision-making. The company's products enable encrypted mobile phone calls, text messaging, and video chat. Its current products include the following: Its discontinued products include the following: Silent Circle Instant Message Protocol (SCIMP) was an encryption scheme that

3087-748: The potential to reduce latency on shared connections. ATM's potential for latency reduction is greatest on slow links because worst-case latency decreases with increasing link speed. A full-size (1500 byte) Ethernet frame takes 94 ms to transmit at 128 kbit/s but only 8 ms at 1.5 Mbit/s. If this is the bottleneck link, this latency is probably small enough to ensure good VoIP performance without MTU reductions or multiple ATM VCs. The latest generations of DSL, VDSL and VDSL2 , carry Ethernet without intermediate ATM/AAL5 layers, and they generally support IEEE 802.1p priority tagging so that VoIP can be queued ahead of less time-critical traffic. ATM has substantial header overhead: 5/53 = 9.4%, roughly twice

3150-463: The presence of congestion than traditional circuit switched systems; a circuit switched system of insufficient capacity will refuse new connections while carrying the remainder without impairment, while the quality of real-time data such as telephone conversations on packet-switched networks degrades dramatically. Therefore, VoIP implementations may face problems with latency , packet loss, and jitter . By default, network routers handle traffic on

3213-412: The providers don't have access to ( end-to-end encryption ), making it possible for users to independently verify their correspondent's identities, having past communications secure if the keys are stolen ( forward secrecy ), having their code open to independent review ( open source ), having their security designs well-documented, and having recent independent security audits. However, as of August 2020,

SECTION 50

#1732870085200

3276-689: The reporting of quality of service (QoS) and quality of experience (QoE) for VoIP calls. These include RTP Control Protocol (RTCP) extended reports, SIP RTCP summary reports, H.460.9 Annex B (for H.323 ), H.248 .30 and MGCP extensions. The RTCP extended report VoIP metrics block specified by RFC   3611 is generated by an VoIP phone or gateway during a live call and contains information on packet loss rate, packet discard rate (because of jitter), packet loss/discard burst metrics (burst length/density, gap length/density), network delay, end system delay, signal/noise/echo level, mean opinion scores (MOS) and R factors and configuration information related to

3339-497: The same link, even when the link is congested by bulk traffic. VoIP endpoints usually have to wait for the completion of transmission of previous packets before new data may be sent. Although it is possible to preempt (abort) a less important packet in mid-transmission, this is not commonly done, especially on high-speed links where transmission times are short even for maximum-sized packets. An alternative to preemption on slower links, such as dialup and digital subscriber line (DSL),

3402-530: The same location typically connect directly over the LAN . For remote and external endpoints, available connectivity options mirror those of Hosted or Cloud VoIP solutions. However, VoIP traffic to and from the on-premises systems can often also be sent over secure private links. Examples include personal VPN, site-to-site VPN , private networks such as MPLS and SD-WAN, or via private SBCs (Session Border Controllers). While exceptions and private peering options do exist, it

3465-496: The same time, Silent Circle transitioned to using a protocol that uses the Double Ratchet Algorithm instead of SCIMP. The company is privately funded and operates under a subscription business model . Phil Zimmermann Philip R. Zimmermann (born 1954) is an American computer scientist and cryptographer . He is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in

3528-522: The subscriber returns to the original carrier. The Federal Communications Commission (FCC) mandates carrier compliance with these consumer-protection stipulations. In November 2007, the FCC in the United States released an order extending number portability obligations to interconnected VoIP providers and carriers that support VoIP providers. A voice call originating in the VoIP environment also faces least-cost routing (LCR) challenges to reach its destination if

3591-443: The total header overhead of a 1500 byte Ethernet frame. This "ATM tax" is incurred by every DSL user whether or not they take advantage of multiple virtual circuits – and few can. Several protocols are used in the data link layer and physical layer for quality-of-service mechanisms that help VoIP applications work well even in the presence of network congestion . Some examples include: The quality of voice transmission

3654-632: The use of the RSA algorithm in PGP, the United States Customs Service started a criminal investigation of Zimmermann, for allegedly violating the Arms Export Control Act . The United States Government had long regarded cryptographic software as a munition, and thus subject to arms trafficking export controls . At that time, PGP was considered to be impermissible ("high-strength") for export from

3717-626: The world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone . Zimmermann is co-founder and Chief Scientist of the global encrypted communications firm Silent Circle . He was born in Camden, New Jersey . Zimmermann received a B.S. degree in computer science from Florida Atlantic University in Boca Raton, Florida in 1978. In the 1980s, Zimmermann worked in Boulder, Colorado as

3780-473: Was a principal designer of the cryptographic key agreement protocol (the "association model") for the Wireless USB standard. Along with Mike Janke and Jon Callas , in 2012 he co-founded Silent Circle , a secure hardware and subscription based software security company. In October 2013, Zimmermann, along with other key employees from Silent Circle, teamed up with Lavabit founder Ladar Levison to create

3843-567: Was acquired by Network Associates (NAI) in December 1997, and Zimmermann stayed on for three years as a Senior Fellow. NAI decided to drop the product line and in 2002, PGP was acquired from NAI by a new company called PGP Corporation . Zimmermann served as a special advisor and consultant to that firm until Symantec acquired PGP Corporation in 2010. Zimmermann is also a fellow at the Stanford Law School's Center for Internet and Society . He

SECTION 60

#1732870085200

3906-518: Was developed by Vincent Moscaritolo. It enabled private conversation over instant message transports such as XMPP (Jabber). SCIMP provided encryption, perfect forward secrecy and message authentication. It also handled negotiating the shared secret keys. The protocol was used in Silent Text. Silent Text was discontinued on September 28, 2015, when its features were merged into Silent Circle's encrypted voice calling application called Silent Phone. At

3969-767: Was named CEO with a renewed focus on serving the large business space as well as Government entities. At the same time Tony Cole, VP and Global Government CTO of FireEye , was named to the Board of Directors. Shortly after Smith became CEO, the company moved back from Switzerland to the United States. In November 2014, Silent Phone and Silent Text received top scores on the Electronic Frontier Foundation 's secure messaging scorecard, along with " ChatSecure + Orbot ", Cryptocat , TextSecure , and " Signal / RedPhone ". They received points for having communications encrypted in transit, having communications encrypted with keys

#199800