Call me a masochist, Jolla is sitting next to me yet I still bang on the keyboard and let the 'soon' last a little longer , still was thinking about this for a while, so here goes.

The question: How can you tell? (if your device is secure, if the app doesn't sneakily send out your private data)

First thing that comes to mind:

Wireshark on device -> Yamas or any other MITM tool (N900 should work nicely for this, also wireshark on it doesn't have to wait for Wayland support) -> router

Compare what Wireshark gives you vs what Yamas captures, matches = no low level sneaky stuff in OS (is this positive/conclusive? can something sneak through MITM?)

Verifying apps is getting a little trickier. Sure you can capture, but most apps will encode data, so even if you get same dump, you will not know what is inside (your contacts/addresses?). Yamas will help only with https, so no luck here.
One way would be to provide crooked ssl.so that is decodable/predictable, though seeing what measures people put in skype vs reveng one could assume an NSA app will come with its own libraries.
Play with the clock/random number generator of the device (would that be even possible or would the whole system crash/die?) so their own lib generates multiple times the same encoding (prepare contacts and all other worth stealing info on the device so you can repeat this as many times as you want and deduce the algorithm from there?)

So, is there a way to really NSA-proof yourself? (even if proprietary-binary scenario with fake .so's is unrealistic, would vetting the system with Wireshark/MITM actually give some insight?)

As long as "all other people", as in people you interact with on a day to day basis, use apps/tools without a sufficient crypto, you might aswell accept that you are being monitored . Even if you can prove that the phone itself is "clean" - what about all the traffic you send and receive e.g. over your carrier network? So the only proofing there is, is strong end to end crypto - and there should at least be android apps for that.

Well, if you vet the OS, you can interact with people who will install same PGP based app for IM that uses some 'safe' (yeah, I know, but it is doable, upload your public key to piratebay, deal with it NSA) communication channel, carrier can do nothing (even encrypted voice calls could work if you are sure the OS/base is safe, maybe a bit of lag)

Well even if there are options (and yes of course it is doable ), the fact and the matters is, that it is really hard to convince average joe (even if average joe happens to be a family member/a good friend) to transition away from skype or application X, or just ordinary voice calls.

The idea is not about one-button-click secure from NSA solution, this will never happen, more about: is it even possible? Some claim 'there is no NSA on Jolla', I would really like to believe it. How can (is it at all possible, skipping the obvious 'linux kernel openness vs billions of dollars NSA can pay for 0-days' dilemma) one check/investigate what is happening with his device. (yeah carrying Jolla + separate device for communication will not work, BTS usage will identify you instantly (jolla on wifi only, no data/roaming with macchanger every 5 minutes? I hope this is like Neo900 where you will be able to trust modem is actually OFF without removing the battery), but can jolla be 'safe' as for carrying corporate documents? I would not trust WP/iOS/Android for such)

The fact that we're having to think about NSA-proofing our devices is going to crest and the thoughts of "Why even use this stuff?" needs to start happening... but not at risk of hurting companies like Jolla, but to state that we're just "tired of it and we're not taking it anymore..."

I'm going to subscribe to this thread. Can't wait to see if anything actually comes out of it.

I don't think there is a practical way to proof that the device is totally safe, unless you're able to make it live all the time 'sandboxed' into your own tapping monitoring: your own (portable) BTS to bridge GSM communications and similarly for WLAN.
As, what if the Qualcomm firmware every second full moon and x MB of traffic decides to 'fart out' to somewhere a concise summary of your last communications? It would be a needle in a haystack that not even the sailors who signed NDAs with their providers would know its existance.

Actually this is something that I have been thinking about, it is far from impossible

An "one-click-safe-from-NSA-voicecalls" solution;

• 1.) prerequisities; Both A&B subscribers have the encryption software installed in their devices
• 2.) normal CS/PS voice call initiation
• 3.) when both parties have verified that the other end is who it is supposed to be, they enter secure mode by starting the encryption application
• 4.) the encrypting applications take over the voice channel, users are cut out from audio;
  - Layer 1 is audio modulation with fairly low bitrate and similar characteristics as speech range so that it passes reasonably unaltered through echo cancellation and other mangling that RAN does to it.
  - TCP/IP over that carries the connection data
  - SSL handshaking takes care of protecting the connection
  - finally the voice connection is now run on top of the secure connection
• 5.) users have end-to-end encrypted voice channel for the duration of the rest of the call

There was a study and demonstration set up with N900 devices, I belive. It would be easy to have this kind of system on multiple platforms, you'd not be limited to use this only on Jolla-to-Jolla calls.


The scenario I suggested above will of course not hide your device location, nothing can be used to do that if you want ot be on a public cellullar network, but there are ways of hiding who you are communicating with;
Imagine that instead of having a direct voicecall between A&B subscribers you could also set up the system so that both parties have their own connection point in their own controlled networks. After each party sets up connection to their own systems, call could be routed via TOR or similar approach between the connection points

Isn't this a lot like RedPhone (open sauce!) ?
The main problem with phone call encryption is that you're either dealing with the restraints of mobile data latencies (eww) or the already-low bandwidth of a GSM call (eww eww).

The best approach would be to implement proper, endpoints-only, key exchange and modern encryption algorithms, possibly with rekeying to prevent dictionary/hash table attacks as part of mobile standards.
But the spooks won't let us have that

It's not too late to change though - we could have this in VoLTE. Nobody uses it yet - maybe someone at ITU could propose this change?

I know of only one possibly viable, practical (temporary)solution that I would be confident in.

There are 2 problems to remember when securing your Android device, #1 is that because Android is not open source, it is more likely to have backdoors in it for the NSA, just as Windows or Apple products do. For that reason it will be vulnerable even with encryption tools such as Redphone so long as Anddroid is installed. This is akin to how HTML5 video tags (and scripts etc.) can leak DNS info while you are on the TOR network, usurping the security it provides.

Secondly, even if you put an open source alternative to it such as Replicant on the device, there is the fact that all network traffic is being monitored. This is where encryption comes in.

Now as was previously mentioned, encryption over these networks can cause problems with call quality. So the only alternative I can think of is this:

1. Use an open source OS such as Replicant
2. Make calls via WIFI rather than the cellular network and encrypt them.

Now no2 is a bit tricky because most people prefer Skype which will also allow such calls but it's a Microsoft product and will never be secure. So the trickiest part is to ditch Skype and convince your circle of colleagues to do the same, in favor of a SIP application such as linphone or CSipSimple and use something that encrypts it as securely as possible such as the FREE Ostel.co service.

The details on doing this, as well as lots of excellent tips and links to securing your data from the treasonous cold war being levied on us by traitors in the NSSA can be found at:

http:///prism-break.org

Now this will mean that you will need to use WIFI(not 3g etc.) to make calls, but if security is important to you, then you will adapt to this or just keep it to yourself.