Silent Circle has confirmed allegations that their privacy software has been completely useless. A memory corruption vulnerability allowed decryption of private messages to any attacker with the victim's user ID or phone number. The attacker can trigger the flaw by sending a hostile text message. Silent Circle is no stranger to this kind of embarrassment; a few months after receiving 30 million dollars in funding, a Blackphone was rooted by hackers at DEFCON. Discouraged former users of this pathetic device should be comforted to know that proper cryptography will likely be made user friendly by the end of the year. Until then, people who wish to obscure their messages from the prying eyes of big brother should stick to the classics.
ya