New Signal iOS app allows free encrypted voice calls

With concerns about government spying seemingly at an all-time high, a new iOS app allows users to make secure phone calls from one iPhone to another at no cost.

Signal iOS app


Signal is a new, open-source software application for the iPhone that was released this week. It allows iPhone users to easily make calls — over Wi-Fi and cellular data networks — that are end-to-end encrypted for complete privacy.

The app, which uses the popular open-source ZRTP protocol for voice communication, uses the users’ cell phone number as a login with SMS text verification. There is no password or login required, and the app pulls contact information from the iPhone’s own address book for a more seamless experience.

By default, only users who have already downloaded Signal will show up in the contacts list. However, placing a call to others will send a text message that prompts them to download the free app.

To assure that the call is secure, users are shown a pair of code words on their iPhone’s screen at the start of a Signal call. If the words are the same to both users, it means a secure connection has been implemented. Were the conversation intercepted by a third-party, the words would not match.

Signal is able to make calls to other iPhones using this app, plus Android devices running RedPhone, a similar app for Android devices.

Currently, the app can only make voice calls, but the company says it’s planning a secure text communication component later this year that will be compatible with TextSecure, a secure texting app on the Android platform.

Both TextSecure and RedPhone are made by Open Whisper Systems, the same company that makes Signal, and it said that both apps will be combined into a single Signal app on Android as well. There is also a browser extension being developed.

During testing, the voice quality of Signal was similar to a normal phone call, though with the added benefits (and negatives) of other VoIP calling services. All calls are free, even when made between international destinations.

For business customers looking to ensure that their calls are kept private, particularly when traveling overseas, Signal could be a great solution. The (relative) ease of setup, along with automatic and password-free logins make this a fairly seamless solution for the security-minded user.

Signal uses Apple’s iOS push notification system to notify the user of incoming phone calls, which saves battery life and keeps the app from needing to run constantly in the background.

Of course, there is never certainty when working with allegedly secure communications platforms, but the open-source Signal is open to investigation by security specialists.

The ZRTP protocol is also used by Silent Circle, a similar encrypted text and voice calling app. However, it charges users $20 (USD) per month, while the Signal app is free.

How do you make secure calls on your iOS device? Let us know in the discussion thread below.


Wireshark won’t start and ask for X11 with OSX Mavericks

With the latest OSX Mavericks 10.9 release, Wireshark refuse to open and complain about X11.
First, make sure you have the latest XQuartz installed. It can be found at :

(Make sure to logoff/login again to your session once you installed it.)
Then, if you attempt to open up Wireshark, you’ll end up with a message saying Wireshark cannot find X11 :

Where is X11?

Just select XQuartz manually here :

You might see the Wireshark icon in your Dock, however the window might not be visible yet. Close the program.
Open XQuartz and type the following command:

Wireshark should open normally from now.


HOW TO: Run Cisco ASDM “demo mode” on a Mac!

Demo mode is designed for windows but will also work on MACs.  This is not something supported by Cisco or found in there docs.  It is more of a hack, but a useful one for those (like me) that don’t like to run fusion on their MACs.  Here is how you get it to work on a MAC running Lion:

-First, On your MAC install the ASDM launcher by connecting to an ASA via a web browser and clicking install launcher.

-Second, download and install ASDM demo .msi on a Windows PC.

-Next, Copy the Demo folder contents from C:\Program Files\Cisco Systems\ASDM to your MAC.

-On your MAC,  open the folder the launcher app is in (usually applications\Cisco) and right click on the launcher app. Now click show package contents

-A new finder window will open.  Navigate to /Applications/ASDM/Cisco

-Finally, copy the contents of the windows demo folder into this folder.  Now Mac launcher demo should work great!

Here is a screenshot of ASDM demo mode on a Mac:











Installing and configuring GPGTools

*Note* This guide covers Mac OS 10.5 and up. (Universal to Intel)

What is GPG Tools?

GPGTools is a collection of several softwares, bringing encryption/decryption and signing of e-mails and files, to you on your mac. The main goal is to bring OpenPGP – in the form of an easy installer package based on MacGPG – to Apple’s OS X. Read the introduction, in order to get a detailed idea of how PGP works.

In order to install GPGTools you must have administrator privileges.

Downloading and Installing GPGTools

To download GPGtools for Mac OS X 10.9 click here.

(1) Click on the Download link and save the .dmg file to your machine.

GPGTools Download window.png

(2) Navigate to where you saved the GPGTools.dmg file and double click it to begin the installation.
(3) Now double click on GPGTools.mpkg

GPGTools Installer 1.png

(4) Next you will be prompted with a security warning, Click Continue to proceed.
GPGTools Installer warning.png
(5) On the Welcome to the GPGTools Installer window click Continue.

GPGTools Installer 2.png

(6) Now select the Volume where you want to Install GPGTools and click Continue.

GPGTools Installer 3.png

(7) Next you can choose what packages you want to install. Once you have made your choices click Continue. (All packages will be selected by default)

GPGTools Installer 4.png

(8) Now click Install.

GPGTools Installer 5.png

(9) Next you will be prompted to enter an Administrator name and password and click OK.

Once the Installer completes your default browser (Firefox) and the Application GPG Keychain Access will launch automatically.

GPGTools Installer Password.png

(10) Finally click close to complete the Installation.

GPGTools Installer Final.png

As mentioned above in step (9) Once the Installer completes your default browser and GPG Keychain will launch automatically.

Your default browser will display the following page

This page will walk you through the steps on how to Generate a Key, send your first encrypted email and finally there is a quick how to video displaying the entire process of Key Generation, composing, encrypting and sending an email.

When the GPG Keychain Access app launches you will see the windows displayed below.
GPG First Launch.png

That’s it for the GPGTools Installer.

GPG Keychain Access and how to Generate a new key pair

GPG Keychain

Now here’s a closer look at the GPG Keychain Access app and how to Generate a new key pair.

This guide will cover all options available in the Key Generation process a little later on in this guide.

For now click the arrow to the left of the Advanced options menu to display the Advanced options.

Generate Key Pair.png

Once you click the arrow you will see the window displayed below.

*Please note* You do not need to enter your real name, or a valid email address when generating a new key pair. In addition the comment field can also be left blank. An example of this is displayed below.

*The name you choose must be at least 5 characters in length*

Generate Key Pair 2.png

Now let’s take a look at all the options available in this window.
Option 1

The Upload key after generation box

If you leave this box checked your public key will be uploaded to the default key server located at hkp://

This public key will allow someone I.E. your friends, co-workers, family who retrieve it from the keyserver to decrypt and verify your signed and encrypted emails.

In order for someone to retrieve your public key from the keyserver they need to know your name, email address or some sort of identifying information about your key in order to locate it on the server.

“Anyone with a copy of your public key can then encrypt information that only you can read. Even people you have never met.

It is computationally infeasible to deduce the private key from the public key. Anyone who has a public key can encrypt information but cannot decrypt it.

Only the person who has the corresponding private key can decrypt the information.”

To read the full text quoted above click here and read the Public key cryptography section.
Option 2

The Key Type menu

Here you can choose the encryption algorithm for your keys.

RSA and RSA will be selected by default.

Other options are displayed below.

Key Type 1.png
Option 3

The Key Length menu

In the Key length menu you can choose how large you want your key to be. Larger keys will be cryptographically more secure.

The key sizes are 1024, 2048, 3072 and 4096.

If what you want to maximize your security you might want to use the 4096 key length.

Here’s a little perspective about key length;

Keys are really, really, really big numbers. The key size is measured in bits and the number that represents a 1024-bit key is huge.

Option 4

The Key expires box

If you want your key to automatically expire after a certain date set your desired expiry date and check this box.

Once you have made all your key option choices click Generate key.

Note: A key pair consists of a Secret and public key. Secret and Public Keys will be covered later on in this guide.

Generate Key Pair Modified.png

The next step in the key generation process is to choose a passphrase. Choose wisely.

The best passphrases are long, complex and contain a combination of upper and lowercase letters, numeric and punctuation characters.

The passphrase you choose should be hard for you to forget and difficult for others to guess.

If you forget your passphrase, you are out of luck.

Once you have chosen a passphrase click OK.

Passphrase 1.png

Now you will need to re-enter your passphrase then click OK.

Passphrase 2.png

The final step in key generation is you will need to produce some entrophy.


What is entropy?

Entropy is basically randomness. Computers aren’t very good at being random this is where you come in.

By moving the mouse randomly and hitting random keys, you are making your computer process random instructions.

This will generate a much stronger key pair than if you did nothing at all.

To learn more about entrophy click here.

To learn more about random numbers generation click here.

That’s it for Key generation.

You will now see something like the image displayed below with your newly created key highlighted in blue.

GPG Keychain Access 1.png

And that’s the basics of Key generation.

Setting up and sending encrypted emails

For email client setup related to Apple’s Mail application, check out the tutorials located here. The list of tutorials include, key generation, Apple’s Mail client setup and finally sending your first encrypted email.