From Bruce Schneier’s excellent Schneier on Security blog:
“Earlier this week, the New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump’s personal cell phone and using the information gleaned to better influence his behavior. This should surprise no one. Security experts have been talking about the potential security vulnerabilities in Trump’s cell phone use since he became president. And President Barack Obama bristled at — but acquiesced to — the security rules prohibiting him from using a “regular” cell phone throughout his presidency.
“Three broader questions obviously emerge from the story. Who else is listening in on Trump’s cell phone calls? What about the cell phones of other world leaders and senior government officials? And — most personal of all — what about my cell phone calls?”
You can read Bruce’s article at: https://www.schneier.com/blog/archives/2018/10/cell_phone_secu_1.html.
Later in the article, Bruce states, “Unfortunately, there’s not much you can do to improve the security of your cell phone.”
I partially disagree.
Yes, Bruce is correct that the normal default operation of cell phones makes them vulnerable to government spies, credit card thieves, hackers, and possibly your ex-spouse’s attorney or private investigator alike. You cannot change the default operation of your cell phone’s calls. However, you can take steps to lock these culprits out: use encryption.
There are several apps that can be installed in iPhones or Android phones to add encryption and thereby probably lock out these spies. The best app for secure text messaging, encrypted two-way voice conversations, and even encrypted two-way video conversations seems to be Signal at https://www.signal.org.
Unlike some other encryption apps for cell phones, Signal is Open Source software. That is, you or anyone else can view the source code to make sure there are no “back door” access methods or anything else that might allow third parties to listen in on your calls. Also, there are no advertisements, no affiliate marketers, and no creepy tracking. Signal is available free of charge to everyone. It will never beg you to upgrade to a paid version or to purchase anything. (Donations are accepted, however.)
The big drawback for Signal and most of the other encryption communication apps is that BOTH USERS in the conversation have to be using the same app. Signal won’t add encryption when you call your dentist’s office (unless you have a very unusual dentist who uses Signal) or for calls to anyone else who is not using Signal or whatever encryption app that you are using.
In short, to place a call with an encryption app, you have to launch the encrypted app you have installed in your cell phone, then select someone to call from the app’s own phone book, not from the generic phone book in your cell phone. If the other person doesn’t have the same encryption app installed that you are using, you won’t be able to add him or her to your app’s own phone book.
Another advantage of Signal is that encrypted calls can be placed over the cellular data network or even over a wi-fi connection, if available. This means you can save significant money in talk time charges, depending upon the agreement you signed with your cellular company, assuming you are within range of a wi-fi connection such as in your home or office.
For instance, at this moment I am in a hotel room in Oslo, Norway. I am making and receiving encrypted calls back home to friends and family over the hotel’s (free) wi-fi connection. I can even make encrypted two-way video calls. The video calls are similar to the iPhone’s FaceTime but with encryption added. I can even talk for hours without incurring any toll charges or roaming charges.
If I didn’t have Signal or a similar app that places calls over wi-fi, I would be charged a small fortune in overseas roaming charges and in normal overseas toll charges by the cellular companies. However, because Signal can work on wi-fi and/or cellular networks, my calls are free of charge as long as I use the wi-fi connection, other than the standard monthly minimum my cellular company charges (in my case, that is $19.95/month in US dollars).
My suggestion is that EVERYONE should be using Signal, at least until an even better app comes along.
Details may be found at https://www.signal.org.
Disclaimer: I am not compensated in any way for writing this article about Signal. I am simply a satisfied user of the Signal app. As a former crypto technician in the U.S. military, I can appreciate the advantages of encrypted telephone, text messaging, and even video calls.