...
Here are descriptions of the more relevant changes in
Brand | ||
---|---|---|
|
Brand | ||
---|---|---|
|
Message persistency, protected PIN
In previous version of PrivateGSM, message are transient and their content disappear 15 minutes reading.
...
Brand | |
---|---|
|
...
Brand | ||
---|---|---|
|
...
Brand | ||
---|---|---|
|
...
This additional security measure does not compromise usability: PIN is not required to answer incoming call.
PIN under duress
You can configure an additional PIN for critical situations. Every time you unlock
Brand | ||
---|---|---|
|
UI improvement
UI has been re-designed to clearly separate call and messaging features, in a more intuitive way.
|
SIP Trunks Integration
Despite SVoIP (Secure VoIP) protocols used, some PBX do not grant security, eg:
Brand | ||
---|---|---|
|
Brand | ||
---|---|---|
|
...
TLS support
Due to recent "Poodle" vulnerability (CVE-2014-3566), we definitely dropped support for SSLv3 protocol on incoming connections. This completely fixes the problem even for clients which support it and are vulnerable to downgrade attack.
SSL support is removed on a code basis, so there is no way to enable it.
On SIP/TLS outgoing connections it could be enabled to provide support for legacy PBX integration.
TLS support covers TLS1.0, TLS1.1 and TLS1.2, including forward secrecy with DHE and ECDHE cipher suites. Keep in mind that Blackberry OS5/7 and Android 2.x do not support ECDHE, but only DHE.
=> SIP PBX => GSM device in clear. This call is a crypto-to-clear scenario and there is no way to notify the unsecure call to the caller. These PBXes can now be marked as untrusted: before bridging the crypto-to-clear call, both participants will hear an audio security disclaimer warning them that the call could be not secure.