Security + Listen

tl;dr? AT&T spies on you for profit, we don’t.

SMS and calls are not very secure via phone numbers. Here’s why:

• several companies are involved–typically both a carrier and OS
• we can’t know what logs are kept / how data passes / what the f they do with your stuff at those companies
• they could be actively spying on you for $$ from our government (f*ck)

Unfortunately, we can’t get rid of phone numbers anytime soon. They’re an expected part of daily life. Calling your congressperson, confirming a doctor appointment, getting in contact with non-smartphone using family members, etc etc–we’re stuck with them.

Here’s how we made Listen secure:

• Data is transferred to and from the client with TLS.
• Our database is encrypted at rest by using AES-256, block-level storage encryption.
• Thanks, Heroku!
• All calls, texts, and media are deleted from Twilio via their Delete API
• Credit goes to Austen Ito

For launch, we did not focus on end-to-end encryption for those users although we could have. Here’s why:

• we knew majority of early users would be communicating with *non* Listen users
• we didn’t realize Trump was going to get elected

In the future, we want to partner with Open Whisper Systems, which is the current gold standard on encryption. See this post and this post.

Security is a reason why we might not build business accounts. A lot of requested features for a ‘business account’ involve storing data in a vulnerable way. We’d rather not do that, even if it’s for a paying set of customers. Taking away time from our work towards an ideal phone number to build features antithetical to that vision doesn’t feel good to us.

Any suggestions, thoughts or comments? Please let me know. Identifying flaws in this approach is crucial.