Jon Callas is an American computer security expert,[1]software engineer, user experience designer, and technologist who is the co-founder and former CTO of the global encrypted communications service Silent Circle.[2] He has held major positions at Digital Equipment Corporation, Apple, PGP, and Entrust, and is considered "one of the most respected and well-known names in the mobile security industry."[3] Callas is credited with creating several Internet Engineering Task Force (IETF) standards, including OpenPGP, DKIM,[4] and ZRTP, which he wrote.[3] Prior to his work at Entrust, he was Chief Technical Officer and co-founder of PGP Corporation[5] and the former Chief Technical Officer of Entrust.
On his website, Callas describes himself as "an entrepreneur and innovator in information and business security, including cryptography, operating system security, public key infrastructure, and intellectual property rights," as well as "an innovator in human-computer interactions, collaboration and social virtual reality."[6]
He was a member of the technical staff at Century Computing from 1980 to 1981, then served as principal software engineer at Digital Equipment from 1981 to 1993.[2] While working there, he "got to work on a wide variety of things, from graphics to schedulers to memory management to operating system security," and created a random password generator.[8] At Digital Equipment, he designed the PATHWORKS network operating system as well as software for Macintosh client systems and server systems running VMS or UNIX, and created cross-platform communications between computers running Mac OS, VMS, UNIX, Windows and OS/2, using AppleTalk, DECnet, and TCP/IP networks. He also developed software for 3D, PEX, and DDX for OpenVMS, OSF/1 and Windows NT.[6]
After Digital Equipment folded, Callas co-founded World Benders, Inc., where he worked from 1993 to 1995.[2] At World Benders, he "was the lead architect and developer of Meeting Space, a cross-platform group collaboration product" that "allowed people to conduct meetings in real-time on existing networks."[6]
Callas then held the title of senior scientist II at Apple Computer from 1995 to 1997.[2] He describes himself as having been the firm's Security Privateer, and as having "designed and built next-generation cryptographic security products for Mac OS X and iOS, including the 'FileVault 2' full-disk encryption product." He also "designed a concurrent programming system for high-performance computing, 'Transforms.'" In addition, he "led the engineering and approvals for a FIPS 140 validation of iOS."[6] Callas was trusted with the security of Apple's operating system,[3] and worked on Apple's Whole Disk Encryption. "That was the worst time to be working for Apple, the year before Steve Jobs came back," Callas has said.[8]
At Apple, he worked for Gursharan Sidhu, the inventor of AppleTalk. Callas "shipped the very first crypto built into an OS, called PowerTalk," which, he has said, "failed for being far too early," although he and his colleague Bruce Gaya managed to hack a piece of it, a password manager called The Keychain, "so that you could run it without the rest of PowerTalk, and thus rescued it from oblivion. The present Keychain on Apple products is completely and utterly rewritten, but I’m proud of saving it."[8]
He joined PGP, Inc. (developer of Pretty Good Privacy), in January 1997 as chief scientist. Network Associates (NAI) bought PGP in December 1997, and Callas became CTO for the Total Network Security Division of NAI, creating "architecture and direction for the company's network security products" and serving as "the primary author of the IETF's OpenPGP standard."[6][9]
He was director of software engineering at Counterpane from 1999 to 2001, serving as "co-architect of Counterpane's Managed Security Monitoring system – a redundant system with adaptive fail-over that monitors networks on three continents." He also "led the engineering team that built the system, taking it from prototype to operational in four months," and "managed Counterpane's export control process, getting approval for the system, including fifteen new ciphers." As Senior Architect at Wave Systems Corporation from 2001 to 2002, he was the lead architect for Wave's EMBASSY Trust System, on which he performed security analysis and created product security subsystems.
He then co-founded the new PGP Corporation in 2002. He worked as a server architect at PGP from July 2002 to October 2009, and during his time at the company was the principal author of the IETF OpenPGP standard, now RFC2440,[2][6][9][10] and developed the PGP (Pretty Good Privacy) Universal Server.[8] He was security privateer at I Could Tell You But Then I'd Have To Kill You and Associates from October 2009 to July 2011. He was chief technical officer at Entrust, a provider of identity-based security software, from July 2011 to January 2013.[3]
He co-founded Silent Circle in 2012 and Blackphone in 2013, and continued to serve as CTO of Silent Circle until April 2016,[2][3] where he led the development and operations groups, the former of which "produces the apps that manifest Silent Circle's services to its subscribers" and the latter of which "runs the actual services themselves."[6]
Callas holds patents, or has patents pending, on several systems and methods for erasing media, facilitating secure media access, for secure and transparent electronic communications, for dynamic security operations, for partial message authentication, and for facilitating encryption and decryption operations over an email server.[6]
Callas's security product designs have won major innovation awards from The Wall Street Journal and others.[8] He is one of the primary authors of the DKIM method and a member of the Infosec think tank The Shmoo Group. He has served as Adjunct Professor at Indiana University since 2012.[2]
Callas lectured widely about computers and Internet security, and was scheduled to be a speaker at the Oslo Freedom Forum in 2014.[10] Callas was selected to be one of two keynote speakers at the 2015 PDF Technical Conference in San Jose, California.[11]
Callas's employment ended with Apple in December 2018. Moving on to work as a Senior Technology Fellow at the American Civil Liberties Union until August 2020. He moved on to work as a Director of Public Interest Technology at the Electronic Frontier Foundation (EFF). He ended his employment with the EFF in June 2023. Callas is currently the founder of Zatik Security (since August 2023) and a Senior Computer Scientist at SRI International (since November 2023).[2]
Views
Callas has stated that tech companies are a bigger threat to privacy than the government. His views stem from big tech's mass pooling of personal data for advertising and the polarization within Silicon Valley. While some companies are committed to privacy, many more earn their revenues from selling user data. Callas has stated that if the advertising market takes a downturn, companies that protect their users' data are the most insulated from harm.[14]
Kerberos is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client–server model, and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.
Philip R. Zimmermann is an American computer scientist and cryptographer. He is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in the world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone. Zimmermann is co-founder and Chief Scientist of the global encrypted communications firm Silent Circle.
A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s and early 1990s.
The Clipper chip was a chipset that was developed and promoted by the United States National Security Agency (NSA) as an encryption device that secured "voice and data messages" with a built-in backdoor that was intended to "allow Federal, State, and local law enforcement officials the ability to decode intercepted voice and data transmissions." It was intended to be adopted by telecommunications companies for voice transmission. Introduced in 1993, it was entirely defunct by 1996.
Enigmail is a data encryption and decryption extension for Mozilla Thunderbird and the Postbox that provides OpenPGP public key e-mail encryption and signing. Enigmail works under Microsoft Windows, Unix-like, and Mac OS X operating systems. Enigmail can operate with other mail clients compatible with PGP/MIME and inline PGP such as: Microsoft Outlook with Gpg4win package installed, Gnome Evolution, KMail, Claws Mail, Gnus, Mutt. Its cryptographic functionality is handled by GNU Privacy Guard.
In cryptography, Camellia is a symmetric key block cipher with a block size of 128 bits and key sizes of 128, 192 and 256 bits. It was jointly developed by Mitsubishi Electric and NTT of Japan. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The cipher has security levels and processing abilities comparable to the Advanced Encryption Standard.
Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.
End-to-end encryption (E2EE) is a private communication system in which only communicating users can participate. As such, no one else, including the communication system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to converse.
PGP Corporation was a company that sold Pretty Good Privacy computer software. It was founded in 2002, and acquired by Symantec in 2010, and by Broadcom in 2019.
This is a technical feature comparison of different disk encryption software.
Adam Back is a British cryptographer and cypherpunk. He is the CEO of Blockstream, which he co-founded in 2014. He invented Hashcash, which is used in the Bitcoin mining process.
In cryptography, Curve25519 is an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security and designed for use with the Elliptic-curve Diffie–Hellman (ECDH) key agreement scheme. It is one of the fastest curves in ECC, and is not covered by any known patents. The reference implementation is public domain software.
The following outline is provided as an overview of and topical guide to cryptography:
Linoma Software was a developer of secure managed file transfer and IBM i software solutions. The company was acquired by HelpSystems in June 2016. Mid-sized companies, large enterprises and government entities use Linoma's software products to protect sensitive data and comply with data security regulations such as PCI DSS, HIPAA/HITECH, SOX, GLBA and state privacy laws. Linoma's software runs on a variety of platforms including Windows, Linux, UNIX, IBM i, AIX, Solaris, HP-UX and Mac OS X.
Silent Circle is an encrypted communications firm based in Washington DC. Silent Circle provides multi-platform secure communication services for mobile devices and desktops. Launched October 16, 2012, the company operates under a subscription business model. The encryption part of the software used is free software/open source and peer-reviewed. For the remaining parts of Silent Phone and Silent Text, the source code is available on GitHub, but under proprietary software licenses.
Vincent (Vinnie) Moscaritolo is a retired American computer security expert known for his work in encryption applications for mobile devices. After decades in the computer industry, he now volunteers as a search and rescue professional. He holds NREMT, WFR, and Amateur Radio Extra Class and a General Radiotelephone Operator with Ships Radar License.
PrivatOS was an operating system used in the Blackphone from June 1, 2014, to June 30, 2016. It was targeted at users who sought improved privacy and security. It provided encryption for phone calls, emails, texts, and internet browsing. PrivatOS was a modified version of Android, forked from Android 4.4.2, that came with a bundle of security-minded tools. However, in contrast to Android, PrivatOS was not open source. The company that shipped PrivatOS, SGP Technologies is a joint venture between the makers of GeeksPhone, and Silent Circle.
pretty Easy privacy was a pluggable data encryption and verification system that provided automatic cryptographic key management through a set of libraries for written digital communications.
The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for voice and instant messaging conversations. The protocol was developed by Open Whisper Systems in 2013 and was introduced in the open-source TextSecure app, which later became Signal. Several closed-source applications have implemented the protocol, such as WhatsApp, which is said to encrypt the conversations of "more than a billion people worldwide" or Google who provides end-to-end encryption by default to all RCS-based conversations between users of their Google Messages app for one-to-one conversations. Facebook Messenger also say they offer the protocol for optional Secret Conversations, as does Skype for its Private Conversations.
This page is based on this Wikipedia article Text is available under the CC BY-SA 4.0 license; additional terms may apply. Images, videos and audio are available under their respective licenses.
