Credit: mrdoomits / Getty Images Zfone, a free piece of software that encrypts voice-over-IP (VoIP) calls in a way that may circumvent government eavesdropping laws in some countries, is now available to Windows users, its developer said on Sunday. The software works in a peer-to-peer manner, exchanging encryption keys directly between the two people making a voice call. Other approaches, like the commonly used PKI, typically rely on a centralized database, usually hosted by a third party, to manage keys. The distinction is important in some places, where the debate about the rights of governments to eavesdrop on its citizens’ phone calls is growing increasingly heated. Zfone presents a challenge in the United States, for example, where the government has ruled that VoIP providers will soon have to turn over call detail records, just like regular phone companies. But the law in the United States applies to service providers, not end users. That means that callers can use Zfone to encrypt calls, and the government currently can’t demand that the users share the encryption keys in order to understand the contents of the call. Zfone could be less effective for privacy advocates in some other countries. Last week, the U.K. government signaled that it is working toward enacting regulations that would require companies and individual people to hand over encryption keys or face jail time. With the encryption key in hand, authorities could listen to conversations made over VoIP calls. The software uses extensions to real-time transport protocol (RTP) for the key exchange. Zfone’s developers have submitted the extensions, under the name ZRTP, to the Internet Engineering Task Force for consideration as a standard.Both participants of a VoIP call must be running Zfone for its encryption to work. For now, Zfone can be used only with software VoIP clients, like those used on computers, but developers can license it to integrate it into their hardware. Customers of service providers like Vonage Holdings, for example, who use adapters that allow the use of existing analog telephones, won’t be able to use Zfone because the software isn’t yet built into the adapter hardware. Zfone also can’t be used with Skype because Skype uses a proprietary protocol. Customers can download the software here. Versions for Mac OS X and Linux are already available.Philip Zimmermann, the creator of the e-mail encryption tool Pretty Good Privacy (PGP), developed Zfone. The U.S. government launched and later dropped a criminal investigation into Zimmermann as a result of PGP.-Nancy Gohring, IDG News ServiceFor related news coverage, read VoIP Security: It’s All About the Implementation.Check out our CIO News Alerts and Tech Informer pages for more updated news coverage. Related content brandpost Sponsored by SAP Generative AI’s ‘show me the money’ moment We’re past the hype and slick gen AI sales pitches. Business leaders want results. By Julia White Nov 30, 2023 5 mins Artificial Intelligence brandpost Sponsored by Zscaler How customers capture real economic value with zero trust Unleashing economic value: Zscaler's Zero Trust Exchange transforms security architecture while cutting costs. By Zscaler Nov 30, 2023 4 mins Security brandpost Sponsored by SAP A cloud-based solution to rescue millions from energy poverty Aware of the correlation between energy and financial poverty, Savannah Energy is helping to generate clean, competitively priced electricity across Africa by integrating its old systems into one cloud-based platform. By Keith E. Greenberg, SAP Contributor Nov 30, 2023 5 mins Digital Transformation feature 8 change management questions every IT leader must answer Designed to speed adoption and achieve business outcomes, change management hasn’t historically been a strength of IT orgs. It’s time to flip that script by asking hard questions to hone change strategies. By Stephanie Overby Nov 30, 2023 10 mins Change Management Change Management IT Operations Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe