Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Cellphones Encryption Privacy Security

Phil Zimmermann's 'Spy-Proof' Mobile Phone In Demand 107

Posted by Soulskill
from the protecting-against-all-but-the-dumbest-users dept.
An anonymous reader writes "BlackPhone was designed by Phil Zimmermann (inventor of PGP). The 4.7" display phone features a 2 GHz NVIDIA Tegra 4i ARM Cortex-A9 quad-core processor with 60 GPU cores, 1GB RAM and 16GB storage [more specs]. The OS is a customized version of Android called PrivatOS which offers encrypted calls, texts and emails that can't be unscrambled even by spy agencies. It also offers built-in resistance against malicious software which will be most welcomed for users worried about free Apps that are becoming increasingly invasive, if not pure data collection spyware for unknown 3rd parties. It's coming out this June, and many Fortune 50 companies have already ordered the phone to protect against industrial espionage."
This discussion has been archived. No new comments can be posted.

Phil Zimmermann's 'Spy-Proof' Mobile Phone In Demand

Comments Filter:
  • by Anonymous Coward

    Does he have Qualcomm on board or what?

  • I can see how this would work for blackphone-to-blackphone communication. What about people who call me or text me who don't have a blackphone? Those calls and texts are not going to be encrypted.

    I think the market for this thing will be limited, at least for the immediate future.

    • by Anonymous Coward
      Of course it'll be limited. This sort of thing only has appeal to secretive companies, spies, criminals, terrorists, and paranoid nitwits like we often see here who have no reason to be spied on, but hallucinate danger. Most of us have no need for something like this, and a more open product is better for us.
    • Re:Limited market (Score:4, Informative)

      by Charliemopps (1157495) on Wednesday May 14, 2014 @03:37PM (#47003081)

      It wont work.

      I use textsecure: https://play.google.com/store/... [google.com]
      and redphone: https://play.google.com/store/... [google.com]

      which encrypt text and calls to other people who use it. Which includes my wife... because I installed it for her... and that's about it. My paranoid friends that might use such things wont even get a smartphone so... yea...

      anyways, both applications are pretty good. I'm with Verizon and they have a TERRIBLE messaging app that they replaced the standard android app with. It literally crashes my phone it's so bad. So I replaced it with this. The only annoying bit is having to enter your password if you reboot the phone. Textsecure even sends the texts via the internet rather than using the cellular network to save you messages if the other users got it as well.

      • Re:Limited market (Score:4, Insightful)

        by geekoid (135745) <dadinportland AT yahoo DOT com> on Wednesday May 14, 2014 @03:51PM (#47003199) Homepage Journal

        Of course, what is the most used pieces of informaiton gathered from a phone? location and history of location.

        • In 2006, we had a secure phone system that used aes encryption. The process worked by calling a specific number, and via SSH, getting a session AES key. That key encrypted the info before it left the phone, and decripted the info after arriving in the phone. We had it for voice and data.
          AES encryption and decryption was chosen so that the one AES key would serve for both.

          It required a key server functionality between partners who prearranged calls. Ideal for embassies, and for other secure communication

      • by mlts (1038732)

        First thing one should do with almost all Android devices (GPE devices are a cautious exception) is to re-ROM them. I've not really been impressed with Verizon's text app myself, so I prefer a replacement.

        In any case, having the ability to encrypt phone and SMS conversations in an app, completely separate and independent from the OS is a boon. An eavesdropper would have to go from being passive to actively interacting with the apps or actively reading/scanning memory for keys to upload.

        With newer versions

      • by Anonymous Coward

        Of course that is only as secure as the user of the phone allows it to be. Once malware is injected using one of many vulnerabilities/exploits, from browsing the web, email, apps, whatever, that "secure" app will be compromised.
        The blackphone does not have this problem.

  • You can develop all the security technologies you like. They'll be worth precisely nothing when the NSA sends a pup of an agent with a national security letter to seize your files, equipment, and force your co-operation under penalty of imprisonment. The courts remain the ultimate root-kit.

    • by Anonymous Coward on Wednesday May 14, 2014 @03:24PM (#47002891)

      Only third-world countries with no human rights operate like that.

    • by houstonbofh (602064) on Wednesday May 14, 2014 @03:25PM (#47002909)
      But you will know. They will not be able to listen in without you knowing. That is a big deal.
      • by Krojack (575051)

        Are you sure of this? I always say, It it's created by humans then it can be cracked. You do know the NSA will be ordering a lot of these phones and quickly tearing them apart looking for exploits.

        • I always say, It it's created by humans then it can be cracked.

          Yeah, but can it be easily cracked, or cracked within the time frame that the information is still useful? If a criminal can MITM my internet banking and get all of my savings, that is A Bad Thing. In 2006 [theguardian.com] we could crack Enigma in 4 days with then-modern home PC hardware and an optimised brute force routine. That is absolutely fine; The people who benefited from its use are mostly dead, the war is over, there's no need for the security anymore. In fact, Enigma was so good that almost all of the successful c

      • by geekoid (135745)

        You can't hide secrets of the future with math. The path of technology history is littered with the bones form 'unbreakable/unhackable/uncrackable' products.

        I wonder how you update the phone? Or prevent someone from installing a keylogger?

        • You can't hide secrets of the future with math. The path of technology history is littered with the bones form 'unbreakable/unhackable/uncrackable' products.

          I wonder how you update the phone? Or prevent someone from installing a keylogger?

          However, there are several encrypted message from WW2 that are still unbroken. And it doesn't change the fact that you know they are not listening NOW.

      • But you will know. They will not be able to listen in without you knowing. That is a big deal.

        I though everyone assumed that they were listening? Snowden, you know? Ever heard of COINTELPRO? They have been listening for a long long time.

        • by Eythian (552130)

          That's the point of this whole phone. So you can assume that they're not listening.

      • by tapspace (2368622) on Wednesday May 14, 2014 @04:17PM (#47003531)

        Someone should enshrine that in some sort of high code of law upon which all other laws will be based in some sort of new democratic society...

        • by Slayer (6656)
          ... and a pack of inept/corrupt law makers could wipe their butts with that document and laugh in your face.
      • by Raenex (947668)

        But you will know. They will not be able to listen in without you knowing.

        How so? They use a National Security Letter to order a wiretap, which in this case means implanting a backdoor. Similar tactics have been used on other people offering encyrption software. Unless you build and program the phone yourself from trusted parts, you're at the mercy of your provider, and the provider is at the mercy of government.

        You really can't expect anything different from the same government that secretly (though with ISP help) installed taps onto all of the major ISPs, can you?

    • by Anonymous Coward

      You can develop all the security technologies you like. They'll be worth precisely nothing when the NSA sends a pup of an agent with a national security letter to seize your files, equipment, and force your co-operation under penalty of imprisonment. The courts remain the ultimate root-kit.

      It should be fairly obvious even to the technical baboons we often find behind the bench that the secure side of the device is limited by definition. One cannot be ordered to produce that which does not exist or was destroyed long ago through sound data attrition policies.

      Therefore, order away courts, you're not going to be able to unring that bell, which is kind of the entire point of this exercise. To make it in fact, Court-Proof.

      Sad to say, it has come to this.

    • So how exactly is a warrant going to get them copies of your encrypted phone calls that haven't been stored on your device?

      • It gets them a feed into the microphone/earpiece on the other phone, and a gag order giving your friend 20 years in jail if he warns you. And a plea deal where he gets 6 months if you confess, or 20 years if he doesn't convince you to.

        • That's not the problem this device sets out to solve. Nor is it a problem any communication device can solve. If you can't trust the person on the other end after you've verified who they are, technology can't help you.

          • by Anonymous Coward

            Assuming you *do* trust them, use what agents in WW2 used: a security code (agreed in advance, face to face.)
            Example, I announce my name on the phone as "Anonymous Coward", then I'm identifying myself, & also saying all is well here.
            But if I say "Anonymous J. Coward" (assuming J is my real middle initial), I'm warning my correspondent that I have been coerced.
            Very hard to prove anything in court about that.

    • by Anonymous Coward

      Your argument is defeatist.

      Court or not, this is a great step towards "doing all we can" to counteract unlawful snooping.

  • Lifetime membership in the NSA's Super Special Pals club! They'll be thinking about you all the time!

  • How big does the battery have to be to keep all those cores running? Must take up half the interior.

    • It's not like anyone with a modern smart phone doesn't keep it plugged in all the time anyway. Notice how they do not call them "cordless" anymore...
      • by geekoid (135745)

        I use a nexus 4. I plug it in before bed, unplug it in the morning when it's alarm goes off.

        So, not it's not plugged in all the time, or even most of the time.

  • In all seriousness, what US carriers will let you use this phone? I can't see this being offered in-store to every Joe Friday that walks in off the street (the demand isn't high enough, depressingly) and most carriers like you to buy a particular phone to use on their particular network. How do I go about using one of these (well, two of these) in day-to-day activities?
    • by Desler (1608317)

      Why would you need to buy one in a carrier store? Simply buy a SIM card from the carrier and put it in your phone. That's as trivial as it is to use it on either AT&T or T-Mobile.

    • Have you honestly never heard of people buying SIM cards for existing phones? Outright purchase? Unlocked phones?

      • by Gryle (933382)
        No, not really, not outside of something like a GoPhone or a similar "burner"-type program. Then again, I still have a flip-phone (Samsung Rubgy II to be exact) and if I didn't have to have it for work, I'd not have a cellphone at all.
        • Next time you are in a supermarket, have a look at their handset/recharge/charge-card display. Chances are they have dozens of "pre-paid starter kits" for every carrier (and reseller) in your area. These contain just a SIM card, no handset.

          Even with carrier-locked handsets, you can normally use any new SIM kit from that carrier. More importantly, you can buy almost any brand of handset unlocked from the manufacturer, and hence run any SIM kit from nearly any carrier. This is particularly useful for travelle

  • from other people, interfering with theirs?

  • by Greyfox (87712)
    The NSA already knows about those live goat porn sites you browse, that you like to dress up like a nun and get spanked with a toilet brush on Friday nights and they already have a picture of your dong. So really, what do you need a secret spy phone for, again?
  • 1) There is no such thing as spy-proof
    2) If you can install an app on it, it is not secure
    3) If you can connect it to a network, it is not secure
    4) If you do not own and have complete access to audit all firmware, including the radio, then it is not secure
    5) The Blackphone looks like nothing more than a platform from which to sell expensive annual subscriptions to quasi-private services

  • Is there a privacy screen filter ? The kind where you can see the screen only from a narrow angle.
    Some Japanese phones, which are commonly used in crowded trains feature this. I think it is an essential privacy feature.
    Ah and a physical, highly visible, camera lens cap too.

"Why should we subsidize intellectual curiosity?" -Ronald Reagan

Working...