Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Phil Zimmerman Launching Secure "Blackphone"

Unknown Lamer posted about 9 months ago | from the except-for-the-baseband-processor dept.

Cellphones 156

judgecorp writes "Famed cryptography activist Phil Zimmerman is set to launch Blackphone, a privacy-oriented phone which allows secure calls and messages. The phone is a joint venture between Zimmerman's Silent Circle communications provider and Geeksphone, the creator of the first Firefox phone, and will run PrivatOS, a secure version of Android. Zimmerman says the venture will be taking orders for the devices from February 24, after it is unveiled at Mobile World Congress in Barcelona."

cancel ×

156 comments

Sorry! There are no comments related to the filter you selected.

Open Source? (1)

Anonymous Coward | about 9 months ago | (#45965637)

Can the software be adapted to other phones?

Re:Open Source? (4, Insightful)

FriendlyLurker (50431) | about 9 months ago | (#45966251)

If it is not Open Source then we can pretty much can forget about this. Limiting the product to a very small set of customers Vs the wider android market means that just by using this product you would be advertising yourself as a target for investigation. To be truly secure the majority need to be using encryption, not just a small subset of paying customers.

Re:Open Source? (-1)

Anonymous Coward | about 9 months ago | (#45966755)

There's no way that a majority of people are going to choose to participate in hiding the activity of the people who actually need secure communications for their criminal enterprises.

If most people wanted to help criminals, we'd all be using TOR.

Privacy is dead, deal with it. Now we need to strike down all of our crazy laws that would be enforced by a Ministry of Virtue and Vice in an Islamic country. Legalize drugs, gambling, and prostitution, and people will get a lot less hysterical about the end of the brief historical period started by the Industrial Revolution, where we had individual privacy.

Re:Open Source? (0)

Anonymous Coward | about 9 months ago | (#45967405)

Because you can't get fired or ostracized for drugs, gambling, and prostitution, right?

If the courts say we can be searched without a warrant or probable cause, and the results of this search can destroy our lives even with no conviction, one doesn't need to be a criminal to desire privacy. This desire to "not be searched all the time for no reason" goes back a tad farther than the industrial revolution.

Re:Open Source? (0)

Anonymous Coward | about 9 months ago | (#45968055)

Not to mention that an investigation and court case are ultimately destructive. A conviction is just adding insult to injury. The legal system is worse off than the medical system.

Re:Open Source? (1)

Kimomaru (2579489) | about 9 months ago | (#45967071)

Couldn't agree more. If it's not open source so that people can verify what the underlying system is actually doing, forget it.

Wow, what a man! (5, Funny)

Anonymous Coward | about 9 months ago | (#45965719)

First he blows away that obnoxious black kid, now he's going to blow us away with a black phone!

Re:Wow, what a man! (0)

tripleevenfall (1990004) | about 9 months ago | (#45966049)

This should be modded Funny - Black comedy.

Re:Wow, what a man! (1)

ButchDeLoria (2772751) | about 9 months ago | (#45966083)

I fucking wish I had mod points

Re:Wow, what a man! (0)

Jeff Flanagan (2981883) | about 9 months ago | (#45966777)

Confronting your stalker is not obnoxious. +.5 Funny. Half off for characterizing a murder victim as obnoxious.

Re:Wow, what a man! (1)

Kimomaru (2579489) | about 9 months ago | (#45967087)

My brain is still working on pushing out a really loud laugh, that's how funny this comment is.

Is he also launching a new carrier and network? (1)

Anonymous Coward | about 9 months ago | (#45965727)

... because otherwise there's no way comnunication via this device is guaranteed to be secure (and probably not even then)

Re:Is he also launching a new carrier and network? (4, Informative)

gmuslera (3436) | about 9 months ago | (#45965891)

There are levels of communications that can be secured even with an hostile/insecure carrier. It can know where are you, but maybe not what you are sending and to who, (at least as pure data stream, if not as plain phone calls). Anyway, regarding hostile carriers or not, it should be safe against hostile/insecure sim cards [forbes.com] too.

bork bork bork (0)

Iamthecheese (1264298) | about 9 months ago | (#45965731)

This is going to end up a complete mess. Either no one will use them in which case they won't make much difference, only evil people will use them, in which case the US government will shut them down, or a lot of people will use them, in which case the US government will subvert them.

Re:bork bork bork (0)

isaac (2852) | about 9 months ago | (#45965903)

This is going to end up a complete mess. Either no one will use them in which case they won't make much difference, only evil people will use them, in which case the US government will shut them down, or a lot of people will use them, in which case the US government will subvert them.

Governments (plural) will subvert them, that's what they do. No legal restriction will prevent them back from doing so. Forget about hiding from governments, that game was lost the minute you picked up a mobile phone.

The only real potential privacy benefit here is in limiting the opportunities for commercial (Google, Apple) or malicious (malware authors) entities to track and/or exploit mobile users. The problem is, of course, that all private commercial entities are inherently untrustworthy when it comes to privacy protection - companies change management or change hands (Nest anyone?) or are careless.

Really, who's the target market for this? Because it just sounds like a honeypot (like Tor) to me.

Re:bork bork bork (1)

neoritter (3021561) | about 9 months ago | (#45966279)

This is pretty much the reason I'd think about the Blackphone. Not to hide from the government(s), because that's an exercise in futility if we want to have connected technology. But because I'd rather make sure private entity A doesn't know what I do with private entity B without my consent; or at least minimize what they can know.

As for a honeypot... I think you may misunderstand what a honeypot is. A honeypot is a fake website, system, network, (insert entity); that seems appealing to a would be hacker or intruder, but in fact is a way for security to catch the intruder while also diverting their attention away from the real prize. To quote the opening line of the wikipedia entry, "in computer terminology, a honeypot is a trap set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems."

The Blackphone (and Tor) by definition would not be honeypots, as the users are not attempting to gain unauthorized access to them and they aren't being used as decoys to a real network.

Re:bork bork bork (1)

tlhIngan (30335) | about 9 months ago | (#45966583)

This is pretty much the reason I'd think about the Blackphone. Not to hide from the government(s), because that's an exercise in futility if we want to have connected technology.

Exactly. Even if everything on the phone is encrypted, the fact that you made a phone call is still noted (it's "metadata"!). Just like how everyone says "encrypt everything" are missing the point - IP packets can be logged (metadata), as can email headers (more metadata).

Of course, if you want to hide, another thing to do is not make it obvious - if everyone around you is making calls "in the clear", and your call is encrypted, well, that just draws unnecessary attention.

Re:bork bork bork (1)

melikamp (631205) | about 9 months ago | (#45966935)

I dunno about voice calls, but messaging, at least, can be Torified, and that would be a much tougher nut to crack.

Re:bork bork bork (1, Insightful)

Anonymous Coward | about 9 months ago | (#45965927)

And yet it presents a positive trend: "maybe the people can directly fight the power with technology".

Just as the music industry can't make the government to stop the sharing of files, however many laws it buys, because it's just not feasible, a simple tool like this might give everyone a liberty just by making it too hard to take it away from the people.

Re:bork bork bork (1)

gmuslera (3436) | about 9 months ago | (#45965973)

The average, non technical person is the one that gets caught (even for sneezing on public) in this kind of dragnet surveillance. The technical with a clue may use them, and maybe put them as policy for their companies, as is critical for them to have safe communications, so this is the target group. And the ones that they claim that they are after will rely on low tech communication anyway, so won't get caught. As with DRM, the ones that get hurt are the normal citizens and loyal consumers.

Re:bork bork bork (1)

AHuxley (892839) | about 9 months ago | (#45966041)

The interesting part is where does subvert really get any gov? The gov becomes addicted to a huge raw flow of data from people unaware of the total domestic surveillance network.
Once the public sees the reality of having a domestic surveillance network, their political use of the telcos and computers might change.
People contacting the press take on an East German like feel, they know they will be tracked down, but turn up to protest anyway.
Any new tool that allows people to use a network to chat with the press is great.

That's not the use case! (2)

Medievalist (16032) | about 9 months ago | (#45966879)

You're misunderstanding the purpose of the technology, I think.

The government can use MIB on the rooftops with parabolics, this phone doesn't and can't protect you from their minions.

"Evil people" avoid detection by using disposable phones and in-group jargon to avoid detection - they simply don't need or want this technology. They already buy cheaper, low profile generic phones with cash and just throw them away if they get known.

But this technology prevents the Sun from printing your conversation with the sexy nanny on page one. It prevents your neighbor from listening to your calls to your bookie on his scanner or baby monitor, too. Get it now? It's a big market segment... people who want a little privacy from nosy neighbors and service providers.

Switzerland (3, Insightful)

Anonymous Coward | about 9 months ago | (#45965753)

An interesting choice. I guess it is only logical, since Zimmerman had to shut down his encrypted e-mail service SilentCircle [slashdot.org] in the US. I hope that more businesses will move their operations outside the US, it seems to be the only language the United States government understands.

Almost. there. (5, Insightful)

leuk_he (194174) | about 9 months ago | (#45965799)

Hardware feature I would like to see:
-LED on when camera is taking pictures/recording.
-LED on when microphone is recording.
-Looking like a normal phone, If it screams PRIVACY phone, one might think ik have somthing to hide.

Software features:
-Restrict apps to a sandbox without telling them that. (feed apps fake data instead)
-Some kind of firewall/virtualiszation between apps i use at home and work and real private part.
-Secure boot. rootkit prevention. Including option by bypass the secure boot for open source mods.

Marketing features i would like to see:
-Real use cases. (like work/home phone virtualisation.)
-privacy is always a tradeoff. being online means giving away some of your data. what trade offs are made?
-Access to some more technical details HOW the pricay part is implemented and what has not been implemented.
-Respected names from the pricacy industy who did have to do something in the design/implementation phase. trust is important.

and ... open source... so useful parts can be reviewed and ported to populars android mods.

LEDs are a terrible idea (1)

Anonymous Coward | about 9 months ago | (#45965875)

> -LED on when camera is taking pictures/recording.
> -LED on when microphone is recording.

No, no, no. What you want is a mechanical shutter over the camera, and a switch that physically opens the microphone's circuit (if you want convenience, make the microphone's switch be the camera's shutter).

With an LED, you have to trust the firmware to properly couple the light to the device. With a mechanical shutter, you can verify that it is physically impossible for the camera to see anything.

Re:LEDs are a terrible idea (1)

hawguy (1600213) | about 9 months ago | (#45965979)

> -LED on when camera is taking pictures/recording.
> -LED on when microphone is recording.

No, no, no. What you want is a mechanical shutter over the camera, and a switch that physically opens the microphone's circuit (if you want convenience, make the microphone's switch be the camera's shutter).

With an LED, you have to trust the firmware to properly couple the light to the device. With a mechanical shutter, you can verify that it is physically impossible for the camera to see anything.

You don't need to trust the LED to firmware -- instead of a physical switch that turns the camera or microphone on, use a software controlled switch with only 2 hardware states - if the software turns the switch on, microphone+LED (or camera+LED) are enabled, if the software turns the switch off, then they are not enabled. The camera could have a software controlled physical Iris that closes when the camera is off.

Don't let the software control the LED separately.

This is still open to hardware hacks (someone with access to the phone could hardwire the microphone on without the LED illuminating), but the same is true with a physical switch.

Re:LEDs are a terrible idea (1)

jeffb (2.718) (1189693) | about 9 months ago | (#45966087)

This is still open to hardware hacks (someone with access to the phone could hardwire the microphone on without the LED illuminating), but the same is true with a physical switch.

And, as GP stated, a physical shutter is not open to the same kind of trickery. You'd need to come up with something that looks like an opaque shutter, but actually doesn't block the camera's view. This is still possible, but it's not as trivial as putting a jumper across an LED's legs (or bridging a physical switch).

On the other hand, it's harder to "shutter" a microphone.

Re:LEDs are a terrible idea (1)

Em Adespoton (792954) | about 9 months ago | (#45966719)

>

On the other hand, it's harder to "shutter" a microphone.

Not really; I can think of a few ways. The easiest would be placing a coloured conductive fluid in front of the microphone head -- when the microphone is enabled, so is the LED, and the fluid is propelled to the edges of the chamber (which is where the LED is. Result: sound will be at the very least muffled, and there will be a visual indicator of where the fluid is and whether the mic is on.

Re:LEDs are a terrible idea (1)

geminidomino (614729) | about 9 months ago | (#45967979)

I hear there's this newfangled gadget called an SPST that could do the job pretty well.

Re:LEDs are a terrible idea (1)

neoritter (3021561) | about 9 months ago | (#45966373)

The only con to that approach (and I'm by no means disagreeing with you), is that the manual shutter and microphone operation, increases the confidence of those that are not adept at opening their device and analyzing the innards. They have better trust that what the indicator says is true.

You're right, both cases can be subverted at a physical level. But at least with the former I'm not trusting the manufactorer or a person in the know that the device's light turns on when the microphone is on.

Re:LEDs are a terrible idea (0)

Anonymous Coward | about 9 months ago | (#45967159)

If it's not already being done, wiring the LED directly to the camera's power leads would stop any sort of hack that allows surreptitious video recording.

Using a transistor/solid state relay that controls the ground of both the microphone and camera, with the LED being attached to that switch's power leads would make it impossible (in software) to enable them without the visual indicator.

Re:Almost. there. (-1)

Anonymous Coward | about 9 months ago | (#45965941)

- stand your ground mode
- skittles detector
- niglet shooter

Re:Almost. there. (1)

egcagrac0 (1410377) | about 9 months ago | (#45965947)

-Looking like a normal phone, If it screams PRIVACY phone, one might think ik have somthing to hide.

From the picture on the website, it looks rather like an iPhone (without the button).

When the phone is in your pocket, they all look alike to everyone else, anyway.

Re:Almost. there. (5, Insightful)

mrchaotica (681592) | about 9 months ago | (#45965961)

You forgot the most important feature:

The main SoC controls the baseband processor (and can firewall the rest of the system off from it), not the other way around. Or better yet, the baseband is Open Source.

Re:Almost. there. (1)

NatasRevol (731260) | about 9 months ago | (#45966303)

I thought the most important thing would be that it's actually launched, and not promiseware.

Re:Almost. there. (1)

mdielmann (514750) | about 9 months ago | (#45966803)

Read about the features of GSM modules, with respect to being able to poll towers, access GPS, etc., while the phone is supposedly turned off. This is a prerequisite for achieving their stated goals.

Re:Almost. there. (1)

Arker (91948) | about 9 months ago | (#45967927)

Nope. Promiseware is better than a defective deliverable.

Re:Almost. there. (0)

Anonymous Coward | about 9 months ago | (#45966065)

How about this.

- No camera, that would introduce necessary firmware/drivers/etc that would be harder to vet
- No "apps". A platform for such would be incredibly difficult to completely verify for backdoors/intentional and unintentional flaws, and that's before you even start talking about the security of the sandbox.

What you don't have can't be subverted.

Re:Almost. there. (2)

oodaloop (1229816) | about 9 months ago | (#45966231)

The LED is on the right track, but if someone can hack your phone to turn the camera on, they can also turn the LED off. How about a physical shutter over the camera? I'd like a neon orange small plastic shutter to close over the cameras on my phone. I'd be able to quickly check that they're still on and not worry about someone hacking my phone.

Re:Almost. there. (3, Informative)

necro81 (917438) | about 9 months ago | (#45966515)

if someone can hack your phone to turn the camera on, they can also turn the LED off

This is not necessarily true if you design this feature into the board. For instance, you can have the LED hard-wired to the camera's power supply - anytime the camera has power, the LED will be on. When the firmware wants to save power by turning the camera off, it must well and truly be off (i.e., no power applied), and not just a sleep mode.

Alternately, depending on the communications bus between the camera chip and the SoC, you can have an LED tied to one of the communications lines through some sort of buffer circuit - chip select, camera Tx, etc.

One would think that this was the way it was always done - some unambiguous way to know when the camera is active that was baked in at the board level - but apparently not.

LEDs can leak information too (0)

Anonymous Coward | about 9 months ago | (#45967875)

Alternately, depending on the communications bus between the camera chip and the SoC, you can have an LED tied to one of the communications lines through some sort of buffer circuit

If you have a LED connected to the microphone circuit, someone could train a telescope on your phone and analyze its flicker to remotely overhear what you're saying.

Re:Almost. there. (1)

Burz (138833) | about 9 months ago | (#45968137)

I'm amazed at how consistently /.ers assume that a LED would not be hardwired to the component it monitors. Its like a form of brain damage.

Re:Almost. there. (2)

melikamp (631205) | about 9 months ago | (#45967091)

and ... open source... so useful parts can be reviewed and ported to populars android mods

This is not the main reason why it should be open source, nor is "open source" enough, unless we are using a definition compatible with the free software definition. In fact, both hardware and software should be free, documented, and open in order to justify the basic security and privacy claims the manufacturer is making.

As for "open source", the freedom to distribute modified copies (which is not clearly implied) is paramount to anything aspiring to be secure. If a bug is discovered, and a patch is available, the software will remain insecure if the authorized distributor refuses to apply the patch. Free software does not have this problem.

As for the order of your list, all the things you named are very useful indeed, but they are not worth crap unless the entire thing is free software, and the hardware is open and certified by third parties without special interests. One binary blob makes all security and privacy claims a lie, plain and simple. Not an honest mistake, not a misunderstanding: these people surely understand security, so when they start selling "secure" binary blobs, they will be lying through their teeth.

Re:Almost. there. (0)

Anonymous Coward | about 9 months ago | (#45967319)

-Secure boot. rootkit prevention. Including option by bypass the secure boot for open source mods.

You can't have it both ways, if *you* can bypass secure boot, so can $evildoers. Besides, Samsung is trying reeeeeeeeeeeeeealy hard to secure *their* phones against those pesky customers (with everything from crypted bootloaders to efuses), and it still took 'em hackers less than a month to bypass it.

Re:Almost. there. (1)

Burz (138833) | about 9 months ago | (#45968089)

Just to clarify: Hardwire LEDs to the mic and camera. Leaving the LED activation to firmware is asking for an exploit.

These are good ideas. However they are kind of obvious and their total absence on phones and PCs shows that major IT vendors don't have designers involved in security at all. That vacuum and lack of involvement is astonishing.

BTW, if you want some of those other features in a PC, check out Qubes OS. [qubes-os.org] Its a Xen-based desktop with great virtualization and boot protection features; its (much) more secure than other VM environments and will even automatically isolate vulnerable hardware like network cards from the core OS.

sounds like (-1)

Anonymous Coward | about 9 months ago | (#45965801)

a phone for nignogs

I took a look at their website (0)

Anonymous Coward | about 9 months ago | (#45965817)

Very fancy. Nice marketing. Lots of "CEO", "Co-founder", "CTO", "Chief engineer", "CMO" and so on being presented, but not a single word about the programmers who will realize the software that will become what the phone is about. For some reason this arrogant lack of credit annoys the hell out of me, and put an end to any interest I might have had.

Re: I took a look at their website (1)

Anonymous Coward | about 9 months ago | (#45965901)

Geeksphone will most likely develop the software, and most of those "co-founders" are expert developers including Zimmerman himself.

Re:I took a look at their website (1)

gmuslera (3436) | about 9 months ago | (#45966191)

A lot of the people that is there did a few things in the programming world, like PGP, zfone/zrtp, welcam, or kismet. But there are implied programmers when they are taking as base the safe parts of android, so linux, android, cyanogenmod and so on people probably will be in part responsible or taken part directly.

Anyway, regarding trust, the names of people that take decisions matter a lot, having there a lot of the people of Silent Circle and Geeksphone have an implied message.

The only name i don't see there is Ladar Levison, from Lavabit, that was in the Dark Mail Alliance [slashdot.org] , with Silent Circle. But if well will be a sister project, the focus will be in servers, not only mobile.

such a difficult story. (0)

nimbius (983462) | about 9 months ago | (#45965825)

as an american I was sorely disappointed when I realized id confused Phil Zimmerman with a Zimmerman of far greater notoriety. My definition of the Blackphone however became far more reasonable and tasteful.

Re:such a difficult story. (0)

cyborg_monkey (150790) | about 9 months ago | (#45966189)

that joke was already used a half hour ago. get a clue you moron.

I'm not so sure about this. (1)

Agares (1890982) | about 9 months ago | (#45965833)

I don't see how we can trust this new phone or any other device out there. So many companies have said we can trust them with our data, and then to no one’s surprise they've been found to be in bed with the NSA. We need to understand that we now live in a world where Big Brother is always watching. The only way we can stop this is to get rid of the NSA and other agencies like it. Unfortunately though, too many people are fine with being watched. They think that was long as they have nothing to hide there is nothing to worry about. They are mistaken and it will cost them more than they could have ever imagined.

Re:I'm not so sure about this. (1)

joe_frisch (1366229) | about 9 months ago | (#45965987)

I do agree that the problem of knowing who to trust is very serious. Large organizations (like the NSA) have the ability to make lots of posts in online discussions, technical journals, etc. to give the impression that the "community" "trusts" some particular solution, and to discredit anyone who objects.

I don't think though that the only answer is to eliminate these organizations - which is probably impossible in any case. At least in the US, the government is not a single monolithic organization, and should be possible to set up laws and safeguards to prevent most abuse.

Personally I'd like to see very solid legal firewalls between anti-terrorism / international work and domestic police work. I don't particularly mind the NSA using a wide range of technologies to stop someone from setting of a sarin bomb in the US. I would object to that same technology being used to track all RIAA violations. I'd object much more strongly if it were used to silence political dissent. We need to be sure that legal political speech cannot results in being labeled an associate of terrorists and in the loss of rights.

I couldn't help to notice that... (1)

carlhaagen (1021273) | about 9 months ago | (#45965835)

...their "The team" page doesn't mention a single software or hardware developer involved in creating the phone. Why aren't they worth to be on display along with the CEOs and whatnot?

Re:I couldn't help to notice that... (1)

hawguy (1600213) | about 9 months ago | (#45966023)

...their "The team" page doesn't mention a single software or hardware developer involved in creating the phone. Why aren't they worth to be on display along with the CEOs and whatnot?

Why do you think they've already hired a team to develop their vaporware phone?

Re:I couldn't help to notice that... (0)

Anonymous Coward | about 9 months ago | (#45966149)

Are you guys that stupid to miss http://www.geeksphone.com there? Shees...

Internal name: FUNSA (1)

webbiedave (1631473) | about 9 months ago | (#45965849)

and it will no doubt employ WSS aka Wireless Security Standard (internal name: What Snowden Said).

The providers are a bigger problem than the phone. (4, Informative)

therealkevinkretz (1585825) | about 9 months ago | (#45965871)

Even if the phone is as secure as claimed, one of the biggest violations of privacy is the collection of location data. And no security feature on the device will prevent Verizon/AT&T/etc from knowing what tower it has contacted, or providing that to any agency it wishes to.

Re:The providers are a bigger problem than the pho (1)

hawguy (1600213) | about 9 months ago | (#45966059)

Even if the phone is as secure as claimed, one of the biggest violations of privacy is the collection of location data. And no security feature on the device will prevent Verizon/AT&T/etc from knowing what tower it has contacted, or providing that to any agency it wishes to.

Obviously, you can't expect your location to remain anonymous while you're talking on the phone, but you can trust that when you turn off the Cellular radio, that it really is off and you're not being tracked when you drive to your mistresses house. Once you get there, you can use her Wifi to check for voicemails/txt's and still remain anonymous.

Secure Android? (1)

mzungu (316073) | about 9 months ago | (#45966181)

How can we trust that the android version will be secure. As I see it, android is a data-monetization platform that also runs phones and tablets.

Not comforting at all.

Re:Secure Android? (1)

Nerdfest (867930) | about 9 months ago | (#45966273)

Android is an open source OS. The only part that isn't open in most cases are the hardware drivers, and perhaps this company can get source for those as well. There's a lot of FUD going around where people think it can't be decoupled from communicating with Google, and that's simply not the case. You can quite easily run Android with no communications too Google or anyone else.

Re:Secure Android? (1)

vlueboy (1799360) | about 9 months ago | (#45968065)

How can we trust that the android version will be secure. As I see it, android is a data-monetization platform that also runs phones and tablets.

Not comforting at all.

I love how even the weather-news app (Gingerbread and up) redirects all stories via google news, so they track that redirect. That they do it overtly makes it even more unnerving, since they might just hide this
Google desktop searches are the same way. NSA or not, (ha!) I can't help but fear that my Address book app should remain completely blank, especially knowing that google backs up this stuff to their cloud in the name of convenience.

Re:The providers are a bigger problem than the pho (1)

therealkevinkretz (1585825) | about 9 months ago | (#45967547)

Yes, obviously. It can be surmised from the title of my post that the problem isn't the telco knowing where you're connecting, but that they're perfectly happy to collect and turn over that information to government agencies without a proper warrant.

Re:The providers are a bigger problem than the pho (1)

PhrostyMcByte (589271) | about 9 months ago | (#45966427)

I don't see any reason you couldn't route a call through Tor to hide your location. Of course, it's seeming more and more likely that parts of Tor have been compromised, so maybe that won't help all that much.

Re:The providers are a bigger problem than the pho (0)

Anonymous Coward | about 9 months ago | (#45967257)

For billing reasons, the cell phone company wants to know how much data your phone is using, which requires your phone to identify itself to the network. I don't see a clear way to do this without also letting the network know which tower the cell phone is connecting through. Of course, the cell phone companies could simply choose to forget the location data, but they don't.

Tor (theoretically) helps on WiFi, but not on cell internet. Using a prepaid SIM bought with cash might help a little, but probably not a lot.

Re:The providers are a bigger problem than the pho (2)

greenbird (859670) | about 9 months ago | (#45967273)

http://www.oneluckyelephant.com

Layer one and two are the problem. Tor helps with layer 3 and 4. Your cell phone radio (layer one) has to give identifying information to the cell tower so the cell tower can authenticate it and link it to the network (layer 2). This is done continuously while the cell radio in the phone is on through the command channel. It's constantly checking in with all the cell towers within range so it can be determined which cell is the best for data connections and handing off to the optimal tower. So regardless of if and/or what your doing data wise they can triangulate based on the cell towers your phone is talking to and get a reasonable close location. Text messages also go through the command channel rather than a data channel explaining why you can often send a text message even when you can't get a call through.

Re:The providers are a bigger problem than the pho (1)

Albanach (527650) | about 9 months ago | (#45967391)

I think Tor is TCP only, so SIP is pretty much out of the question. Asterisk could work with IAX, Skype might work too.

Latency will be an issue. If it remains consistent thought you can get away with over 1 second of latency on a voice call - not much different than a call routed via satellite.

If latency fluctuates widely then jitter may become a problem. You'd need to compensate for that too. Jitter and high overall latency don't make for a good calling experience. I could see latency going above 2 seconds to compensate and that will not be great for an interactive phone call.

Re:The providers are a bigger problem than the pho (0)

Anonymous Coward | about 9 months ago | (#45966819)

Consider a phone that tries wifi first, then (and only then) fails over to connecting to cell towers. It could even contain multiple sims and rotate through them so that the cell towers can't as easily pinpoint where you (which "you"?) are (you'd be using data plans to connect to a VoIP carrier to preserve having just one number), though this would mostly be hiding through obscurity; if enough people did this, it would be easy enough to write an algorithm that figures out the connection between most of your sim identities, though theoretically your time on wifi would make that harder to collate.

Of course, this means you'd have to pay for each sim card's plan ... maybe not so bad if they're all low-bandwidth and prepaid; most of your call time should be via wifi (at home, school, work). Maybe your phone would tell you how you're connected so you can SMS with "just a minute" and go find a wifi hotspot and then ring the caller back.

Re:The providers are a bigger problem than the pho (1)

SuiteSisterMary (123932) | about 9 months ago | (#45967243)

Aren't cell phones *required* to provide as much location data as possible for emergency services and the like?

Re:The providers are a bigger problem than the pho (1)

Janek Kozicki (722688) | about 9 months ago | (#45967783)

unless the phone contacts first to wifi, then to other blackphones nearby forming a mesh network (that can be possible, but initially unlikely, due to low popularity of blackphone), then finally to some of available celltowers (not necessarily the one with strongest signal).

What about SIM card tracking? (1)

biloute (1210348) | about 9 months ago | (#45965981)

"They" know which SIM connects to which cell tower, so I don't understand how this phone prevents tracking. Did I miss something?

This was my question (0)

Anonymous Coward | about 9 months ago | (#45966055)

Where do I buy SIMs for cash in the US?

Re:This was my question (1)

silas_moeckel (234313) | about 9 months ago | (#45966127)

Pretty much any bodega that sells GSM prepaid phones.

Re:What about SIM card tracking? (0)

Anonymous Coward | about 9 months ago | (#45966177)

Tracking as in Apple "oops" recorded all your moves and sent them to cupertino until somebody noticed.

George Zimmerman (0)

Anonymous Coward | about 9 months ago | (#45966029)

Meanwhile George Zimmerman is set to debut his prototype gun-phone.

Useless, or doomed to fail. (2, Insightful)

Shadows (121287) | about 9 months ago | (#45966101)

I posted these same thoughts last time I saw a "secure" phone on slashdot. Apparently it was long enough ago that it's no longer in my post history?

Regardless, there are two options I am aware of: 1) end to end encryption or 2) insecure messages/communication

The problem with #1 is that it requires secure devices on BOTH ENDS of the communication. You get very little bonus security if your device is secure, but the text messages, emails, phone calles etc. go unencrypted over the wire. That's fine, but now I have to persuade my parents and all my friends to get THIS exact phone, understand how it works well enough to set it up, and actually use those features.

I have a lot of respect for Zimmerman, but I'm extremely skeptical.

Just one question (1)

joeflies (529536) | about 9 months ago | (#45966159)

On the black phone, where did the PRNG come from?

How secure? (1)

aissixtir (2752321) | about 9 months ago | (#45966243)

Sure it is secure but how secure? We all know no security is perfect, who tested this? Also how can we know that NSA will not ADD a device on postal to search. Is there a feature which disable such option? How much is the expected price? How much will we need to pay for our privacy? Furthermore, can I buy the phone without getting my name registered?

Confiscated (1)

marcroelofs (797176) | about 9 months ago | (#45966319)

They will be confiscated by the US border control, every time you pass it. No reason given.

Hardly the first secure smart phone on the market (0)

Anonymous Coward | about 9 months ago | (#45966341)

I'm pretty sure GSMK beat them to this game with their Cryptophone a long time ago - http://cryptophoneaustralia.com

Tracking? (1)

Hatta (162192) | about 9 months ago | (#45966397)

Does this device provide any protection against location tracking?

Re:Tracking? (1)

greenbird (859670) | about 9 months ago | (#45967301)

Does this device provide any protection against location tracking?

Unless they establish their own cellular radio network that's not possible. The phone still requires a layer one and two connection which are provided the the cellular company.

Re:Tracking? (1)

melikamp (631205) | about 9 months ago | (#45967327)

If this device is fully free and open, then it can obviously spoof every one of its IDs, and provide a strong defense against location tracking (although not perfect, if one wants to jump from tower to tower while keeping the IP connection intact). The problem, as you can see, is not just with the device, but with the cellular providers, who forbid anonymous users. So if this phone can use the cellular network in USA, then it automatically will have to be non-free, and the whole thing is a scam. In particular, their claims of privacy and security would be straight-up lies. If it does not, however, use the towers (wifi only), then it has a chance of being true to its claimed purpose.

Maybe not going after the right target (3, Insightful)

CanadianMacFan (1900244) | about 9 months ago | (#45966473)

While I'm all for privacy and the government sticking it's nose out of my business I don't see how this phone really addresses the problem of privacy. The huge problem lately has been the governments sweeping up the meta data. So while your message may go through the system encrypted with this phone it's still going to leave a plain trail for everyone to see.

And placing the servers in Switzerland doesn't fill me with confidence for keeping the data safe either. They certainly caved pretty easily recently when it came to banking information so how fast is the government going to fold when the US wants the information to find terrorists and child molesters instead of tax cheats.

I'd trust it, just one kink,you don't get just one (3, Insightful)

Trax3001BBS (2368736) | about 9 months ago | (#45966481)

If Phil Zimmerman were involved in it I'd trust the security of the phone, it's just you don't just purchase one, but for everybody you call as well. One ain't going to do you any good.

Phew (1)

Andrio (2580551) | about 9 months ago | (#45966495)

I saw "Zimmerman" and "black" in the headline and I instantly thought a dreadful "Oh not this again!"

Blackphone = NSA phone (0)

Anonymous Coward | about 9 months ago | (#45966647)

Is there ANYONE so stupid that they would fall for such a ploy?

-The ARM SoC used in the phone has unstoppable back-doors. Every major phone ARM SoC is fully compromised. This means regardless of external software, the NSA (and similar) can get at the raw keyboard, screen and speaker/microphone data.

-The base of the new operation, Switzerland, has a flawless record of assisting the NSA, GCHQ etc in every way possible. The Swiss government simply requests that data gather from anything sourced in Switzerland is not publicly revealed in court. Both the NSA and GCHQ have very recently reminded their governments that their intelligence must never be directly referred to during prosecutions, and if said intelligence is used in a criminal case, protocols MUST be used to 'recreate' the same data using standard police methods- effectively 'cloning' and faking the data for use in court.

-Android, created by the NSA's R+D arm, Google, is designed to be as insecure as possible to intelligence agency attacks. Private 'versions' hardly reverse this fact.

-Your mobile phone, from whomever, tracks your location in realtime for the NSA multiple times a minute, if it has ANY power (and can thus communicate with the local cell towers). Blackphone will be no exception.

---REMEMBER--
-Security starts with end point encryption.
-Software MUST encourage one-time pad methods where applicable
-the screen output, screen-based input, the speaker and microphone are all dreadfully weak spots for a mobile phone, and security solutions MUST attempt to solve these issues.
-it should be possible to communicate across the Internet WITHOUT the service provider being explicitly aware of this fact. Obviously you cannot hide your connection, but you can obfuscate the activity across that connection.
-when the NSA targets an individual phone in a front-line operation, no security methods are likely to work. However, the NSA (and other departments including police) often target small groups of people (usually for political reasons, like the fact they oppose the war crimes of Israel and its ally Saudi Arabia) using much more casual attacks, and it is this type of illegal police-state activity that can be largely foiled.
-Any commercial operation (especially if run by a big 'name') offering 'security' products MUST be considered a direct offshoot of the NSA- do I even have to point this out?

Look, here's a last thought. Justin Bieber (a singer most here will be proud to say they do not care about) had his HOME subject to a massive police raid, where a goon squad forced their way in and searched every inch. Why? Because there was supposedly a complaint about someone 'egging' a neighbour. If you are NOT actively on the side of Team Obama and his rolling Crimes against Humanity, you are an ENEMY OF THE STATE. What Bieber suffered would be familiar to any former resident of Stalinist Russia or East Germany- just as said former residents would have ZERO surprise at the aquittal of those uniformed depravities that beat that transient to death.

Snowden has revealed to even the most Obama-ass-licking sheeple that the NSA (funded with hundreds of billions of dollars a year, with a budget rising far faster than inflation) implements exactly what current technology allows, and has no other restriction. The NSA collects the CONTENTS (NOT just so-called meta-data) of every electronic message, and if required subjects this data to Google designed face-recognition, speech-to-text, and language translation algorithms. The data is stored, indexed, processed, mined and searched using hardware and software systems designed by Google.

Microsoft actively competes with Google to be MORE useful to the NSA and those that rule you. Microsoft boasts that its software is more back-door than product. Bill Gates himself gave you the obscenities of 'COMMON CORE', 'inBloom universal child surveillance' (in partnership with Rupert 'Fox News' Murdoch), and the NSA in-home spy-platform known as Kinect 2 (the sensor system that comes with the Xbox One console).

You should all have ZERO trust in anyone connected with the establishment, and this includes the pseudo-anti-establishment types with their big-name companies. DO IT YOURSELF! And this usually means do your own research and choose your own solutions.

Re:Blackphone = NSA phone (1)

wiredlogic (135348) | about 9 months ago | (#45967479)

You can run all of your crypto operations on a different processor than the one running the radio since it can be assumed that it is compromised. For the really paranoid, an FPGA based processor can be used to guard against compromised ASICs entering the supply chain. If you transmit everything through VOIP rather than the normal voice channel then you can isolate the phone from any compromises in the phone network beyond SIM tracking.

Umm... wait a minute (1)

maliqua (1316471) | about 9 months ago | (#45966715)

Given that silent circle has offices in the united states i can't see how anyone can trust its security.

seems to me if you wanted to make a secure device you would ensure to work with companies that can't be influenced by the USA

you can still take pictures (0)

Anonymous Coward | about 9 months ago | (#45966887)

but your face will be heavily blurred by a cloud of pixels

Need a deadman's switch (3, Insightful)

Quila (201335) | about 9 months ago | (#45966905)

They have to have an indicator somewhere saying they have not allowed any government access. Since it's their phones, maybe broadcast the fact of no-contact every day to all phones, and have the phones alert when they haven't received the notice.

Also, may want to to hash the binaries at their web site and make it available as a web service, and have a program to hash binaries for that version on the phone and check online. Make it SSL with certificates to avoid spoofing. This way, people can know if their individual phones may have been compromised.

Re:Need a deadman's switch (1)

OzPeter (195038) | about 9 months ago | (#45967687)

They have to have an indicator somewhere saying they have not allowed any government access.

Which by changing the status of it shows that they have had government access and then someone gets into trouble with the government.
 
This idea of a magical deadman's switch is a complete crock and totally untenable after you consider it for more than one second. Just because the computer threw the switch won't stop the government coming after the owners of the computer.
 
But if you want to persist with that idea anyway, just take a look at what hoops Jews could jump through with their Kosher light switches [kosherswitch.com] in order to get around doing (their definition of) work on the Sabbath (although it does look like that this product never actually did get off the ground). Then take a look at the path you want to go down and see how similar it is.

How Can They Guarantee Privacy? (1)

RevSpaminator (1419557) | about 9 months ago | (#45967029)

If device security and privacy came down to just the OS, then Android could be secured by a group of like minded individuals. The problem isn't the OS but the hardware and the firmware that drives it. Android's radio image is proprietary and out of public view. This means there are going to be undetectable processes running on your phone regardless of what OS you load. So unless these guys are building their own chips and writing their own firmware, how can they guarantee privacy?

Re:How Can They Guarantee Privacy? (2)

aissixtir (2752321) | about 9 months ago | (#45967435)

How can they not when they can get so many clients with a nice name (blackphone) and privacy promises (after the latest NSA leaks). The thing is, even if this project is not as privacy-oriented as they try to make it seem, the market is developing towards more privacy and that is good.

Another flaw (1)

ThatsNotPudding (1045640) | about 9 months ago | (#45967631)

Given that the NSA (and doubtless others) intercepts of packages, how the hell do you obtain one of these without the real risk of it being tampered with before the sacred unboxing?

Excellent (1)

GameboyRMH (1153867) | about 9 months ago | (#45967659)

Another candidate for my next phone, and one of the few where "privacy" was ever a consideration in its design. If I do buy one I'll have to make it hard to trace it back to me, I'm trying to stay off the Naughty List if I'm not already on it.

Buy one (1)

koan (80826) | about 9 months ago | (#45967925)

And you're added to the "list".

Different than Good Tech or BlackBerry? (1)

ArhcAngel (247594) | about 9 months ago | (#45967931)

This sounds like a pitch for a replacement to Good Technology [good.com] or BlackBerry BES [blackberry.com] or MobileIron [mobileiron.com] but tied to a single Android phone. I mean the headline says it's a secure phone but it looks like it will require Silent Circle [silentcircle.com] as the communication go between. You can do that now on Android, BB 10, and iOS with BES 10. No special version of Android needed. Hate on BlackBerry all you want but they know security.

And the buyers will be... (1)

hazeii (5702) | about 9 months ago | (#45967963)

No, not terrorists or drug smugglers or other ne'er do wells.

The target market is politicians, sheriffs departments, lobbyists, corporations, bankers and sundry others who worry about their dodgy dealings coming to light.

At the core all cellular devices are for tracking (0)

Anonymous Coward | about 9 months ago | (#45968045)

The very notion that this is somehow going to be able to protect ones privacy is non-sense.

Under some circumstances it may be possible reduce the governments ability to track users via cellular although its still going to be a tracking device whenever the phone connects to the network.

Things you would need to begin to protect ones privacy:

1. A cellular device designed for data-only service (/w a secure texting application that had user authentication, public key/private key)
2. A separation of the CPU/ram from the GSM module (otherwise the modem can be used to spy on the user, modem firmware is always proprietary and can be remotely updated)
3. All traffic would need to be routed over Tor
4. One would have to use prepaid SIMs paid for in cash/bitcoins (anonymized of course)
5. There would need to be a way to turn the GSM modem on/off to avoid tracking when not sending/receiving messages
6. The user would have to control the send/receive such that it only made ones location apparent when pulling/sending messages

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?