Slashdot Mirror
Phil Zimmerman Launching Secure "Blackphone"
judgecorp writes "Famed cryptography activist Phil Zimmerman is set to launch Blackphone, a privacy-oriented phone which allows secure calls and messages. The phone is a joint venture between Zimmerman's Silent Circle communications provider and Geeksphone, the creator of the first Firefox phone, and will run PrivatOS, a secure version of Android. Zimmerman says the venture will be taking orders for the devices from February 24, after it is unveiled at Mobile World Congress in Barcelona."
Can the software be adapted to other phones?
First he blows away that obnoxious black kid, now he's going to blow us away with a black phone!
... because otherwise there's no way comnunication via this device is guaranteed to be secure (and probably not even then)
This is going to end up a complete mess. Either no one will use them in which case they won't make much difference, only evil people will use them, in which case the US government will shut them down, or a lot of people will use them, in which case the US government will subvert them.
If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
An interesting choice. I guess it is only logical, since Zimmerman had to shut down his encrypted e-mail service SilentCircle in the US. I hope that more businesses will move their operations outside the US, it seems to be the only language the United States government understands.
Hardware feature I would like to see:
-LED on when camera is taking pictures/recording.
-LED on when microphone is recording.
-Looking like a normal phone, If it screams PRIVACY phone, one might think ik have somthing to hide.
Software features:
-Restrict apps to a sandbox without telling them that. (feed apps fake data instead)
-Some kind of firewall/virtualiszation between apps i use at home and work and real private part.
-Secure boot. rootkit prevention. Including option by bypass the secure boot for open source mods.
Marketing features i would like to see:
-Real use cases. (like work/home phone virtualisation.)
-privacy is always a tradeoff. being online means giving away some of your data. what trade offs are made?
-Access to some more technical details HOW the pricay part is implemented and what has not been implemented.
-Respected names from the pricacy industy who did have to do something in the design/implementation phase. trust is important.
and ... open source... so useful parts can be reviewed and ported to populars android mods.
Very fancy. Nice marketing. Lots of "CEO", "Co-founder", "CTO", "Chief engineer", "CMO" and so on being presented, but not a single word about the programmers who will realize the software that will become what the phone is about. For some reason this arrogant lack of credit annoys the hell out of me, and put an end to any interest I might have had.
as an american I was sorely disappointed when I realized id confused Phil Zimmerman with a Zimmerman of far greater notoriety. My definition of the Blackphone however became far more reasonable and tasteful.
Good people go to bed earlier.
I don't see how we can trust this new phone or any other device out there. So many companies have said we can trust them with our data, and then to no one’s surprise they've been found to be in bed with the NSA. We need to understand that we now live in a world where Big Brother is always watching. The only way we can stop this is to get rid of the NSA and other agencies like it. Unfortunately though, too many people are fine with being watched. They think that was long as they have nothing to hide there is nothing to worry about. They are mistaken and it will cost them more than they could have ever imagined.
...their "The team" page doesn't mention a single software or hardware developer involved in creating the phone. Why aren't they worth to be on display along with the CEOs and whatnot?
and it will no doubt employ WSS aka Wireless Security Standard (internal name: What Snowden Said).
Even if the phone is as secure as claimed, one of the biggest violations of privacy is the collection of location data. And no security feature on the device will prevent Verizon/AT&T/etc from knowing what tower it has contacted, or providing that to any agency it wishes to.
> -LED on when camera is taking pictures/recording.
> -LED on when microphone is recording.
No, no, no. What you want is a mechanical shutter over the camera, and a switch that physically opens the microphone's circuit (if you want convenience, make the microphone's switch be the camera's shutter).
With an LED, you have to trust the firmware to properly couple the light to the device. With a mechanical shutter, you can verify that it is physically impossible for the camera to see anything.
"They" know which SIM connects to which cell tower, so I don't understand how this phone prevents tracking. Did I miss something?
Meanwhile George Zimmerman is set to debut his prototype gun-phone.
Where do I buy SIMs for cash in the US?
Even if the phone is as secure as claimed, one of the biggest violations of privacy is the collection of location data. And no security feature on the device will prevent Verizon/AT&T/etc from knowing what tower it has contacted, or providing that to any agency it wishes to.
Obviously, you can't expect your location to remain anonymous while you're talking on the phone, but you can trust that when you turn off the Cellular radio, that it really is off and you're not being tracked when you drive to your mistresses house. Once you get there, you can use her Wifi to check for voicemails/txt's and still remain anonymous.
I posted these same thoughts last time I saw a "secure" phone on slashdot. Apparently it was long enough ago that it's no longer in my post history?
Regardless, there are two options I am aware of: 1) end to end encryption or 2) insecure messages/communication
The problem with #1 is that it requires secure devices on BOTH ENDS of the communication. You get very little bonus security if your device is secure, but the text messages, emails, phone calles etc. go unencrypted over the wire. That's fine, but now I have to persuade my parents and all my friends to get THIS exact phone, understand how it works well enough to set it up, and actually use those features.
I have a lot of respect for Zimmerman, but I'm extremely skeptical.
On the black phone, where did the PRNG come from?
How can we trust that the android version will be secure. As I see it, android is a data-monetization platform that also runs phones and tablets.
Not comforting at all.
Sure it is secure but how secure? We all know no security is perfect, who tested this? Also how can we know that NSA will not ADD a device on postal to search. Is there a feature which disable such option? How much is the expected price? How much will we need to pay for our privacy? Furthermore, can I buy the phone without getting my name registered?
They will be confiscated by the US border control, every time you pass it. No reason given.
I'm pretty sure GSMK beat them to this game with their Cryptophone a long time ago - http://cryptophoneaustralia.com
Does this device provide any protection against location tracking?
Give me Classic Slashdot or give me death!
I don't see any reason you couldn't route a call through Tor to hide your location. Of course, it's seeming more and more likely that parts of Tor have been compromised, so maybe that won't help all that much.
While I'm all for privacy and the government sticking it's nose out of my business I don't see how this phone really addresses the problem of privacy. The huge problem lately has been the governments sweeping up the meta data. So while your message may go through the system encrypted with this phone it's still going to leave a plain trail for everyone to see.
And placing the servers in Switzerland doesn't fill me with confidence for keeping the data safe either. They certainly caved pretty easily recently when it came to banking information so how fast is the government going to fold when the US wants the information to find terrorists and child molesters instead of tax cheats.
If Phil Zimmerman were involved in it I'd trust the security of the phone, it's just you don't just purchase one, but for everybody you call as well. One ain't going to do you any good.
I saw "Zimmerman" and "black" in the headline and I instantly thought a dreadful "Oh not this again!"
The Internet King? I wonder if he could provide faster nudity.
Is there ANYONE so stupid that they would fall for such a ploy?
-The ARM SoC used in the phone has unstoppable back-doors. Every major phone ARM SoC is fully compromised. This means regardless of external software, the NSA (and similar) can get at the raw keyboard, screen and speaker/microphone data.
-The base of the new operation, Switzerland, has a flawless record of assisting the NSA, GCHQ etc in every way possible. The Swiss government simply requests that data gather from anything sourced in Switzerland is not publicly revealed in court. Both the NSA and GCHQ have very recently reminded their governments that their intelligence must never be directly referred to during prosecutions, and if said intelligence is used in a criminal case, protocols MUST be used to 'recreate' the same data using standard police methods- effectively 'cloning' and faking the data for use in court.
-Android, created by the NSA's R+D arm, Google, is designed to be as insecure as possible to intelligence agency attacks. Private 'versions' hardly reverse this fact.
-Your mobile phone, from whomever, tracks your location in realtime for the NSA multiple times a minute, if it has ANY power (and can thus communicate with the local cell towers). Blackphone will be no exception.
---REMEMBER--
-Security starts with end point encryption.
-Software MUST encourage one-time pad methods where applicable
-the screen output, screen-based input, the speaker and microphone are all dreadfully weak spots for a mobile phone, and security solutions MUST attempt to solve these issues.
-it should be possible to communicate across the Internet WITHOUT the service provider being explicitly aware of this fact. Obviously you cannot hide your connection, but you can obfuscate the activity across that connection.
-when the NSA targets an individual phone in a front-line operation, no security methods are likely to work. However, the NSA (and other departments including police) often target small groups of people (usually for political reasons, like the fact they oppose the war crimes of Israel and its ally Saudi Arabia) using much more casual attacks, and it is this type of illegal police-state activity that can be largely foiled.
-Any commercial operation (especially if run by a big 'name') offering 'security' products MUST be considered a direct offshoot of the NSA- do I even have to point this out?
Look, here's a last thought. Justin Bieber (a singer most here will be proud to say they do not care about) had his HOME subject to a massive police raid, where a goon squad forced their way in and searched every inch. Why? Because there was supposedly a complaint about someone 'egging' a neighbour. If you are NOT actively on the side of Team Obama and his rolling Crimes against Humanity, you are an ENEMY OF THE STATE. What Bieber suffered would be familiar to any former resident of Stalinist Russia or East Germany- just as said former residents would have ZERO surprise at the aquittal of those uniformed depravities that beat that transient to death.
Snowden has revealed to even the most Obama-ass-licking sheeple that the NSA (funded with hundreds of billions of dollars a year, with a budget rising far faster than inflation) implements exactly what current technology allows, and has no other restriction. The NSA collects the CONTENTS (NOT just so-called meta-data) of every electronic message, and if required subjects this data to Google designed face-recognition, speech-to-text, and language translation algorithms. The data is stored, indexed, processed, mined and searched using hardware and software systems designed by Google.
Microsoft actively competes with Google to be MORE useful to the NSA and those that rule you. Microsoft boasts that its software is more back-door than product. Bill Gates himself gave you the obscenities of 'COMMON CORE', 'inBloom universal child surveillance' (in partnership with Rupert 'Fox News' Murdoch), and the NSA in-home spy-platform known as Kinect 2 (the sensor system tha
Given that silent circle has offices in the united states i can't see how anyone can trust its security.
seems to me if you wanted to make a secure device you would ensure to work with companies that can't be influenced by the USA
Consider a phone that tries wifi first, then (and only then) fails over to connecting to cell towers. It could even contain multiple sims and rotate through them so that the cell towers can't as easily pinpoint where you (which "you"?) are (you'd be using data plans to connect to a VoIP carrier to preserve having just one number), though this would mostly be hiding through obscurity; if enough people did this, it would be easy enough to write an algorithm that figures out the connection between most of your sim identities, though theoretically your time on wifi would make that harder to collate.
Of course, this means you'd have to pay for each sim card's plan ... maybe not so bad if they're all low-bandwidth and prepaid; most of your call time should be via wifi (at home, school, work). Maybe your phone would tell you how you're connected so you can SMS with "just a minute" and go find a wifi hotspot and then ring the caller back.
You're misunderstanding the purpose of the technology, I think.
The government can use MIB on the rooftops with parabolics, this phone doesn't and can't protect you from their minions.
"Evil people" avoid detection by using disposable phones and in-group jargon to avoid detection - they simply don't need or want this technology. They already buy cheaper, low profile generic phones with cash and just throw them away if they get known.
But this technology prevents the Sun from printing your conversation with the sexy nanny on page one. It prevents your neighbor from listening to your calls to your bookie on his scanner or baby monitor, too. Get it now? It's a big market segment... people who want a little privacy from nosy neighbors and service providers.
but your face will be heavily blurred by a cloud of pixels
They have to have an indicator somewhere saying they have not allowed any government access. Since it's their phones, maybe broadcast the fact of no-contact every day to all phones, and have the phones alert when they haven't received the notice.
Also, may want to to hash the binaries at their web site and make it available as a web service, and have a program to hash binaries for that version on the phone and check online. Make it SSL with certificates to avoid spoofing. This way, people can know if their individual phones may have been compromised.
If device security and privacy came down to just the OS, then Android could be secured by a group of like minded individuals. The problem isn't the OS but the hardware and the firmware that drives it. Android's radio image is proprietary and out of public view. This means there are going to be undetectable processes running on your phone regardless of what OS you load. So unless these guys are building their own chips and writing their own firmware, how can they guarantee privacy?
Aren't cell phones *required* to provide as much location data as possible for emergency services and the like?
Vintage computer games and RPG books available. Email me if you're interested.
For billing reasons, the cell phone company wants to know how much data your phone is using, which requires your phone to identify itself to the network. I don't see a clear way to do this without also letting the network know which tower the cell phone is connecting through. Of course, the cell phone companies could simply choose to forget the location data, but they don't.
Tor (theoretically) helps on WiFi, but not on cell internet. Using a prepaid SIM bought with cash might help a little, but probably not a lot.
http://www.oneluckyelephant.com
Layer one and two are the problem. Tor helps with layer 3 and 4. Your cell phone radio (layer one) has to give identifying information to the cell tower so the cell tower can authenticate it and link it to the network (layer 2). This is done continuously while the cell radio in the phone is on through the command channel. It's constantly checking in with all the cell towers within range so it can be determined which cell is the best for data connections and handing off to the optimal tower. So regardless of if and/or what your doing data wise they can triangulate based on the cell towers your phone is talking to and get a reasonable close location. Text messages also go through the command channel rather than a data channel explaining why you can often send a text message even when you can't get a call through.
Who is John Galt?
I think Tor is TCP only, so SIP is pretty much out of the question. Asterisk could work with IAX, Skype might work too.
Latency will be an issue. If it remains consistent thought you can get away with over 1 second of latency on a voice call - not much different than a call routed via satellite.
If latency fluctuates widely then jitter may become a problem. You'd need to compensate for that too. Jitter and high overall latency don't make for a good calling experience. I could see latency going above 2 seconds to compensate and that will not be great for an interactive phone call.
Yes, obviously. It can be surmised from the title of my post that the problem isn't the telco knowing where you're connecting, but that they're perfectly happy to collect and turn over that information to government agencies without a proper warrant.
Given that the NSA (and doubtless others) intercepts of packages, how the hell do you obtain one of these without the real risk of it being tampered with before the sacred unboxing?
Another candidate for my next phone, and one of the few where "privacy" was ever a consideration in its design. If I do buy one I'll have to make it hard to trace it back to me, I'm trying to stay off the Naughty List if I'm not already on it.
"When information is power, privacy is freedom" - Jah-Wren Ryel
unless the phone contacts first to wifi, then to other blackphones nearby forming a mesh network (that can be possible, but initially unlikely, due to low popularity of blackphone), then finally to some of available celltowers (not necessarily the one with strongest signal).
#
#\ @ ? Colonize Mars
#
Alternately, depending on the communications bus between the camera chip and the SoC, you can have an LED tied to one of the communications lines through some sort of buffer circuit
If you have a LED connected to the microphone circuit, someone could train a telescope on your phone and analyze its flicker to remotely overhear what you're saying.
And you're added to the "list".
"If any question why we died, Tell them because our fathers lied."
This sounds like a pitch for a replacement to Good Technology or BlackBerry BES or MobileIron but tied to a single Android phone. I mean the headline says it's a secure phone but it looks like it will require Silent Circle as the communication go between. You can do that now on Android, BB 10, and iOS with BES 10. No special version of Android needed. Hate on BlackBerry all you want but they know security.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
No, not terrorists or drug smugglers or other ne'er do wells.
The target market is politicians, sheriffs departments, lobbyists, corporations, bankers and sundry others who worry about their dodgy dealings coming to light.
All your ghosts are just false positives.
The very notion that this is somehow going to be able to protect ones privacy is non-sense.
Under some circumstances it may be possible reduce the governments ability to track users via cellular although its still going to be a tracking device whenever the phone connects to the network.
Things you would need to begin to protect ones privacy:
1. A cellular device designed for data-only service (/w a secure texting application that had user authentication, public key/private key)
2. A separation of the CPU/ram from the GSM module (otherwise the modem can be used to spy on the user, modem firmware is always proprietary and can be remotely updated)
3. All traffic would need to be routed over Tor
4. One would have to use prepaid SIMs paid for in cash/bitcoins (anonymized of course)
5. There would need to be a way to turn the GSM modem on/off to avoid tracking when not sending/receiving messages
6. The user would have to control the send/receive such that it only made ones location apparent when pulling/sending messages
You would probably want I2P instead of Tor (which was built only for browsing over TCP). I2P handles UDP-like traffic just fine, and is more resistant to compromise because its designed to safely distribute re/routing among all users. Its also pretty easy to adjust the number of relay hops, like trading anonymity/latency on a sliding scale.
Incidentally, the secret police haven't visited my hoa jlk -]=6y\ 9 90u[5y-gfdl;n;vzo8j......
[CONNECTION LOST]
The tough black mineral that won't cop out when the heat's all about.
.
Prisencolinensinainciusol. Ol Rait!
So what do you do when the grim-looking man with the black robe and no sense of humor orders that no such measures be employed on your website (i.e., don't kill the canary)? Go to jail just as if you'd refused to comply with the MIB, or give the world a false sense of security not by saying nothing about government oversight but by actively keeping the indicator (HTML tag?) in place. Your call
Oh, incidentally - CONTROL has agents ready to take over the administration and operation of your website should you prove uncooperative. Max and Hieme will see to it that the canary tags stay right where they belong, while the nice people with Federal Corrections see to it that you stay right where you belong.
at Redphone
Yours In Anonymity,
K. Trout, C.T.O.
Fully open source software would be a good *start*. It reduces the number of private parties you are forced to trust down to the hardware OEMs... and with clever enough architecture you can even keep hostile components at bay if your core processor is trusted.
But, eventually, the open source dynamic must be expressed in the hardware in order for multifarious communities of experts and users to develop a genuine trust relationship a smartphone, PC, etc. After 2013, there is no turning back from that eventual requirement. It may not show up on the roadmaps of 99% of most FOSS projects, but for many of them the hardware aspect will be hanging somewhere on their horizon.
Sound security isn't based on trusting a name. Show us the source if you expect to be trusted. I don't understand how Zimmerman still doesn't get that.
If you want a vision of the future, imagine a youtube comments section scrolling - forever.
... in the face of the bull.
There is no such thing as a secure device and the only private life one can hope for is one so boring that it is not worthy of notice.
i.e. The house with the bars on the windows is the best one to rob as it obviously contains something worth protecting.
Don't be obvious, don't get noticed.
He's failed before he's started.
Im sorry guys but have we not learned that no matter how hard we try we will always be watched? the only way to have a truly private conversation anymore is in a sealed room that you build yourself and even then your drywall has mics and cameras all in it if the nsa found out you were having this conversation. hell I've started throwing false positives around just to fuck with who ever is listening in.
weed, drugs, communism, child porn.
1.We know that US law requires all phones have backdoors for the cops.
2. I think this is the guy who did a speaking tour about 2 decades back saying he had been a good guy, but would have to sell out if the govt offered him enough money.
Sound security isn't based on trusting a name. Show us the source if you expect to be trusted. I don't understand how Zimmerman still doesn't get that.
Phil Zimmerman fought back as best he could, coming out with updates to PGP, as they kept charging him with something for years until one day they dropped all charges. Now MIT where you downloaded PGP from, I don't. I've still got PGP 2.6.2 g which was released years before MIT sold out to NSA.
If you have to trust someone for me it would be Phil Zimmerman, just as I do (cough) Google.
There may be a flaw in my thinking :} but it's that or just quit the Internet, using a phone, or filling out forms.
The backdoors mentioned is old news and due to MIT. Now I don't trust cloud storage ( “Swiss cloud”).