Security-Focused BlackPhone Was Vulnerable To Simple Text Message Bug

mask.of.sanity sends this report from El Reg: The maker of BlackPhone – a mobile marketed as offering unusually high levels of security – has patched a critical vulnerability that allows hackers to run malicious code on the handsets. Attackers need little more than a phone number to send a message that can compromise the devices via the Silent Text application.

The impact of the flaw is troubling because BlackPhone attracts what hackers see as high-value victims: those willing to invest AU$765 (£415, $630) in a phone that claims to put security above form and features may well have valuable calls and texts to hide from eavesdroppers.

Re:pretty much expected.

[sasparillascott]

Um, because one of the guys at the top of that company is Phil Zimmerman who created PGP? And they moved the company to Switzerland to avoid the entangling fingers of the U.S. government surveillance state.

As to fixing bugs, that will always be an ongoing process. I'd like it better if they were open source, but I'd trust them better than most companies. JMHO...

Re:But, But

[ArhcAngel]

You meant that as a joke but when Microsoft first attained government security (C2 IIRC) certification for Windows NT there was a little asterisk by the cert. For the OS to be considered C2 compliant it must not be connected to a network in any way.