Slashdot Mirror

← Back to Stories (view on slashdot.org)

Encrypted Blackphone Patches Serious Modem Flaw (threatpost.com)

Posted by samzenpus on from the now-more-secure dept.

msm1267 writes: Silent Circle, makers of the security and privacy focused Blackphone, have patched a vulnerability that could allow a malicious mobile application or remote attacker to access the device's modem and perform any number of actions. Researchers at SentinelOne discovered an open socket on the Blackphone that an attacker could abuse to intercept calls, set call forwarding, read SMS messages, mute the phone and more. Blackphone is marketed toward privacy-conscious users; it includes encrypted messaging apps such as SilentText and Silent Phone, and it runs on a customized, secure version of Android, called PrivatOS.

1 of 27 comments (clear)

  1. Nvidia baseband source code was available by xarragon · · Score: 4, Informative

    The exploit is not in the baseband; it is a local socket on the phone accessible by apps with no special privileges (as far as I can tell).

    Phil Zimmerman gave a talk on the Blackphone at Defcon 22:
    DEF CON 22 How To Get Phone Companies To Just Say No To Wiretapping

    I have transcribed this from the time 26:10 in the video:
    26:10 Question from audience member:
            Hi, so traditional phones are dependant on the baseband processor,
            which has a whole lot of flaws depending on the protocols that they
            are using. What are you doing to mitigate baseband processor factors?

            Zimmerman:
            Yeah, that is a good question. We had a meeting at Nvidia, because
            Nvidia makes the chipsets that we are using for Blackphone.
            And Nvidia had apparently aquired a company a while back that
            made a baseband processor. It was built around a software defined
            radio.

            And I asked them that questiom; Can we do an independant security
            review for the for firmware for the baseband processor.
            And they said they would be open to that.

            In fact, they were delighted to have a customer expressing interest
            in really taking a close look at their baseband processor;
            no other customer had ever brought up the question before.

            You know, no other customer is as obsessive over it as we are.

    I guess they should have spent some time looking at their own stuff rather than other people's code in this case.