9 Comments

Summary:

The device uses a secure version of Android and, judging by the pedigree of the team, it looks like a credible package for those seeking private communications.

Blackphone

In case you weren’t sure, your phone is not truly secure. The NSA and who-knows-who-else can hack into iPhone, Android and even BlackBerry devices. So here, finally, is a device that promises privacy in your pocket. Meet the Blackphone.

The first thing you need to worry about with promises like these is who’s behind them. In this case, it’s a solid crew – Blackphone comes from Silent Circle, the secure communications firm founded by PGP creator Phil Zimmermann and Jon Callas, which has set up a joint venture with the small Spanish handset maker Geeksphone. Geeksphone has made Android handsets for years, though generally for a specialist audience (its latest effort can run either Android or a version of Firefox OS).

Blackphone uses a security-focused version of Android called PrivatOS, that should be able to run all the normal Android apps. It can also be used for secure phone calls, texts, file exchange and storage, video chat and browsing, and it also anonymizes activity using a VPN. Much of this is doubtless based on Silent Circle’s existing secure communications products, and I’ll bet Dark Mail, the recently-crowdfunded secure email service from Silent Circle and Lavabit, will also find its way in there when it’s ready.

Zimmermann said in a statement:

“I have spent my whole career working towards the launch of secure telephony products. Blackphone provides users with everything they need to ensure privacy and control of their communications, along with all the other high-end smartphone features they have come to expect.”

Callas added a bit more detail in a video on the Blackphone website, saying:

“It’s configured, set up, modified so that the privacy aspects of it are all melded together from the security parts of the CPU to the hardware of the phone to the operating system and apps, so that just about everything that you do is private.”

Interestingly, the joint venture is based in Switzerland, which has probably the tightest privacy laws in the world and — being neutral — doesn’t willingly hand over data to anyone. The device is unlocked and Blackphone says it will be demonstrated at next month’s Mobile World Congress in Barcelona. Preorders will begin then too, on 24 February.

There could be a huge market for this device in business and also in the public sector. Depending on the as-yet-unannounced price, consumers might also bite. After all, the Blackphone team is promising a high-end handset that isn’t undermined by a data-extracting business model.

Privacy is the business model here. We’re going to see a lot more of that this year.

You’re subscribed! If you like, you can update your settings

  1. Wish they had a hardware switch for the cams and mics.
    And someone needs to figure out a way to hide the location data,even without GPS the phone can be located by the carrier. For now maybe the most secure phone would not have 3G/4G at all.

    1. There are indeed many details that we still need to see here, but Geeksphone is being quite tight-lipped ahead of Mobile World Congress.

  2. i would imagine this may be a decent idea for some who is already be watched, on the other hand i wonder if simply owning one of these would bring attention that would otherwise not exist.

    i would be surprised if the NSA is not already working to compile a database to keep track of everyone who owns one of these.

    privacy is better achieved by changing behavior not owning hardware that will attract extra attention.

    1. That depends on how many they sell and who the customers are. If the buyers are business people, as I suspect they would be, and there’s lots of them, there’s little reason to raise red flags. Would you have assumed that BlackBerry users, who were buying into a security-centric platform, were up to something?

      1. I think for business, the issue isn’t simply security, but security and control. From a compliance and discovery standpoint, businesses do not want to find themselves in the position of having to defend why some of their communications are present in a discovery or compliance record while others are not. The risk associated with this may outweigh the security benefit if the communications are truly secret and not retained. In the interest of full disclosure, I work for a vendor, Evizone, that focus’s on securing business communications. While security is a big part of what we do, policy-based management and retention is a required to mitigate the risk associated with incomplete records and non-compliance.

  3. I hope no one really believe this. The NSA StasiNet cannot be avoided. All encryption is, and has been, compromised.

    Talk face-to-face in a random area if you need complete privacy.

  4. Mobile Security=BlackBerry!!!

  5. For all we know the NSA could already have paid them for a backdoor.

    1. Sure, that’s always got to be in the back of our minds. But this is the guy we’re talking about: http://www.philzimmermann.com/EN/essays/WhyIWrotePGP.html

Comments have been disabled for this post