Not the best timing

Nasty Blackphone vulnerability allowed decryption and worse

The theoretically super-secure Blackphone had a very serious bug in its SilentText chat app, security researcher Mark Dowd revealed Wednesday after informing the phone’s makers. The vulnerability in Silent Text, which is also available for other devices from Blackphone backer Silent Circle, made it possible for attackers to decrypt messages, take over Silent Circle accounts, gather contacts and location data, and basically take over the phone. The flaw was patched before Dowd went public, and Silent Circle has expressed its gratitude. Probably not the best publicity for the firm as it criticizes other apps for their excessive permission demands on Data Privacy Day, though.

4 Responses to “Nasty Blackphone vulnerability allowed decryption and worse”

  1. exhibit44

    Computing and telephony are great because they scale up communication, and make it cheap cheap cheap. They’re not designed to replace the reliability of face-to-face communication. Bees are amazing for giving honey, but they’ll never pull your cart or give you milk.

  2. hundoman

    Why not just get a Blackberry and use their BES environment which has none of the problems that this so called secure Google Android OS seems to have on a regular basis.

    Heck with a Blackberry BES server you can even provide some real security for your Android, iOS, and Windows phone systems.

    • Because BES costs money, is targetting enterprise users, and is limited to users who are tuned to that BES.

      How on earth is an ordinary person supposed to get BES in order to have a secure phone?