12:50 PM

Blackphone Promises To Block Snooping

Geeksphone and Silent Circle promise their new smartphone will lock out spies. But the details, including how it works, aren't clear.

Android Security: 8 Signs Hackers Own Your Smartphone
Android Security: 8 Signs Hackers Own Your Smartphone
(Click image for larger view.)

With NSA-fueled angst running amok, two mobile-focused companies, Geeksphone and Silent Circle, have joined forces to create the Blackphone, a smartphone designed to put users in control of their privacy. The Blackphone will be available unlocked and off-contract to users who want to maintain a firmer grip on their personal data.

Details about the Blackphone are sparse. Geeksphone designs consumer-grade smart devices that are perhaps best known for supporting Firefox OS. The Madrid company's Firefox-based smartphones are available online. Silent Circle was formed in Washington, DC, by a former US Navy Seal and provides encrypted communications services.

The Blackphone runs a modified version of Google's Android platform called PrivatOS and is carrier and vendor independent. Backers of the device say it will give consumers and businesses control over their privacy. For example, the Blackphone can make and receive secure phone calls, exchange secure texts, transfer and store files, and video chat without compromising user privacy. Neither Geeksphone nor Silent Circle provided information on how the Blackphone accomplishes these feats.

[Is Firefox more trustworthy because it's open-source? Read Mozilla's Eich: Trust Us, We're Open.]

One of the chief architects of the Blackphone is Phil Zimmermann, creator of PGP. "I have spent my whole career working towards the launch of secure telephony products," he said in a press release. "Blackphone provides users with everything they need to ensure privacy and control of their communications, along with all the other high-end smartphone features they have come to expect." He did not say exactly what those features are.

Without revealing any hardware specs, the Blackphone website claims that the device ranks "among the top performers from any manufacturer" based on industry benchmarks. A mock image of the device on the website shows what appears to be a typical Android smartphone with a slim profile and large screen. "It comes preinstalled with all the tools you need to move throughout the world, conduct business, and stay in touch, while shielding you from prying eyes," the website says. "It's the trustworthy precaution any connected worker should take, whether you're talking to your family or exchanging notes on your latest merger and acquisition."


Also absent are details on pricing and availability. Will the device be sold worldwide or restricted to certain markets? Will those encrypted services require a monthly service fee to Silent Circle, or can owners get all the benefits from any carrier? How will businesses integrate the Blackphone into their security programs?

Blackphone is accepting email addresses from those interested in the device. Its official launch is scheduled for Feb. 24, but more information will be provided ahead of that during the Mobile World Congress in Barcelona.

What do you think? Do we need a phone like this? Would you buy one, Or is it just a gimmick banking on today's snooping-averse climate?

Eric is a freelance writer for InformationWeek specializing in mobile technologies.

Incidents of mobile malware are way up, researchers say, and 78% of respondents worry about lost or stolen devices. But while many teams are taking mobile security more seriously, 42% still skip scanning completely, and just 39% have MDM systems in place. Find out more in the State Of Mobile Security report (free registration required).

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Thomas Claburn
Thomas Claburn,
User Rank: Ninja
1/15/2014 | 3:44:40 PM
There's no way to tell until it's released and its source code is available. But even if it fulfills its proimises, it's one link in a long security chain. How many people will buy it then make calls from public places where they can be overheard or where an adversary can monitor the conversation with a directional mic?
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If you’re still focused on securing endpoints, you’ve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio