Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

3/5/2014
11:55 AM
50%
50%

FreedomPop Debuts Encrypted Snowden Phone

Prepaid phone carrier promises secure messaging, anonymous browsing to security-minded customers.

Mobile World Congress: 5 Hot Gadgets
Mobile World Congress: 5 Hot Gadgets
(Click image for larger view and slideshow.)

FreedomPop on Wednesday debuted a smartphone it says is the answer for users looking to hang up on would-be snoopers. The Privacy Phone, which FreedomPop has dubbed the "Snowden Phone," employs encryption to safeguard communications and a third-party browser to block tracking and circumvent the worst of the Web.

The Privacy Phone is actually a refurbished Samsung Galaxy S II (circa 2011) that runs Google's Android operating system (although FreedomPop didn't specify which version of Android). It costs a mere $189, with no contract required. As an MVNO that uses Sprint's network for calls and messaging, FreedomPop offers low-cost (sometimes even free) service.

Loaded with security software from Private Communications Corp., the Privacy Phone takes a two-pronged approach to shielding owners' privacy. First, the essential communications tools -- voice calls and text messages -- are encrypted. Rather than passing calls and messages over traditional voice networks, FreedomPop relies on Sprint's LTE data network and sends calls through the Internet using VoIP and its own VPN. In addition to the encryption, the phone makes contacts, call history, and text messages confidential, so if the device is lost no one can access that information. FreedomPop claims it can block unsolicited incoming calls and texts, and the company will allow owners to change their phone number as often as they want.

[iOS users have a new security option for messaging. Read Cryptocat Wins Apple Approval.]

Second, all apps and Internet data on the Privacy Phone are also sent through a secure, encrypted VPN for anonymous Web browsing. The software, from Private Communications, manages all the permissions for apps and locks them down while also giving owners the option to loosen some of those restrictions when necessary. FreedomPop claims this allows the Privacy Phone to protect users against online marketers tracking Web activity, to defend against data monitoring, and to bypass website restrictions so users can connect to any site online. The tools also protect against viruses, malware, spyware, and phishing.

"In light of recent violations in consumer's privacy across social networks and mobile devices, privacy is becoming increasingly important to many Americans, and we all have a right to communicate anonymously," said FreedomPop COO Steven Sesar in a statement. "Large carriers don't have the flexibility, desire, or creativity to invest in privacy. We don't agree with this approach and felt it was up to us to create a truly private mobile phone service at an affordable price."

The phone is being sold at a rock-bottom price, and FreedomPop is offering early adopters three months of free service. The monthly plan includes unlimited voice and messaging as well as 500 MB of data. After the trial period ends, the monthly cost will go up to just $10. To further the appeal of its anonymous nature, FreedomPop is accepting payments in Bitcoin.

FreedomPop's effort follows closely on the heels of two other security-minded devices released in recent weeks. GeeksPhone fully revealed the Blackphone last month. The Blackphone runs a modified version of Google's Android platform called PrivatOS and is carrier- and vendor-independent. Geeksphone says it gives consumers and businesses control over their privacy. For example, the Blackphone, which uses security software from Silent Circle, can make and receive secure phone calls, exchange secure texts, transfer and store files, and video chat without compromising user privacy. Boeing also introduced a secure smartphone last month. Called the Boeing Black, the device will self-destruct if tampered with.

The devices come in the wake of Edward Snowden's revelations about the NSA and its mass data collection schemes, including details of voice calls made from cell phones. Surely some people value their privacy enough to plunk down cash for these secure smartphones. The tradeoffs, however, are unclear. Do all Android apps work on these phones, or do the security elements prevent many of them from functioning properly? Further, it's not clear how they might fit with individual business' security strategies and mobile device management tools.

Bottom line: Be sure to ask some hard questions before you pick up one of these secure smartphones.

Engage with Oracle president Mark Hurd, NFL CIO Michelle McKenna-Doyle, General Motors CIO Randy Mott, Box founder Aaron Levie, UPMC CIO Dan Drawbaugh, GE Power CIO Jim Fowler, and other leaders of the Digital Business movement at the InformationWeek Conference and Elite 100 Awards Ceremony, to be held in conjunction with Interop in Las Vegas, March 31 to April 1, 2014. See the full agenda here.

Eric is a freelance writer for InformationWeek specializing in mobile technologies. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Ninja
3/5/2014 | 4:46:03 PM
Testing or Certification?
The problem all these encryption technologies face is that there's no way for the average user to be certain that they're truly secure. The NSA has made it impossible to trust even accepted encryption protocols. And even if the technology turns out to be sound, there are so many other ways security can be compromised (e.g. a listening device in a room) that it hardly seems worth it to try to keep electronic data secret. A determined government-funded adversary will defeat whatever off-the-shelf solution you come up with.
micjustin33
50%
50%
micjustin33,
User Rank: Apprentice
3/6/2014 | 4:43:07 AM
Re: Testing or Certification?
Silent Circle and Geeksphone recently launched a Blackphone for providing encryption services that was a hug impact in the communications security industry specially on NSA. If you're privacy and security focused like me, you have got to have this.
shaunstevin
50%
50%
shaunstevin,
User Rank: Apprentice
3/6/2014 | 8:37:30 AM
Re: Testing or Certification?
we can protect our identities, data and remain private by using a PureVPN service. A Virtual Private Network is a network technology that creates a secure network connection over a public network such as the Internet.

http://www.purevpn.com/blog/kevin-mitnick-gives-solution-for-nsa-spying/
anon2533164292
50%
50%
anon2533164292,
User Rank: Apprentice
5/26/2014 | 6:35:31 AM
Re: Testing or Certification?
Its one of best service to secure your data and privacy. Alwayas use best vpn services
HelenD630
50%
50%
HelenD630,
User Rank: Apprentice
11/21/2014 | 10:21:13 PM
best vpn services
With all that's happening in the world, we really need to protect our privacy. VPN is really important. However, be very careful in choosing the right VPN as there are VPNs that claim they don't log your information but the truth is they do. The key is to look for the best vpn services in the market today. 
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
CVE-2021-31660
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.