Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Phil Zimmermann's 'Spy-Proof' Mobile Phone In Demand

Soulskill posted about 3 months ago | from the protecting-against-all-but-the-dumbest-users dept.

Cellphones 107

An anonymous reader writes "BlackPhone was designed by Phil Zimmermann (inventor of PGP). The 4.7" display phone features a 2 GHz NVIDIA Tegra 4i ARM Cortex-A9 quad-core processor with 60 GPU cores, 1GB RAM and 16GB storage [more specs]. The OS is a customized version of Android called PrivatOS which offers encrypted calls, texts and emails that can't be unscrambled even by spy agencies. It also offers built-in resistance against malicious software which will be most welcomed for users worried about free Apps that are becoming increasingly invasive, if not pure data collection spyware for unknown 3rd parties. It's coming out this June, and many Fortune 50 companies have already ordered the phone to protect against industrial espionage."

cancel ×

107 comments

Sorry! There are no comments related to the filter you selected.

And the modem firmware? (1)

Anonymous Coward | about 3 months ago | (#47002651)

Does he have Qualcomm on board or what?

Re: And the modem firmware? (1)

halo1982 (679554) | about 3 months ago | (#47002871)

Why would he need Qualcomm when the phone uses an nVidia baseband?

open source? (0)

Anonymous Coward | about 3 months ago | (#47002685)

Is it open source? Including the firmware of the Baseband processor?

Bootloader unlockable? (2)

mlts (1038732) | about 3 months ago | (#47002753)

I wonder if the bootloader is unlockable so one can make their own ROM for it. The ideal is the ability to type in "fastboot oem unlock", flash a ROM, then relock the bootloader. That way, if someone wants to reflash, they have to re-unlock the bootloader (triggering an erase and TRIM cycle of the /data partition.)

Re:Bootloader unlockable? (1)

LordLimecat (1103839) | about 3 months ago | (#47004015)

Doesnt re-locking the firmware make it impossible to get updates unless theyre signed?

Re:Bootloader unlockable? (1)

LordLimecat (1103839) | about 3 months ago | (#47004049)

Nevermind, it does not.

Re:Bootloader unlockable? (0)

Anonymous Coward | about 3 months ago | (#47004387)

Nevermind, it does not.

Dipshit.

Re:open source? (5, Interesting)

Aaden42 (198257) | about 3 months ago | (#47003261)

It doesn’t (necessarily) need to be, though it would be nice. If the Android-level interface to the baseband is sufficiently limited, and if all “secure mode” operations (encryption) are handled purely in Android and passed off as a ciphertext stream through the baseband, a subverted baseband would have limited ability to cause issues.

Problems for an untrusted baseband are:
1) If the OS will (or can be forced to) accept any type of control from the baseband (rather than exclusively the other way around), the baseband can take over the “secure” OS.
2) The baseband can leak private information passed through it to a third party.

Note that as a special case of #1, audio stream communication between baseband and OS is often implemented as some variety DMA or shared memory. Care would be required to ensure the baseband was incapable of reading or writing any portion of system memory other than what was explicitly setup by the OS for DMA. A hardware MMU or even physically separate DRAM circuitry could ensure this.

So long as the baseband has no avenue for exerting control over the OS, the OS can’t be tainted by a subverted baseband. If all information passed through the baseband in indistinguishable from entropy, the baseband funneling it off somewhere else has limited value absent some other attack on the crypto (including $5 wrench).

The last remaining attacks would be location leaks (which can be carried out against even an untainted baseband with CellCo assistance anyway) and the possibility of injecting forged traffic that might trick the user into doing something insecure. Well-designed UI should ensure that cryptographically authenticated communications are always distinguishable from untrusted.

Not saying having a fully open baseband wouldn’t be a really nice thing, but there are well established and sufficiently secure ways for sandboxing an untrusted baseband within an otherwise secure design.

Re:open source? (2)

currently_awake (1248758) | about 3 months ago | (#47003749)

What would be nice is if ALL external communications was on a separate processor. That way a security breach in your OS won't let the NSA intercept your data, and a security breach in your baseband won't let an attacker access your data/camera/microphone. The biggest issue is key handling/exchange. For you to talk with another phone you must share a key. How exactly do they manage that?

Re:open source? (3, Insightful)

Immerman (2627577) | about 3 months ago | (#47006649)

>For you to talk with another phone you must share a key. How exactly do they manage that?

Well if they both offer a rear-facing camera for video chat you could point the screens at each other for a moderately high bandwidth QR code based video stream. A few dozen bytes a frame (Version 3 QR code = 50 characters@5.5bits), times maybe 10 frames per second should be crude enough and slow enough to provide reliable data link, and it would be fast enough to communicate a 2048-bit key in under a second (2.75kbps)

Re:open source? (1)

AmiMoJo (196126) | about 2 months ago | (#47007719)

You know Zimmerman invented the first public key cryptography software available to the general public, right? You simply send your public key, and it doesn't matter if the NSA/GCHQ intercepts it because all they can do is send you messages with it. They can't even spoof the person you are trying to communicate with because they need that person's private key to do so, and they only sent their public one.

Re:open source? (1)

Sloppy (14984) | about 2 months ago | (#47008107)

If all the I/O is subverted, then you better make sure you really sent your key, though.

Crazy sci-fi dystopian future scenario is that Alice's software decides to send her key as qrcodes [slashdot.org] but then actually displays Eve's key's qrcodes but also sends Alice's public key over covert channel. Then the Bob's software, wishing to display a fingerprint for its new key (Eve's) on screen, does that. Except its subverted I/O shows Alice's fingerprint instead. Bob reads the fingerprint out loud and Alice says "Yep, that's mine" (because it is) in spite of the fact that Alice really has the wrong key. Later, Eve MitMs everything Bob and Alice say to each other.

Sounds like a lot of work and requires her subverted subsystems to be quite powerful. (It has to understand the intent of everything that goes up on a screen in real time, and do replacements.) That's ridiculous and there's no way it'll happen before 2114. *sigh* That probably means someone is already doing it successfully. ;-)

Re:open source? (2)

ameline (771895) | about 3 months ago | (#47004723)

I think any designer of a "secure" phone needs to assume that the baseband is running hostile software.

If the baseband has write access to application cpu ram, you're screwed.

There needs to be uncompromised hardware enforced protection to ensure the baseband cannot write to application ram or to the flash memory of the application processor. I'd be very suspicious of DMA capabilities under control of the baseband unit.

I'm not saying it's impossible to make a secure phone, but you as a creator of such should assume that every byte of code not under your control is out to get you. (including closed source graphics drivers).

I'd also be nervous of the toolchain/compiler. That classic Thompson compiler attack (http://cm.bell-labs.com/who/ken/trust.html) is a worry.

Re:open source? (2)

Immerman (2627577) | about 3 months ago | (#47006667)

Indeed. Perhaps it could be designed so that the baseband communicates with all the normal DMA tricks to a minimalist flipphone-grade CPU+ram, which is then internally networked to a separate, trustworthy CPU/RAM/Flash - essentially making for two phones in one. As an added bonus standby power consumption could be potentially much lower - the second computer could be powered down completely except when manually activated or woken by the power-sipping flip-phone core.

Link is broken (0)

Anonymous Coward | about 3 months ago | (#47002727)

The UK Yahoo news link is Broken in post.

Limited market (1)

wcrowe (94389) | about 3 months ago | (#47002741)

I can see how this would work for blackphone-to-blackphone communication. What about people who call me or text me who don't have a blackphone? Those calls and texts are not going to be encrypted.

I think the market for this thing will be limited, at least for the immediate future.

Re:Limited market (1)

Anonymous Coward | about 3 months ago | (#47002971)

Of course it'll be limited. This sort of thing only has appeal to secretive companies, spies, criminals, terrorists, and paranoid nitwits like we often see here who have no reason to be spied on, but hallucinate danger. Most of us have no need for something like this, and a more open product is better for us.

Re:Limited market (0)

Anonymous Coward | about 3 months ago | (#47003203)

*Everyone* has a need for this. It should be standard practice to utilize technology to support privacy.

Re:Limited market (3, Informative)

Charliemopps (1157495) | about 3 months ago | (#47003081)

It wont work.

I use textsecure: https://play.google.com/store/... [google.com]
and redphone: https://play.google.com/store/... [google.com]

which encrypt text and calls to other people who use it. Which includes my wife... because I installed it for her... and that's about it. My paranoid friends that might use such things wont even get a smartphone so... yea...

anyways, both applications are pretty good. I'm with Verizon and they have a TERRIBLE messaging app that they replaced the standard android app with. It literally crashes my phone it's so bad. So I replaced it with this. The only annoying bit is having to enter your password if you reboot the phone. Textsecure even sends the texts via the internet rather than using the cellular network to save you messages if the other users got it as well.

Re:Limited market (3, Insightful)

geekoid (135745) | about 3 months ago | (#47003199)

Of course, what is the most used pieces of informaiton gathered from a phone? location and history of location.

Re:Limited market (1)

mlts (1038732) | about 3 months ago | (#47003719)

First thing one should do with almost all Android devices (GPE devices are a cautious exception) is to re-ROM them. I've not really been impressed with Verizon's text app myself, so I prefer a replacement.

In any case, having the ability to encrypt phone and SMS conversations in an app, completely separate and independent from the OS is a boon. An eavesdropper would have to go from being passive to actively interacting with the apps or actively reading/scanning memory for keys to upload.

With newer versions of Android demanding a password on reboot to decrypt /data, the time it takes to type in a second password isn't that much, assuming the ROM one is using is stable enough not to require frequent power cycles.

All and all, we need more of this stuff. It would be nice to have programs PGP/gpg compatible and some standard so all apps use one's private key (similar to client certificates, but not using the TLS/SSL mechanism, but using PGP's WoT.)

Re:Limited market (1)

Anonymous Coward | about 3 months ago | (#47004053)

Of course that is only as secure as the user of the phone allows it to be. Once malware is injected using one of many vulnerabilities/exploits, from browsing the web, email, apps, whatever, that "secure" app will be compromised.
The blackphone does not have this problem.

Re:Limited market (0)

Anonymous Coward | about 3 months ago | (#47006895)

> Once malware is injected using one of many vulnerabilities/exploits... that "secure" app will be compromised.

You don't know how Android works.

Each installed Android app is run as a separate user.
App permissions are handled by controlling which groups each user belongs to.

Barring any sort of Linux privilege escalation bug, the kernel provides very robust program isolation.

Re:Limited market (0)

Anonymous Coward | about 3 months ago | (#47004665)

Textsecure even sends the texts via the internet rather than using the cellular network to save you messages if the other users got it as well.

What does this mean?

Re:Limited market (0)

Anonymous Coward | about 3 months ago | (#47005607)

just use Lockify for secure text and email.

https://chrome.google.com/webstore/detail/lockify/aiigoloogeminempipceaikpnaimbekd?hl=en-US

Spy-Proof; Not Court-Proof (5, Insightful)

ObsessiveMathsFreak (773371) | about 3 months ago | (#47002781)

You can develop all the security technologies you like. They'll be worth precisely nothing when the NSA sends a pup of an agent with a national security letter to seize your files, equipment, and force your co-operation under penalty of imprisonment. The courts remain the ultimate root-kit.

Re:Spy-Proof; Not Court-Proof (5, Funny)

Anonymous Coward | about 3 months ago | (#47002891)

Only third-world countries with no human rights operate like that.

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47003039)

Third world countries like . . . the U.S.? The NSA rubber stamp court gives it access to EVERYTHING.

Re:Spy-Proof; Not Court-Proof (1)

Desler (1608317) | about 3 months ago | (#47003061)

thatsthejoke.jpg

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47006765)

UK operates this way and bits up for discussion on slashdot several times. You can get up to 10 years imprisonment each time.

Re:Spy-Proof; Not Court-Proof (4, Insightful)

houstonbofh (602064) | about 3 months ago | (#47002909)

But you will know. They will not be able to listen in without you knowing. That is a big deal.

Re:Spy-Proof; Not Court-Proof (1)

Krojack (575051) | about 3 months ago | (#47003121)

Are you sure of this? I always say, It it's created by humans then it can be cracked. You do know the NSA will be ordering a lot of these phones and quickly tearing them apart looking for exploits.

Re:Spy-Proof; Not Court-Proof (2)

L4t3r4lu5 (1216702) | about 3 months ago | (#47007003)

I always say, It it's created by humans then it can be cracked.

Yeah, but can it be easily cracked, or cracked within the time frame that the information is still useful? If a criminal can MITM my internet banking and get all of my savings, that is A Bad Thing. In 2006 [theguardian.com] we could crack Enigma in 4 days with then-modern home PC hardware and an optimised brute force routine. That is absolutely fine; The people who benefited from its use are mostly dead, the war is over, there's no need for the security anymore. In fact, Enigma was so good that almost all of the successful cracks were based on operator error; Enigma was unbreakable at the time when operated correctly.

Just because something can be cracked doesn't mean it's not fit for purpose.

Re:Spy-Proof; Not Court-Proof (1)

geekoid (135745) | about 3 months ago | (#47003237)

You can't hide secrets of the future with math. The path of technology history is littered with the bones form 'unbreakable/unhackable/uncrackable' products.

I wonder how you update the phone? Or prevent someone from installing a keylogger?

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47003797)

One time pad.

Re:Spy-Proof; Not Court-Proof (1)

houstonbofh (602064) | about 3 months ago | (#47004311)

You can't hide secrets of the future with math. The path of technology history is littered with the bones form 'unbreakable/unhackable/uncrackable' products.

I wonder how you update the phone? Or prevent someone from installing a keylogger?

However, there are several encrypted message from WW2 that are still unbroken. And it doesn't change the fact that you know they are not listening NOW.

Re:Spy-Proof; Not Court-Proof (2)

Frosty Piss (770223) | about 3 months ago | (#47003385)

But you will know. They will not be able to listen in without you knowing. That is a big deal.

I though everyone assumed that they were listening? Snowden, you know? Ever heard of COINTELPRO? They have been listening for a long long time.

Re:Spy-Proof; Not Court-Proof (1)

Eythian (552130) | about 3 months ago | (#47005439)

That's the point of this whole phone. So you can assume that they're not listening.

Re:Spy-Proof; Not Court-Proof (4, Insightful)

tapspace (2368622) | about 3 months ago | (#47003531)

Someone should enshrine that in some sort of high code of law upon which all other laws will be based in some sort of new democratic society...

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47007117)

If only it were that simple.

Re:Spy-Proof; Not Court-Proof (1)

Raenex (947668) | about 3 months ago | (#47007179)

But you will know. They will not be able to listen in without you knowing.

How so? They use a National Security Letter to order a wiretap, which in this case means implanting a backdoor. Similar tactics have been used on other people offering encyrption software. Unless you build and program the phone yourself from trusted parts, you're at the mercy of your provider, and the provider is at the mercy of government.

You really can't expect anything different from the same government that secretly (though with ISP help) installed taps onto all of the major ISPs, can you?

Re:Spy-Proof; Not Court-Proof (1)

Anonymous Coward | about 3 months ago | (#47003027)

You can develop all the security technologies you like. They'll be worth precisely nothing when the NSA sends a pup of an agent with a national security letter to seize your files, equipment, and force your co-operation under penalty of imprisonment. The courts remain the ultimate root-kit.

It should be fairly obvious even to the technical baboons we often find behind the bench that the secure side of the device is limited by definition. One cannot be ordered to produce that which does not exist or was destroyed long ago through sound data attrition policies.

Therefore, order away courts, you're not going to be able to unring that bell, which is kind of the entire point of this exercise. To make it in fact, Court-Proof.

Sad to say, it has come to this.

Re:Spy-Proof; Not Court-Proof (1)

viperidaenz (2515578) | about 3 months ago | (#47003195)

So how exactly is a warrant going to get them copies of your encrypted phone calls that haven't been stored on your device?

Re:Spy-Proof; Not Court-Proof (1)

Actually, I do RTFA (1058596) | about 3 months ago | (#47003321)

It gets them a feed into the microphone/earpiece on the other phone, and a gag order giving your friend 20 years in jail if he warns you. And a plea deal where he gets 6 months if you confess, or 20 years if he doesn't convince you to.

Re:Spy-Proof; Not Court-Proof (2)

viperidaenz (2515578) | about 3 months ago | (#47003731)

That's not the problem this device sets out to solve. Nor is it a problem any communication device can solve. If you can't trust the person on the other end after you've verified who they are, technology can't help you.

Re:Spy-Proof; Not Court-Proof (1)

Anonymous Coward | about 3 months ago | (#47004529)

Assuming you *do* trust them, use what agents in WW2 used: a security code (agreed in advance, face to face.)
Example, I announce my name on the phone as "Anonymous Coward", then I'm identifying myself, & also saying all is well here.
But if I say "Anonymous J. Coward" (assuming J is my real middle initial), I'm warning my correspondent that I have been coerced.
Very hard to prove anything in court about that.

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47006835)

plea deal where he gets 6 months if you confess, or 20 years if he doesn't convince you to.

you missed that part. But then again, this isn't a problem this phone claims to solve.

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47003393)

They'll already have the encrypted phone calls since those are captured over the network... the warrant will be for your encryption key, which you'll freely provide if you don't want to have a long vacation in Gitmo.

Re:Spy-Proof; Not Court-Proof (1)

petermgreen (876956) | about 3 months ago | (#47005761)

In many such systems there is simply no such thing as "your encryption key", a key is agreed for the session and then discarded afterwards.

Spy-Proof; Not Court-Proof (1)

Anonymous Coward | about 3 months ago | (#47003337)

Your argument is defeatist.

Court or not, this is a great step towards "doing all we can" to counteract unlawful snooping.

Re:Spy-Proof; Not Court-Proof (1)

OrangeTide (124937) | about 3 months ago | (#47003683)

I'm waiting for there to be a law against counteracting unlawful snooping.

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47003405)

Even if you are Chancellor of Germany?

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47004403)

Nah, too much cipher text to go through. Especially from the streams of white noise being used as cover... (surely I am not the only one streaming gigabits of noise cipher into the NSA machine? ;) The law doesn't always help them either, that's why they have to break it to get their data. This works both ways though, and as near as I can tell Snowden has leaked a lot more of their data than they have mine. So who is winning?

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 3 months ago | (#47004497)

boo

Re:Spy-Proof; Not Court-Proof (0)

Anonymous Coward | about 2 months ago | (#47008021)

Cryptanalysis via rubber hose?

FailZors (-1)

Anonymous Coward | about 3 months ago | (#47002803)

had at lunchtime Another charnel over to yet another for membership. Lay down paper it wiil be 4mong they started to like they are Come

Re:FailZors (0)

Anonymous Coward | about 3 months ago | (#47003413)

what's the point of sending badly written bots to slashdot to make posts like this? why bother to do this? you're not even advertising a product here.

Re:FailZors (1)

koreanbabykilla (305807) | about 3 months ago | (#47004167)

I have seen theories its a numbers station lol. Who knows why people do most the weird shit they do though.

Re:FailZors (0)

Anonymous Coward | about 3 months ago | (#47004573)

Using up mod-points? Send in a bunch of random-bots. Then immediately afterwards, send in the spam-bots.

Or else testing/training the code with seemingly harmless gibberish before changing the payload?

[I also like the numbers station idea.]

Free with phone: (1)

GameboyRMH (1153867) | about 3 months ago | (#47002805)

Lifetime membership in the NSA's Super Special Pals club! They'll be thinking about you all the time!

Re:Free with phone: (1)

houstonbofh (602064) | about 3 months ago | (#47002915)

Unless it gets popular. Then it will just be the one finger wave.

battery? (1)

magarity (164372) | about 3 months ago | (#47002839)

How big does the battery have to be to keep all those cores running? Must take up half the interior.

Re:battery? (1)

houstonbofh (602064) | about 3 months ago | (#47002943)

It's not like anyone with a modern smart phone doesn't keep it plugged in all the time anyway. Notice how they do not call them "cordless" anymore...

Re:battery? (0)

Anonymous Coward | about 3 months ago | (#47003165)

from first hand experience with samsung galaxy s2 and an htc one, i know that's the case with android models due to android's rampant cpu usage even in idle state, but ios phones go for days between charges. i'm right now looking at my gf's apple 4s phone and it has 21% battery left with 4 days and some hours of standby and 5 hours of active use according to the usage section.

Shill much? (0)

Anonymous Coward | about 3 months ago | (#47004929)

with android models due to android's rampant cpu usage even in idle state, but ios phones go for days between charges

Oh bullshit. I keep my Android (Samsung) turned on 24/7 and it typically pulls 3-4 days between charges. (Over 5 days if I let it go until it switches itself off.) That's based on actual use over a year, not what the phone tells me. If I turn it off overnight, every night, it barely changes the time between charges. Idle is clearly not consuming much. (Which is why I just leave it on.)

Re:Shill much? (1)

Actually, I do RTFA (1058596) | about 3 months ago | (#47005123)

If I turn it off overnight, every night, it barely changes the time between charges. Idle is clearly not consuming much.

Or "off" is consuming far more power than you would think.

Re:battery? (1)

geekoid (135745) | about 3 months ago | (#47003259)

I use a nexus 4. I plug it in before bed, unplug it in the morning when it's alarm goes off.

So, not it's not plugged in all the time, or even most of the time.

Re:battery? (0)

Anonymous Coward | about 3 months ago | (#47002969)

This is true for many devices.
The iPad, for example, is mostly battery in the chassis. The motherboard fits in the upper right corner, and is about 4in x 2in in size, compared to the battery which is at least 3x/4x larger.

Re:battery? (0)

Anonymous Coward | about 3 months ago | (#47003059)

Android isn't very power-efficient either way. It likely sits at the same 24 hour battery time as all other Android-powered models. In other words, a stationary smartphone.

Backdoored (0)

Anonymous Coward | about 3 months ago | (#47002865)

Obvious one...

RedPhone from Whispersystems ( +5, Good ) (0)

Anonymous Coward | about 3 months ago | (#47002901)

is available here [whispersystems.org] .

Enjoy !

And who makes the baseband? (0)

Anonymous Coward | about 3 months ago | (#47002903)

And who makes the baseband, arguably the most important part of the phone for privacy reasons, as it's the one directly connected to the microphone et al.

Re:And who makes the baseband? (2)

Desler (1608317) | about 3 months ago | (#47003007)

Nvidia through their acquisition of Icera. It's a software modem.

Re:And who makes the baseband? (3, Informative)

viperidaenz (2515578) | about 3 months ago | (#47003231)

It's not directly connected to the microphone. That's connected to an audio codec controlled by the application processor.

Ultimate security (0)

Anonymous Coward | about 3 months ago | (#47002923)

Your calls, texts, and emails can only be decrypted by another BlackPhone, so you most likely won't have anyone to talk to, thus making for the perfect security system.

Who except for criminals and terrorists are actually going to buy this thing, or am I missing something?

Re:Ultimate security (1)

viperidaenz (2515578) | about 3 months ago | (#47003247)

RTFS

many Fortune 50 companies have already ordered the phone to protect against industrial espionage.

Re:Ultimate security (1)

Zero__Kelvin (151819) | about 3 months ago | (#47003257)

"Who except for criminals and terrorists are actually going to buy this thing, or am I missing something?"

I'm going to go with ... "Half a Brain" FTW!

Whoa, 60 GPU cores! (0)

Anonymous Coward | about 3 months ago | (#47003003)

Gotta highlight that in a phone aimed at privacy and security.

Re:Whoa, 60 GPU cores! (1)

Krojack (575051) | about 3 months ago | (#47003173)

Yet only has 1 gig of RAM. I won't even look at a phone unless it has at least 2.

Re:Whoa, 60 GPU cores! (0)

Anonymous Coward | about 3 months ago | (#47003485)

this is for secure comms, you'd be an idiot if you bought it to run angryBirds on it.

Re: Whoa, 60 GPU cores! (0)

Anonymous Coward | about 3 months ago | (#47003523)

GPU cores are good at math. This phone will do a lot of encryption which involves math. That seems relevant to me.

YOU are the weakest link (0)

Anonymous Coward | about 3 months ago | (#47003009)

If your phone itself is the weakest link in your security chain I envy you.

It's a trap! (0)

Anonymous Coward | about 3 months ago | (#47003019)

Phil Zimmerman has been compromised. Stay well away!

Carriers (1)

Gryle (933382) | about 3 months ago | (#47003227)

In all seriousness, what US carriers will let you use this phone? I can't see this being offered in-store to every Joe Friday that walks in off the street (the demand isn't high enough, depressingly) and most carriers like you to buy a particular phone to use on their particular network. How do I go about using one of these (well, two of these) in day-to-day activities?

Re:Carriers (0)

Anonymous Coward | about 3 months ago | (#47003353)

T-Mobile for one. Even though they don't talk about it you can actually use a phone you got elsewhere on AT&T's network as well. I though do find it a bit of a tragedy that CDMA is superior to GSM (TDMA) in nearly way, except only GSM gives you a SIM (though phones from carriers are generally locked). I've yet to hear of CDMA worldphones, despite how some countries are CDMA-only...

Re:Carriers (1)

Desler (1608317) | about 3 months ago | (#47003703)

There are CDMA worldphones. They are simply multi-mode phones.

Re:Carriers (1)

Desler (1608317) | about 3 months ago | (#47003441)

Why would you need to buy one in a carrier store? Simply buy a SIM card from the carrier and put it in your phone. That's as trivial as it is to use it on either AT&T or T-Mobile.

Not sniping, genuinely curious... (1)

FatLittleMonkey (1341387) | about 3 months ago | (#47004991)

Have you honestly never heard of people buying SIM cards for existing phones? Outright purchase? Unlocked phones?

Re:Not sniping, genuinely curious... (1)

Gryle (933382) | about 3 months ago | (#47005647)

No, not really, not outside of something like a GoPhone or a similar "burner"-type program. Then again, I still have a flip-phone (Samsung Rubgy II to be exact) and if I didn't have to have it for work, I'd not have a cellphone at all.

Re:Not sniping, genuinely curious... (1)

FatLittleMonkey (1341387) | about 3 months ago | (#47005955)

Next time you are in a supermarket, have a look at their handset/recharge/charge-card display. Chances are they have dozens of "pre-paid starter kits" for every carrier (and reseller) in your area. These contain just a SIM card, no handset.

Even with carrier-locked handsets, you can normally use any new SIM kit from that carrier. More importantly, you can buy almost any brand of handset unlocked from the manufacturer, and hence run any SIM kit from nearly any carrier. This is particularly useful for travellers who want to avoid the hideous "international roaming" charges from their own carrier.

Carrier-approval is only required for subsidised phones sold through their own branded outlets. And my guess is that the Fortune500 companies buying these crypto-phones for their senior people are going to buy them outright, unlocked, not wait for carrier-subsidised versions to come out.

Re:Not sniping, genuinely curious... (1)

Gryle (933382) | about 3 months ago | (#47007485)

Learn something new every day. Thanks for the information.

Is the Hardware safe? (0)

Anonymous Coward | about 3 months ago | (#47003653)

How do the creators know the hardware is not corrupted? NVIDIA could have added/changed something, or the foundry, or the manufacturer of the board and supporting chips, or the microcode, or the other computer which controls the phone and antenna (all cell phones have this) ...? The android/software part seems like the least of concerns.

Re:Is the Hardware safe? (0)

Anonymous Coward | about 3 months ago | (#47005045)

It isn't meant to prevent targeted spying. After all, they could clone the damn thing, substitute their bugged replacement at the airport as you pass through security. Similarly it can't stop them recording everything you do (encrypted) for a few months, then getting a court-order to seize your phone (and its crypto keys), to enable them to retroactively decrypt everything they've recorded.

It's meant to stop routine vacuuming of everything from everyone. It's meant to make it harder for them.

A firewall doesn't protect the data on your harddrive from an attacker who is in a position to physically remove the drive from your computer, does that mean you advise people not to run a firewall? A password doesn't protect you if the attacker can record your keystrokes, does that mean you shouldn't use passwords?

Cause the government got tired of backdoors (1)

penguinoid (724646) | about 3 months ago | (#47003777)

from other people, interfering with theirs?

not spy-proof (0)

Anonymous Coward | about 3 months ago | (#47003827)

It not spy-proof, the output of the speaker and display are not encrypted.

is it American ? (0)

Anonymous Coward | about 3 months ago | (#47004139)

because these days thats the only question you need to ask.

Pff (1)

Greyfox (87712) | about 3 months ago | (#47004389)

The NSA already knows about those live goat porn sites you browse, that you like to dress up like a nun and get spanked with a toilet brush on Friday nights and they already have a picture of your dong. So really, what do you need a secret spy phone for, again?

Just manipulate the phone in transit. (0)

Anonymous Coward | about 3 months ago | (#47005057)

All technical arguments aside, the NSA can just take it from UPS and do whatever they like to the phone. Unless the transfer of the phone is secure, which it isn't, the phone is NOT secure.

Rather do it with 100% source & RPi (0)

Anonymous Coward | about 3 months ago | (#47007435)

Problem is domain where this encryption is taking place. I rather go with 100% source built kernel & RPi HW. Like in http://www.tearcomm.com/community

Just a few things (1)

EmagGeek (574360) | about 2 months ago | (#47007889)

1) There is no such thing as spy-proof
2) If you can install an app on it, it is not secure
3) If you can connect it to a network, it is not secure
4) If you do not own and have complete access to audit all firmware, including the radio, then it is not secure
5) The Blackphone looks like nothing more than a platform from which to sell expensive annual subscriptions to quasi-private services

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>