The hidden risk in Blackphone’s “secure” communications

To be fair, it is black. And it is a phone.
To be fair, it is black. And it is a phone.
Image: Reuters/Albert Gea
We may earn a commission from links on this page.

Messaging, cheap phones, and the tensions between the telecom industry and web companies have been the overriding themes at the Mobile World Congress (MWC), an annual telecom-industry gathering in Barcelona this week. But another current has been flowing underneath the surface: security and privacy. Also at the MWC this week, a company called SPG Technologies launched the Blackphone, which according to the press release is “the world’s first smartphone which places privacy and control directly in the hands of its users.”

This it does. The phone uses a version of Android software without any Google apps or services. In their place,

Blackphone comes unlocked and features several pre-installed privacy tools, all of which are fully enabled for at least two years of usage.  These tools include the Silent Circle suite of apps, including Silent Phone, Silent Text, and Silent Contacts; anonymous search, private browsing, and VPN from Disconnect; and secure cloud file storage from SpiderOak. In addition, Blackphone ships with the Smart WiFi Manager from Mike Kershaw, Chief Architect for SGP Technologies, and a powerful remote-wipe and device recovery tool.

That’s great. But as Matt Weinberger points out in CITEWorld, “Blackphone primarily secures data at the application level, which means that a dedicated hacker could take advantage of any given zero-day vulnerability [previously undiscovered flaw in the code] to get into your data.” What that means is anything other than the apps, such as the phone’s internal hardware that it uses to communicate with cell towers, is up for grabs.

Sebastian Anthony at ITProPortal explains: “Your phone’s baseband—the device that handles negotiation with cell towers and other messy stuff—is essentially a black box, with its own CPU and operating system. The baseband has complete, low-level access to your microphone—access that the Blackphone cannot mitigate against. If the NSA really wants to tap your phone, that is probably the attack vector that it would use.”

The makers of Blackphone are well aware of this. “We have a bit of a problem with the press saying that the Blackphone will make you NSA-proof. If someone [at the Blackphone booth] tells you that it’ll protect you from the NSA, I’ll fire them,” Phil Zimmermann, one of the Blackphone’s creators, told Anthony.

The dangers of feeling secure

Zimmermann may need to try harder to get his message heard, starting with his website. Blackphone is being sold for a hefty $629 (plus delivery) as a secure, or at least privacy-enabling, device. “Keep your communications private without extra effort,” the phone’s site declares. “Be confident in your personal communications.” Yet it is this confidence that is most dangerous. The assumption of privacy, or security, means users lower their guard. To those most likely to need a Blackphone—top-level executives, corporate lawyers, government lawyers, criminals—feeling more secure in what remains a vulnerable device can be a fatal mistake, and not just to the NSA. Sophisticated criminals too understand that there remain vulnerabilities.

It is a similar argument to the one presented when Britain imposed a blanket ban on pornographic (and increasingly other) material online as a way to protect children from the depravities of the internet. Such filters provide a false sense of security, lulling parents into thinking they no longer need to monitor their children’s online behavior because the government is doing it for them. Similarly, just because some aspects of your communications are more secure with Blackphone’s apps and services, it doesn’t mean that the phone is invulnerable. Getting that message out will be crucial to the phone’s success, and that of other secure services in the future.