Exclusive: A review of the Blackphone, the Android for the paranoid

Exclusive: A review of the Blackphone, the Android for the paranoid. (3 web pages)

-- Tom

 

Isn't this a paradox?
Mrk

 

Open-source is a paradox?

 

Android for the paranoid.
Mrk

 

I guess you treat Chrome and Chromium the same as well, just generalize them for being Google creations.

 

I don't see anything in the Ars article about a custom radio/modem.

Anyone know? Also, is the Guardian Project phone going for that?

 

The first thing that strikes me as odd considering that this is supposed to be a product aimed for "paranoid" or at least "privacy aware" people is that it has a camera both in the front and at the back. Is this something a privacy caring person really would want? This not only gives a 360 cover of any room you happen to open the phone in, but it also makes sure its easy to take pictures of your face (whenever your text-ing "securely" or doing whatever). Some can argue that this phone is supposed to be so secure that nobody will get to the point where they can remote use your cam, this is called being naive.

I know its possible and standard among some it-specialists to cover up cameras (if one is present) with a bit of plastic (or use whatever that blocks it from taking any decent pictures) and I guess that can be used here as well. But that don't look good on a phone and the fact that the code is still there to run a camera worries me. To me this look like "privacy second, cool none essential features first" and its possible they are correct in this thinking. People often value usability and cool features way higher than something obscure as "privacy" or "security", its easy to understand a future that adds something you can do (its harder to think of how a hacker can abuse this and that, and most likely you won't notice that they are extracting all your files or doing something else you wasn't aware of could be done, so you assume no breach while enjoying the benefits of an insecure product).

The second future that feels a bit misplaced is the bundled cloud service. I would assume that some deal was made (that gives b-phone money for each installation or something) because I don't think this is in the best interest of any privacy caring person no matter how secure they claim their cloud technology to be. Some might need a cloud service and its possible that this one is really good, but there are big privacy risks of duplicating content online (even encrypted). Users that has no reason to begin sharing in the cloud will have just an additional security issue with this installed (they don't know the code, they can only hope it wont add a backdoor of some sort).

Maybe its easy to uninstall this cloud thing, but its not mainly the cloud thing itself. Stuff like this makes me think that they are putting usability way higher than security. This is not good for a "private phone". And what other stuff is added that you might or might not need. Security issues will pile up when you add add add everything, 1% might want this, 4% might want this (so lets add more code, more bugs, more security issues and put trust in more third parties). Stuff like this makes me wonder how slim their OS is compared to the standard one. If they are happy to add junk at some places, it makes you think that they could end up doing the same elsewhere.

 

Blackphone goes to Def Con and gets hacked—sort of.

-- Tom

 

http://www.welivesecurity.com/2014/08/13/online-privacy-3/