An ultra-secure phone claimed to be the first privacy-focused smartphone on sale swiftly fell victim to a security researcher – who hacked the “super secure” Blackphone in just five minutes.
An ultra-secure phone claiming to be the first privacy-focused smartphone on sale swiftly fell victim to a security researcher – who hacked the “super secure” Blackphone in just five minutes according to Slashgear. The hack allowed root access to the phone – and was performed on stage at the DEF CON security conference, according to Gizmodo. TeamAndIRC found three vulnerabilities according to Tweaktown – although each had its own weakness. One required an unpatched version of PrivatOS and another required direct user interaction. Slashgear reported that users faced no “imminent danger.”
Online privacy – Blackphone cracked?
BlackBerry has previously described Blackphone as, “Consumer-Grade Privacy That’s Inadequate for Businesses. Blackphone responded via blogging platform Medium: “As I mentioned in my earlier post — we took on the challenge of building a secure and private smartphone system. TeamAndIRC threw a proverbial jab to the jaw, and well, our jaw is not made of glass. Kudos to @TeamAndIRC for explaining the exploit. No hard feelings — things get fixed by being found.” Nonetheless, we have a vulnerability and it is important to Blackphone to resolve this vulnerability fast. We pride ourselves on being able to provide a quick turnaround to security problems. We control the complete OTA process, and are able to fix issues as soon as they are disclosed, if they haven’t been pre-emptively fixed.” Slashgear said, “Blackphone still may be the most secure open-source smartphone around.” One patch has already been pushed out, and another is coming shortly.
‘Our jaw is not made of glass’
As well as a best-selling author and an ex-U.S. Navy Seal, Silent Circle features Phil Zimmerman, who wrote PGP (Pretty Good Privacy) in 1991, still the most widely used email encryption software on Earth. Encrypted phones have been on sale before – such as the GSMK Cryptophone – but have been complex to use, and expensive. Silent Circle hope that the steady flow of news about state spying could catalyze a sea-change in attitudes towards privacy. British-based security expert Graham Cluley, a 20-year veteran of the industry, said at the launch that the goals of Blackphone are laudable, “Most of us could take greater steps to make our lives more private, and make it harder for unauthorized parties (including governments) to spy upon our activities.”