Blackphone: Inside a Secure Smart Phone Features Encrypted Communications, But No Secure E-mail
Blackphone: Inside a Secure Smart Phone
Toby Weir-Jones

Can a smart phone increase your privacy and security while remaining both highly usable and attractive to buyers? The inaugural Blackphone is testing that question for consumers and businesses.

The Blackphone BP1 is an Android smart phone designed to be more secure, and to keep communications more private, than a regular smart phone. It's the first smart phone to come to market from SGP Technologies, a Swiss-based joint venture between U.S. secure-communications company Silent Circle and Spanish phone maker GeeksPhone.

Timing-wise, the Blackphone's June debut couldn't have been better, coming after National Security Agency contractor Edward Snowden's 2013 leaks began highlighting the ease with which the agency can eavesdrop on unencrypted communications. Snowden's leaks kicked off intense discussions about whether communications devices could really be made NSA-proof. This week, for example, Silent Circle president Phil Zimmermann, who created Pretty Good Privacy, and CTO Jon Callas, the original chief scientist of PGP, are speaking post-Black Hat USA at the Def Con conference in Las Vegas about Blackphone's efforts, the state of smart phone security, as well as advancing "ephemeral communications" that can assign an expiration date to people's data.

Snowden's leaks also helped SGP accelerate its Blackphone introduction plans, although it's had to make difficult choices about what to include, or exclude, in this model. "Core communications were most important, stripping away - we'll call them the leaky elements - that were bundled into so many other phones was also a critical feature, and then the sort of notion of control and protection from not necessarily malicious rogue apps, but simply apps that were doing things that people really hadn't paid attention to before," says Toby Weir-Jones, CEO of SGP Technologies, during this interview with Information Security Media Group.

Blackphone is now serving as a test case for whether a phone manufacturer can improve privacy and security, while selling enough units to remain profitable. Introduced at a price of $629, Blackphone comes with SGP's "PrivatOS" suite of Android tools and bundled software, which includes Silent Circle apps for encrypting voice and video calls and text messaging, plus anonymous browsing, a mobile VPN, and secure cloud storage and file-transfer services.

Blackphone's introduction, however, triggered criticism from rival BlackBerry, which denigrated the device as having "consumer-grade privacy that's inadequate for businesses."

In a rebuttal, Weir-Jones questioned BlackBerry having given some governments access to users' otherwise encrypted communications, saying Blackphone's peer-to-peer system was designed so SGP Technologies can't spy on customers.

"The point of the rebuttal was to illustrate that the completely closed system is not the only way to go, and that clearly a lot of enterprises have recognized that that is insufficiently flexible for the realities of large and distributed user bases with any number of separate hardware lifecycles in play," Weir-Jones says. "That was really our point, was that we think we've done a good job with the fundamental security within the core tools, but that we've also introduced a platform that is more compatible with more different permutations of enterprise use than the single solution that our friends to the north have offered."

In this interview with Information Security Media Group, Weir-Jones also discusses:

  • How Snowden's leaks helped drive interest in greater privacy and security;
  • The privacy, security and usability thinking behind the tools, features and functionality built into the Blackphone;
  • Why Blackphone lacks a secure e-mail client, and Silent Circle's related work through the Dark Mail alliance it founded with Ladar Levison;
  • Enterprise considerations for Blackphone rollouts, ranging from BYOD to mobile device management client use cases.

Weir-Jones is CEO of SGP Technologies, managing director of Blackphone, and chief product officer for Silent Circle. Before joining Silent Circle, he worked as vice president of product development for BT Global Services and as a systems engineer at Counterpane Internet Security.




Around the Network