A phone touted as the first to put privacy and security ahead of all other considerations launched at a packed event at Mobile World Congress in Barcelona, Spain, today.
The $629 Blackphone will strongly encrypt all communications and block the tracking of your Web browsing and search terms. It even blocks extraneous Wi-Fi beacons from your phone, as they tend to leave a detailed record of your phone’s movements.
“The entire reason for the phone to exist is to protect your privacy,” says Phil Zimmermann, a Blackphone cofounder who invented a widely used encryption system known as PGP for “pretty good privacy.” “We are not a phone company adding a privacy feature; we are a privacy company selling a phone.”
The phone comes from a joint venture between Spanish smartphone manufacturer Geeksphone and Silent Circle, a secure-e-mail company founded by Zimmerman. The Switzerland-based company making the phone, called SGP Technologies, began taking orders Monday; it would not say how many came in.
Tools built into the Blackphone include Silent Circle apps, which encrypt voice, text, and e-mail; anonymous search and private browsing tools from a company called Disconnect; and secure cloud storage from another partner, SpiderOak. Because encrypted communications work only when both parties use it, Blackphone includes three “friends and family” subscriptions for Silent Circle apps.
I had a chance to look at a prototype. Out of the box, the phone makes you choose a PIN. It encrypts all files stored on the device and decrypts them only if you use that PIN – a departure from most smartphones, which only use a PIN to lock the screen but don’t encrypt the underlying data.
Then it gives you a brief tutorial on the various security settings under its operating system, called PrivatOS, a custom version of Android. For example, it lets you do things like decide that no apps can ever access your location or contacts. “Ultimately it is still an Android phone, and users can install Android apps,” says Toby Weir-Jones, the company’s managing director. “We encourage people to pay attention to the permissions that come with that.”
The phone’s designers considered a number of ways to stop data leakage. For example, when a traditional phone seeks a Wi-Fi connection, it is continually making contact with all routers within range. Even if you don’t elect to connect, those Wi-Fi providers capture the ID number of your passing phone. The ID numbers can, in turn, be linked to your identity.
To get around that, the Blackphone will allow the phone to try to make Wi-Fi connections only when you are in a general geographic area that you have defined, such as near a trusted Wi-Fi router at your home or office.
If you leave that area, those radios shut down, and only reactivate when you return. Rather than use GPS location for doing this—which consumes battery life—the phone uses routine pings from cell-phone towers.
One carrier, KPN Mobile, which serves Belgium, the Netherlands, and Germany, announced it would be the first to sell the phone, and expects to do so for a price similar to what customers pay for the latest iPhone or Samsung Galaxy device. However, Blackphone expects most customers to buy directly from the company.
Blackphone was a work in progress before NSA contractor Edward Snowden began leaking files about the scope of mass surveillance by the American spy agency. Those events have likely fueled user interest in the product, Weir-Jones says. “I think what we have seen is a heightened sensitivity of what the loss of privacy can mean,” he says.
White Paper: Maximizing Mobility's Rewards While Minimizing Its Risks
The rapid rise of mobile workers exemplifies the risk-versus-reward paradox. Don’t let security risks hinder mobility’s benefits. Read this article to better understand the BYOD trend, how it affects security, and how to handle it.
Free download courtesy of Symantec: Download report