Blackphone 2 – An Android smartphone for your security
The Blackphone 2 from Swiss manufacturer Silent Circle is a mobile like no other. Although it looks quite ordinary, it’s actually one of the top players like the outstanding CAT S60. The cryptographers at Silent Circle have taken a closer look at Android and made security their main priority. With this in mind, they developed a device that is not only attractive for private users but also for businesses who attach great importance to security. Despite the fact that encryption is becoming more and more of a survival strategy and, consequently, everybody can and should benefit from Blackphone’s security features, I’ve decided to dedicate this article to the applications in the context of companies. The reason for this being that it’s the area in which the features really come into their own. However, think out of the box just a little and it’s easy to see why the Blackphone would also be very hand in everyday life.
Risk in your pocket
These days, there are only very few people who don’t carry a smartphone on them. For the safety conscious out there, this poses a lot of risks. Facebook and Google are the largest data leeches in human history. The keyword here is big data, meaning that all collected data is sold for advertising purposes. So if a user likes the concert photo of a rock band, she will be shown concert dates of similar bands. Although that’s quite useful, it’s also quite creepy.
In a business context, mobile devices become risky when private and corporate data share the same memory. If an app on a private phone has the authorization to access the memory, it can theoretically read all data in it. To put it in simplified terms: it’s theoretically possible that Facebook can reveal business secrets. Another scenario could be an attacker planting an app on a mobile in order to tap into the data. Even though users have no admin rights on Android and iOS smartphones and therefore cannot access deeper system levels, applications on the application layer are granted almost total freedom. If this weren’t so, the user experience would suffer greatly.
Since this risk was recognized, companies have been making great efforts to counteract it. One thing is clear: Smartphones in the pocket of each and every employee pose a potential threat to internal IT security and the information within the company.
The solution: spaces
One company that has dedicated itself to user security on all levels is Silent Circle. The company has not only developed an interesting device but also has an interesting story. Its founders, Mike Jahnke and Phil Zimmermann, originally aimed to develop a safe version of the VOIP application Skype. But the idea just kept on growing and resulted in the release of Silent OS.
During the development of the Android-based operating system, Jahnke and Zimmerman realised that Canada may not be the best place in the world to launch a secure version of Android. For this reason, the company moved to Switzerland, where data protection laws are better than in other countries. The company has been based in the canton of Geneva ever since.
Silent OS focuses on a model that segments Android’s application layer. This is referred to as “spaces”. In practice, it’s as if several Android versions were running simultaneously – each of them featuring a separate application layer. Silent OS has three spaces:
- Personal Space: A run-of-the-mill Android version that’s barely any different from other versions on the application layer. The changes are all in the deeper layers
- Silent Space: Google services are inactive. In addition, there are countless configuration possibilities that e.g. do not allow screenshots or block outgoing calls
- Managed Space: Similar to Silent Space, Managed Space can be freely configured. The only difference is that users cannot modify settings themselves. All settings are managed by a central body, i.e. by the internal IT security office.
Space management offers options for all spaces; so not only for the Silent Space but also for the Personal Space. The most important options are:
- Exclusive Network Access: When Silent Space is active, other spaces have no access to the network
- Mobile Only: Silent Space can only use mobile networks for data transfer. This prevents connections to hostile WLAN, thereby minimizing local man-in-the-middle attacks
- Allow Outgoing Calls: Users are allowed to make phone calls from the Silent Space
- Allow SMS: Users are allowed to send text messages from the Silent Space
- Allow Location Sharing: Users are allowed to use GPS services while Silent Space is active
- Allow Screenshots: Users are allowed to take screenshots of the system
- Allow Microphone: Users are allowed to record audio
- Allow Bluetooth: The device can create a Bluetooth connection
- Space Sharing: The device is permitted to exchange data between Silent Space, Managed Space and Personal Space
- Read Device Info: Users are allowed access device information
- Allow Debugging: Users are allowed to access developer options for more freedom within the system. Developer options exist in regular Android distros but are hidden.
- Allow Unknown Sources: Users are allowed to sideload apps, i.e. install them from sources other than the official app store
- Allow App Installs: Users are allowed to install apps
All the above authorizations can either be assigned to or revoked from the space. Silent Space comes without Google Services by default; however, these can be set up at a later stage. It goes without saying that this is not recommended as Google Services allow you to install any kind of app from the app store. This in turn poses a great risk to privacy and security integrity.
Managed Space allows a company’s internal IT security to commission smartphones a gogo. Therefore, devices can be handed over to employees without them having to make any major adjustments to the settings. This makes blanket security a lot easier to achieve.
Hardware weak point
From a security point of view, the Blackphone’s software is a quantum leap. By contrast, the hardware is nothing to write home about. The device feels like a cheap bit of plastic. But this may have other reasons than simply wanting to save costs or not attaching any importance to the hardware. Even if software security is a top priority in some devices, physical security is often neglected.
Smartphones are carried around by their users on a daily basis. No matter where the users are, their smartphones are with them. This includes inherently unsafe places including bars, restaurants or public space in general. So if a phone is lying about unattended, it’s much more likely to be targeted if it has a luxurious finish like an iPhone or a shiny metal case like the HTC 10 than a device that looks like a temporary replacement phone. So the unattractive case of the Blackphone 2 could quite possibly be cleverly devised camouflage.
If users still prefer an iPhone, Blackberry or any other kind of mobile, they are not automatically excluded from secure communication. Security mainly happens in the apps programmed by Silent Circle. These apps are available for both Android and Apple iOS.
Silent Phone – Secure communication comes at a price
The “Silent Phone” app serves as a messenger, telephony app and file transfer in one, providing the full communication package. All traffic generated by the app is end-to-end encrypted, so it’s sent encrypted from the sender’s mobile and only encrypted once it reaches the receiver’s mobile.
But the app does come at a price even if installation is free. Silent Circle applies a Software as a Service (SaaS) model. In other words: Installation is free but fees are charged for the service. In return, software updates and upgrades are included. These licenses cost money but offer unlimited calls and a certain amount of data transfer.
Silent Circle has built in a special feature – the so-called burn feature for messages and file transfers. Any file that is sent with a burn time of ten minutes will automatically be irrevocably deleted after ten minutes.
A new security standard
The Blackphone is a long overdue invention, as the customization of Android – named “Silent OS” by manufacturer Silent Circle – focuses neither on the beautification of user interfaces nor solely on kernel hardening. Silent OS is equipped with encryption mechanisms on every level and has the advantage that the code is open source. The source code for Android and for Apple iOS can be looked at on GitHub. It’s generally worth taking a look at Silent Circle’s GitHub Repositories.
The division of Android into separate spaces offers previously unimaginable possibilities to determine, comply with and configure security regulations. Thanks to Managed Space, regulations can even be dynamic, i.e. centrally managed and promptly modified.
The Blackphone’s weak point is its hardware. The phone is lightweight but feels cheap. If a user wishes to use Silent Circle’s full application suite, this can be done with any smartphone featuring a software as a service mode; however, Silent OS and the associated spaces are only available for the Blackphone.
Senior Editor, Zurich