By Praveen Kannan and Anna Strokolyst The Hotspot Shield team believes the internet should be open and secure …
The struggle for security in a high-tech world expresses itself in a battle for technological supremacy between tech users and those seeking their precious data—thieves, intelligence agencies, and the like. Recently, a new tool, the SGP Technologies Blackphone, was released to an increasingly privacy-concerned public to great financial success, selling out its initial run.
But is the pricey new phone really the bastion of safety that its boosters would claim? And can it catch on in the general market, or will it prove to be a fancy toy for the security-minded? Read on to learn whether the Blackphone is really the future for mobile security.
Hardware for a Shadowy World
First, let’s discuss the phone itself. The Blackphone is a powerful piece of hardware, with a 2 GHz Quad Core processor and 1 GB of onboard RAM. Of course, the raw strength of the hardware isn’t the main selling point of the Blackphone, especially given its benchmarks in tests by Ars Technica against other leading smartphones. Instead, the prospective Blackphone buyer is likely interested in the device’s more esoteric features, rooted in its extensive software package.
The Brains Behind the Security
The Blackphone runs off a heavily modded version of the open-source Android 4.4.2, known as PrivatOS. This OS lacks the deeply interconnected Google applications that define the Android platform. The Blackphone instead makes use of software by co-designer Silent Circle, including applications for making calls, sending texts, and managing e-mail, all with a high level of anonymity.
Users are able to define the level of privacy they require at any given moment, although the highest levels of security limit the phone to contact with other Silent Circle-enabled devices. The purchase of a Blackphone comes with a two-year subscription to the Silent Circle suite and three one-year “friends and family” software service passes.
Not everybody has embraced SGP’s new product. ExtremeTech expresses extreme skepticism of the Blackphone in a recent article. Author Ryan Whitwam points out that the phone, though sold at least in implication as a method of fighting intelligence-agency snooping, is not actually capable of doing that. Moreover, the phone’s great selling point, its suite of privacy-enabled applications, could rather easily be transplanted to other more powerful phones. As a result, the rather pricey Blackphone can be seen as a high-end showcase for a useful software package attached to a mediocre phone.
An article in Fast Company presents a different view. Through interviews with SGP CEO Toby Weir-Jones and a number of security experts, author Luke Dormehl establishes a more laudatory tone. Weir-Jones describes the call encryption technology of his company’s product as well-nigh unbreakable, with limited-use encryption and a lack of centralized information storage on the company’s part serving as bulwarks against intelligence interference.
A Roll of the Die
One thread that emerges in the interviews in Dormehl’s article is a belief on the part of Weir-Jones and his ilk that their products represent a future, one that the public willingly will embrace. That’s the real gamble of the Blackphone; a cellular device incapable of securely calling anyone not employing its proprietary, privacy-conscious encryption service is, by its nature, reliant on its own widespread adoption. Three complimentary “family and friend” accounts only offer a slim solution to the need for users to contact, potentially, anyone else in the world.
Privacy or Convenience
This is one of the weaknesses of Weir-Jones’ argument. He explicitly states in his interview that he believes the general population will, one day, come to understand the loss of privacy inherent in “free” (but data-mining-intensive) services such as those provided by Google, and thus migrate to programs like those Weir-Jones’ company has developed.
Sadly, that may not be the case. As Whitwam glancingly suggests, current mobile users enjoy features such as the Google Play store and location-based GPS-heavy services, and it is far from clear that the general public will ever decide to toss aside these conveniences, privacy concerns or no.
Where Does the Data Go?
In the end, what is done with all the harvested data? This question speaks to the often-overlooked issues nesting in the heart of all current privacy debates. While the United States, and indeed the world, was rocked by the revelations of Edward Snowden about the depth and pervasiveness of NSA surveillance, no one seems to blink an eye when passing out vast amounts of personal data to corporate entities.
Arguably, the degree to which casual smartphone usage hands sellable data to Google is occluded behind arcane permission systems hiding information-mining clauses with boilerplate language. However, the success of social media sites, which monetize entirely around their ability to openly gather information about their user base, confuses the issue. It seems that much of the world’s population is entirely willing to let a distant entity know what they like and with whom they associate, so long as they are able to play games and post pictures while doing so.
The single greatest issue facing privacy advocates (and the companies, such as SGP, that they form) may be this: Does enough of the public care? Without a critical mass of installed users to make the Silent Circle services worthwhile, the Blackphone may be doomed to founder in a sort of pro-privacy obscurity, the communications tool of choice for a too-small community of the security-conscious. To the degree that Whitwam is correct about the interchangeability of the software package, SGP could be vulnerable there, too; future Blackphone releases will be hampered if the device’s tech-savvy consumers decide to forego the hardware and stick with the useful programs on a device of their choice.
Overall, it seems that the Blackphone package tries to strike an uneasy balance between a security-aware market, who will likely prefer the software solutions of the phone installed on more powerful rigs, and a more casual consumer base, who would appreciate the simplicity of the all-in-one privacy package of the Blackphone, except for their indifference to security issues. Although initial sales of the Blackphone may be strong, its viability as a long-term platform remains very much in doubt. Hopefully, Silent Circle will be wise enough to not tie its fortunes too closely to an uncertain hardware gambit at the expense of their software customers.