The Blackphone, the first smartphone focused exclusively on privacy, began shipping this week, selling out its entire first production run to those who desire completely private voice and data communications — or at least as close as you can get to that these days. And at $630, a price that doesn’t include a network contract, those who are buying the beefed-up Android phone have to be pretty serious about their privacy.
Blackphone, sold by SGP Technologies, is the result of a joint venture between Silent Circle and Spanish phone maker Geeksphone. Silent Circle, founded by PGP creator Phil Zimmermann, provides the end-to-end protection for voice, text and video chats. Geeksphone, provides the security-enabled hardware, including a hardened and somewhat custom version of Android called PrivatOS. And what’s most interesting about the phone is that while the fear of government surveillance may be driving its popularity, the software that powers the phone is already widely used by government agencies around the world.
But is there a potential market for the Blackphone in the U.S. government? “I think there should be,” Zimmermann said in a telephone interview with FedScoop. “A lot of government agencies are using our apps right now. We already sell to the U.S. Navy Seals and other military and law enforcement agencies in the U.S., Canada, Britain, Australia and elsewhere,” he said.
The Blackphone, Zimmermann said, is different not only because of its unique configuration and operating system, but because the privacy apps developed by Silent Circle come pre-loaded. “It has our apps baked-in. They’re glued to the operating system real tight,” he said. In an interview last year while the Blackphone was still in development, Zimmermann likened using his company’s Silent Circle privacy apps to being able “whisper in somebody’s ear on the other side of the globe.”
The cornerstone of the Blackphone’s privacy protections is the operating system. While it may look like Android KitKat, it’s actually PrivatOS, which was created specifically for the Blackphone. Using PrivatOS allows users to tweak some advanced settings, like how the various radios work. For example, you can assign trusted Wi-Fi networks to the Blackphone to use but disable them all together when out of range. So for example if your home Wi-Fi and office Wi-Fi were set up as trusted, then while you were at either location, the phone would use them. But in transit, Wi-Fi would be completely disabled.
Certain services like Google have been disabled too, so there is no Google Play app. Companies and government agencies might actually like this feature because they can provide their own store of secure apps while keeping users from installing games that might leak data or provide backdoor access.
Of course, the entire phone’s contents can be encrypted, and if it’s ever lost or stolen there is a way to wipe its contents remotely using a separate account users can set up. None of that is particularly new to the world of smartphones, but the Blackphone puts all of those options front and center in its security center panel, so there is no need to install third party applications or worry about holes in the defenses. Users can also choose what information is actually stored on the phone, because not having something locked in place is the best defense for keeping it safe. And of course obvious features like geo-location tracking can be disabled as well.
That’s all well and good, but to protect actual phone calls, texts and messages requires a little something extra, and that is provided by Silent Circle. The Blackphone comes with a bundle of Silent Circle apps that make for secure, encrypted communication.
How that works depends on if calls are made in or out of the Silent Circle network. For in-network calls — basically between two Blackphones, but it could also be from a Blackphone to another device protected by the Silent Circle apps — they first go encrypted to a server. The connection is then made between the two phones using public keys, so the users keep their private keys all the time. They are unknown even to the Silent Circle company or servers. Calls are completely encrypted in this case. Anyone snooping the call will only pick up gibberish.
Also, anyone monitoring either phone with a wire tap will only be able to detect that the calls are going to or coming from the Silent Circle servers; there is no way to actually connect two people talking or texting together. If the phone carrier gives its records to a third party, they will only show that a call was made to Silent Circle, not the next hop to the new user. In fact, there is a conference call function that allows multiple users to connect at the same time, with each of them protected in the same way.
Calls or messages outside of the circle are also secure in much the same way. If you call someone on a regular phone, the call still goes to Silent Circle first. That branch of the call is encrypted and, likewise, phone records will only show that part of it. The Silent Circle servers then connect to the person on the normal phone. That part of the call won’t be encrypted, but the records on that end will still only show that the call came from the Silent Circle servers, not who placed the call.
And that brings us to the third way the Blackphone protects users. Apparently, those Silent Circle servers don’t save any transaction records. So if the company gets subpoenaed for its records, there aren’t any that can help the police see who called whom. Finally, they are a Swiss company, so any legal challenge to them would have to go through the Swiss government, and the privacy laws there give it a lot of leeway. That and the fact that there is nothing to really hand over will likely keep Blackphone users pretty safe from snooping and legal trouble.
Obviously the Blackphone is being marketed to people who don’t want the government spying on them. Blackphone CEO Toby Weir-Jones recently told CNN that Edward Snowden’s activities outing NSA really helped heighten awareness for what his company was doing. However, the very same technology that keeps people safe from government snooping would also be pretty attractive to government agencies that need to guard their own privacy. That may be why SGP Technologies, a partnership venture between Silent Circle and Blackphone hardware manufacturer Geeksphone, recently moved into offices at National Harbor in Maryland. It puts them close to government.
Despite the somewhat understated animosity between the phone maker and the government, at least in terms of marketing, the Blackphone seems to be a pretty solid piece of technology that government agencies should probably evaluate. It seems a lot more elegant than most of the bolt-on security solutions out there now. And with Silent Circle not keeping any records, it would protect government callers just as well as anyone else.
Dan Verton contributed to this story.