
Brazilian Sikur Launches GranitePhone, a BlackPhone Competitor - Tepix
http://granitephone.com/
======
caio1982
So, as a Brazilian I've never heard about this company before. Granted, they
didn't have any obligation to be well-known here but I'm surprised they even
exist and are launching this product. The company was even supposedly founded
by some people from my city (Curitiba).

Some more info from local news (in Portuguese):

They believe that being a Brazilian company will help to market the product
after the whole Snowden thing, and also promise the phone to have 100%
"national technology" inside even though at least one of the two models runs
Android with an extra layer of security created by them.

They are part of Ciberbras, although their website returns 404... take this as
you will.

There are other sources of news about them in the Brazilian media but they're
mostly variations of each other, probably press releases (some dating back to
February 2015). Apparently they're targeting government agencies, not standard
consumer markets and have got at least once "big" contract to sell these
secure phones to police departments.

Sources:

[1] [http://info.abril.com.br/noticias/tecnologia-
pessoal/2015/02...](http://info.abril.com.br/noticias/tecnologia-
pessoal/2015/02/brasileira-sikur-lanca-na-europa-celular-criptografado.shtml)

[2]
[https://www.crunchbase.com/organization/ciberbras#/entity](https://www.crunchbase.com/organization/ciberbras#/entity)

------
Tepix
I'd like to know details regarding the protection of the baseband that both
Sikur and SilentCircle have taken. As far as I know, the baseband is still a
closed source black box. If it has a security hole, the baseband processor can
access the microphone and the GPS function because these functions are handled
by the baseband CPU on many recent phones.

On older phones such as the Galaxy Nexus, the baseband has to ask the OS for
this data, which is detectable (and can be prevented). The Replicant project
has an interesting page on the topic of modem isolation at
[http://www.replicant.us/freedom-privacy-security-
issues.php](http://www.replicant.us/freedom-privacy-security-issues.php)

~~~
tombrossman
First thing I look for in any announcement or news story about supposedly
'secure' smart-phones is a mention of the baseband issue. Failing to mention
it indicates to me that they are unaware (and so insecure by default) or just
don't care.

You'll see it mentioned occasionally in reviews but generally it's just
ignored. I don't know if this is down to a lack of comprehension of the
reviewer, or if the prevailing attitude is that this is 'too big a problem' to
solve, and so nobody likes to talk about it. I do see it raised in nearly
every HN thread about secure phones, so that's good.

I think it will take a big non-US based manufacturer with approval from their
government to totally re-do baseband and fix this issue. It won't be certified
any time soon in the US market but that's fine with me so long as it plays
well with GSM.

~~~
Tepix
It's not that they are unaware. I talked to Jon Callas of SilentCircle at MWC
back in 2014 and he was totally aware of the isuue. Back then he argued that
the BlackPhone 1 was a first generation product and they would solve the issue
later on. It's disappointing that they haven't managed to do so by now, but
it's not completely surprising. The market for baseband chips (and their
software) only has a few big players and it takes considerable resources to
implement an LTE stack.

------
ris
Granite OS? Where is the source? If the answer is "private", then that's not
good enough for something selling itself as a security product in 2015.

It's hard to find anything real about this phone. I hate these "growth hacked"
minimal websites - impossible to find any actual information. Are they really
expecting me to buy $800 worth of phone on the information they're showing me
about it on that page? _Why_ am I supposed to trust them? Do they take me for
a complete idiot?

~~~
MadManE
Hey, a fool and his money. . .

Seems like a growth market to me.

------
devit
I don't see any reason to believe that this is any better than a random
Android device or that the company has any competence at security or that it
can be trusted.

This looks just like a random customized Android phone with default full disk
encryption and some security marketing (written by someone with limited
command of the English language).

------
kelvin0
The safest phone, is no phone ...

