But the actual problem is the baseband processor running completely non-free software, with an enormous attack surface and access to all the interesting periphery (GPS, microphone). There is not just opportunity to compromise your privacy, Qualcomm and others actively implement such features at the behest of governments and carriers.
Oh, and if you plug that enormous hole, you get to the SIM card, yet another processor that you have zero control over, but which has access to enough juicy data to compromise your privacy. I highly recommend everyone to watch a talk from 30C3 by Karsten Nohl, where he shows a live attack on an improperly configured SIM card that remotely implants a Java app on the SIM card which continuously sends your cell ID (your approximate location) to the attacker by short message (without notification to the application processor, e.g. Android or iOS):
Carriers can do this today. (edit: that's a bit nonsensical, because carriers of course already know your cell id. Anyone with the ability to run a fake basestation momentarily (think IMSI catcher) can do this.)
Blackphone is pretty lame, IMO. There's something better coming from a trusted source in weeks, and plenty of work being done on the "there is no phone" phone concept.
Fully support the initiative for an open baseband. One reason it's not open is the (fairly legit) fear that intentional and unintentional DoS attacks would occur, affecting everyone in the area. It's really really simple to be an obnoxious cellular network citizen and it's pretty damn hard to police.
Baseband bugs that impact networks are common too due to the complexity. I saw a function point analysis of GSM vs 3G once, seem to remember 1-2 orders of magnitudes difference. Ahh Function Points, you flawed devil of a management metric.
Yes, it is two small boxes right now, but there's no reason you couldn't build a "baseband firewall" which puts baseband in one area, a firewall in between, and the regular phone, with only a well defined open interface in between.
Cryptophone uses an older Samsung to do this but has no SIM protection. The firewall isn't foolproof either it only detects extended use of the baseband cpu without the application cpu being busy then shuts down the device, which makes it a brick open to denial of service.
A hardened Android build is fine for most shady activity and avoiding dragnet surveillance. If you are a drug lord or foreign spy use a laptop or tablet with ostel or silent circle, internal mic removed and running hardened free software, your dongle should have TurboSIM or similar wrapper that can be coded to reject OTA updates and not reply to silent tracking SMS. Marlinespike is also working on a new Whispercore, I have a forensics resistant project, and there is of course Cryptophone GSMK. Is the project you're talking about the build that runs Xen then boots Android in phony isolation because the snapdragon chip can still access memory.
Another problem is simply walking around with 2 phones which is an opsec indicator for feds that you are up to something and req targeted surveillance. They have full automated access to every cell tower db to look for this as per snowden docs dumped on cell meta data
These highly-integrated devices are basically inimical to decent security.
No (that project was an earlier version of blackphone/geekphone, actually! from what I've heard)
It could basically be done today with an Android PDA running VoiP app only, connected over wifi to a cellular hotspot in one's pocket. The next evolution would be to replace the wifi with a wired network.
On the software front, I have an OpenWRT image which I think works pretty well for travel which I've been meaning to publish (routes all traffic over an OpenVPN tunnel and can act simultaneously as a WIFI client to the hotel network and as an access point for your own network). The hardware is nothing special (WRT54GL) and it would definitely be nice if it were more portable. I'd love to hear your thoughts and will be looking forward to that kickstarter.
My goal would be to never ever connect my devices to wifi, and run everything through the device.
There are lots of attempts to make current hw work for this, but while you can get close, nothing is good enough IMO. I have the tplink, the belkin, etc with different firmware.
Enough flash and ram to run sane openwrt, and maybe options for a VPN client, and a stretch of Tor. Fitting that within the power budget would be the issue.
Yes, it sounds like it will be challenging to fit everything in the power budget. Do you think there's a need to use this on battery power? Won't most people be using it in a hotel room? A wall wart that's compact and dual-voltage would work for me and would provide much more power than USB.
I'll also put in a pitch for at least two Ethernet ports, so you can use one for connecting to the hotel and another for your LAN, in case WIFI's not cutting it or you need to connect a non-WIFI device (in my case, a VoIP phone).
One usability problem which has vexed me is that most hotels force you through a captive portal, which doesn't work if you're routing all traffic over a VPN. (Some even make you do it every 24 hours!) My latest solution is a special Ethernet port that's on a separate subnet which isn't routed over the VPN. You use that for going through the captive portal and then you switch over to WIFI or another Ethernet port. I think a hardware switch to turn the VPN on and off would also be a good solution.
For the power budget, I really want to be able to use this powered by my laptop's USB port (or a big usb battery) so when I'm at an airport or something I can safely use wifi without having to find a power socket. One option is using more power than USB, and having a battery which is charged via USB, but that would suck.
I believe everything except Tor can fit within the power budget, even with 2 normal and 2 lower power radios, though.
It might be worth giving that up since then existing hardware is usable.
But yeah. Grugq's doing a lot of other cool stuff now too.
Activated airplane mode to kill the baseband, PPP widget runs fine on 4.2.2. Success. (kernel module loading not avail Android 4.3+ though obviously can build your own, or get a Moto G with native USB OTG support)
Do you happen to have a link? That's pretty terrible for anyone with a work phone and a personal phone.
They, the feds, must be surveilling an awful lot of ordinary citizens because in my day job, delivery driver, I carry two phones. One issued by my company and my personal phone and on days when I'm working with another driver we'd have four phones in one vehicle. I can imagine there are quite a few people who have good reason to carry two phones regularly.
Just carrying two phones with you isn't the most interesting thing; it's a pair of people who normally have one phone during normal activity, and then at some location turn that phone off and turn on another phone which isn't used for anything except calling the other person briefly and hanging up without saying anything, and then those phones moving closely together, etc.
In my proposed case, there's no actual "second phone" on the cellphone network; your "phone" is a wifi only device which talks to a box which talks over data.
Traffic analysis is one of the things NSA does exceptionally well; the open crypto world is like 5 and maybe NSA is 7, but the open traffic analysis world is more like 2 and NSA is a 9.
I would love to live in a world where this can happen. But we don't live in that world.
The carriers have paid billions of dollars for exclusive use of their frequency bands. And their hundreds of billions of dollars of revenue depend upon smooth operation of all devices on the network using those bands. They will use whatever means to protect this.
OK, so let's talk to the FCC (and all the other agencies around the world), and get some other frequency band we can use for our totally open phones.
Well... there aren't any open ones left in the good range of approximately 700MHz to 2GHz. This is the part of the frequency spectrum that has decent carrying capacity, good penetration, and not too high power requirements. It is basic physics. Go lower in frequency, and you can't carry enough bits to be useful. Go higher in frequency and you start getting stopped by walls and such.
All the good bands have been allocated in the USA and elsewhere for TV, existing carriers, military, satellite, and so on. At a minimum, you'd need tens of billions to lobby for and buy a decent chunk of spectrum. And you need to get the current users moved off, which they won't like.
All we have left are the 'crap' bands like 2.4GHz (microwave oven interference). 5GHz isn't too bad (not a lot of other interferers) but it is short range with the current regulations. Another open band for unlicensed use at 60GHz gets stopped by walls, air (oxygen)...
Also, is there any harm in just open sourcing their baseband code? It seems to me that it's worthless without the license to use the frequency anyways, so who cares if the code is open from a losing business point of view. On the other hand, things like security review are to the carriers' and manufacturers' benefit, no?
The carriers don't want baseband code, they just want finished products to sell.
It's OSS, well tested, secure, and supported. Buy support from me." why won't they go for it. Surely, an OSS solution is cheaper for them than developing an in-house crap solution that I'm sure it is now.
OK, assuming you get a current-generation baseband chip for free (it actually costs a ton of money to develop) with full documentation, you're still talking hundreds of millions to develop that software. GSM (a 2G technology) is complicated. UMTS / HSPA (one of the 3G techs) is an order of magnitude more complex. LTE (4G) is another order of magnitude more complex than 3G. The baseband code, plus all the testing code, plus all the testing required by the FCC, standards bodies and the carriers is a ton of money.
It costs millions to take an existing chipset (which has already been approved), an existing baseband codebase (which has also already been approved for use with that chipset) and put that into a modem and get that approved.
The chip vendors have their own baseband code now, and they are all in fierce competition with each other. They aren't going to just use your code, and they aren't going to let you use their chips either.
This sucks. Do we have any alternatives? Are there any completely open radio chips in development?
By a lot. On the plus side, all the specs to create a component in a cellular network(protocols, procedures, network architecture and so on). are open and free.
On the other hand, the specs that cover all the parts of a cellular system is _many_ thousands of documents - and there's patents hidden in quite a lot of them.
> without much hope of a community reverse engineering a solution.
* specs for the chipsets are not available.
* You might get the spec. for the pinouts for the chips if you sign an NDA, but not the specs for being able to run your own code on it.
* But the chipset manufacturers won't talk to you unless you're serious about buying quite a few million of them anyway.
http://bb.osmocom.org/ have managed to reverse engineer an old GSM chipset (with help from leaked documents and source code) and created an open source GSM base band for those old phones. But there's little to suggest doing the same for 3G or 4G will be possible in the near future.
Yes, exactly. Sometimes just seeing how something is organized, or the API can give significant clues to how it is done. It is much harder to start from scratch.
Do we have any alternatives? Are there any completely open radio chips in development?
See my parent post. First you need a few billion dollars to buy some spectrum.
So that's the tragedy of the mobile computing revolution isn't it then? That communication tech is technically a free market but realistically is controlled by very few corporations with very deep pockets. I did not realize that this is how it was set up and now I am sad.
Its actually quite impressive how much they've implemented, though it is still a small fraction of the software you'd need to run an actual cell network.
It's also not "they", as it's been developed by a single programmer. Certainly, Bellard is no ordinary programmer, but this should still give some perspective to your claim of the millions of dollars required for development.
Code could be released for inspection, but you can't be allowed to actually run modified code on real radios outside of RF-isolated testing facilities.
(That is not to say carriers won't do everything in their power to stop actual open source software and hardware implementations; mobile only works because all the devices behave nicely according to the specification, an attacker could with very little power severely compromise the network. There is just a very large barrier to entry, and dumb, bruteforce solutions can be triangulated.)
How do you ensure that the manufacturer doesn't modify the baseband code?
Could you provide more concrete info on what you are referencing there?
Is this IndiePhone by Aral Balkan?
You can't really prevent that with technology unless you start to educate kids/users better. But who am I kidding? People will forfeit their private data for shiny stuff as long as there will be shiny stuff and private data.
The first connotation is the one my mother warned me about. It's Facebook photos of that tequila weekend in Tijuana and those two PM Tuesday tweets from the beach bar when I called in sick to work. These are things that require personal judgement in regard to what I say. Self-control addresses this type of privacy.
The second connotation of privacy is newer, but still nearly twenty years old. It entails concerns regarding information collected about my actions beyond what I explicitly choose to broadcast. It's cookies in the browser [and their more sophisticated descendants]. It's my browser linking my Google+ account to my browsing history at lesbiandwarffurries.com.
Privacy issues of this second type are assumed to be normal when they are considered at all - why doesn't my browser sandbox cookies for each website? Or rather why isn't there a browser that does so? The same logic underpins the Blackphone - sand boxing unrelated parts of the system so that privacy is a matter of personal judgement rather a battle against a technically sophisticated adversary.
You can do that with Fluid.app (http://fluidapp.com/ only for MacOSX) It is a Single-Site-Browser-Generator with the option to have a separate cookie store for each SSB.
I have one instance for facebook, one for Google+ etc.
I only access Facebook from a VM or an old smartphone with no SIM. That's because browsers are designed to circumvent my attempts at privacy and to facilitate the ends of third party cookies.
Using a Git analogy, there is no reason for a single cookie repository. Suppose foo.com injects a third party cookie from bar.com into my data stream. It could sit on the foo.com branch of my cache, so that when I visit baz.com, it does not know about the bar.com cookie, and injects another one [which sits on the baz.com branch of my cache].
When I want to have a single bar.com cookie for foo.com and baz.com, then I merge them and let bar.com sort out any discrepancy. To put it another way, there might be a few websites where I wish to allow a shared persistent Facebook cookie, but I don't want to share that information with every website with a LikeUsOnFacebook widget or share all my browsing with Facebook.
But browsers thwart that process and facilitate tracking. It is by explicit design that browsers break the web when there are attempts at privacy. They are designed to mislead users and be truthful to remote websites rather than vice-versa.
True, and once that one will be made open-source too, there's still the NSA tracking mobile phones worldwide and generating all kinds of privacy-invading data based on it:
(And until that is resolved, my mobile phone will stay in flight mode only.)
So once again, while tech may help in the short term, long-term solutions will have to be structural/systemic ones regarding government in general.
The point made elsewhere in this thread is that even an open-source implementation can be exploited. If the baseband is tightly integrated, then that exploit gains the attacker full access.
From a security perspective, even a closed-source baseband could be ok as if it has proper separation from the rest of the system (though open-source would obviously be better).
I am not sure about the technology, however from look of the video I can say it is mostly aim at non-technology experts, with nice fancy design.
Can I ask what kind of people do we need to design all the chips hardware such as baseband processor, using open source design?
And what are HN opinion on Silent Circle?
We turn the logging level on our systems to log only protocol-related errors - great!
Why didn't they just keep logging on and get rid of the 3rd party bugs?
How is it re-shaping anything before it's started shipping?
* physical switches for GPS, WIFI, Radio, Camera, Mic, write/read access to disk (go diskless),
* a secondary low power eInk display that is wired directly into the hardware that shows when the last time GPS, mic, camera were turned on (and for how long) and how much data has been sent over the radio and read from disk,
* a FS which encrypts certain files with a key that is stored remotely. If your phone is stolen you can delete this remote key. The key is changed on every decrypt. You also get a remote log of all times this remote key was accessed.
* hardware support for read-only, write-only files,
* hardware support for real secure delete on the SSD,
* the ability to change all my HW identifiers at will (IMEI, SIM, etc),
* a log, stored on a separate SD card, of all data sent and received using a HW tap on the radio/WIFI. The log should be encrypted such that only someone with the private key can read it (public key used to encrypt an AES session key which is rotated out every 5 minutes). If you think someone has compromised your phone you can audit this log for both exploitation and data exfiltration. Since the log is implemented in HW, no rootkit can alter it.
It's in partnerships with http://www.geeksphone.com/ which is FirefoxOS based. But yet the Blackphone splash has an image of a phone with Android buttons.
They claim no hooks to vendors, so if it's Android I can't imagine this is going to carry the Play store.
I'd be interested in knowing how they will secure and make private the core functionality of being a phone and sending email and text, all of which are insecure.
On that, I'd speculate that this is just pre-loaded with Silent Circle apps, and maybe will be announced as having DarkMail and a choice of RedPhone.
But... there's no info at all really, so who knows what this is.
The only problem they really have to solve is the eternal question of: Is it possible to provide real security and privacy whilst providing convenience?
Email? They've announced the DarkMail protocol last year, and should be coming soon:
Obviously usability would suffer a little bit (mostly in huge latency when you actually wanted to make a call), but seems like very cheap phone could be built that integrated a pager, allowing complete disconnection from the 'active' radio network, avoiding location tracking by your cell provider, or similar evil tricks by third parties.
Except if everyone started using a phone like that, you wouldn't be able to call anyone.
The biggest security hole next to the baseband processor and the SIM is the user who installs every app in seconds without checking permissions.
Not true, http://developer.android.com/reference/android/Manifest.perm...
(The first shipped Kitkat builds supported a form of this, but it was quickly removed, amidst complaints from privacy advocates:
So, there are a few shipped phones which can have this functionality made accessible via third party app --- but update your phone and they cease to work.)
I'm sure there's logic there - powering a very basic non-informative landing site with a WP installation that you took the time to customize, but not delete the default post and comment from...
But it certainly doesn't give me warm fuzzy feelings about the people behind this.
These products should be advertised on theblaze and infowares.
Sure there is a need for better privacy, but I don't really care for the fearmongering...
- High-End Android device
- Privacy features in the (custom) Android version
- "Secure communication builtin"
Again, I like the idea. But so far the details match CyanogenMod (with TextSecure for SMS, maybe XPrivacy on top)?
One of the big drawbacks when I first started my nexus5 was that I was being spyed. Why the hell do I need a gmail account to get started?!
I wonder if it would be possible to install this Android flavour in a Nexus device ?
2) Access Internet (and VOIP) only via VPN or better yet TOR.
3) Only give out your VOIP number. No one must know your direct number, it’s only for emergencies.
This severs all the important connections to make any use of that data, assuming you don’t have any leaks.
Edit: A quick search gave me this by Plivo. Does any one know of any other options?
Completely anonymous hosted PSTN bridge would be very open to abuse, so I imagine not many of them are/will remain accessible via Tor. But for completely secure and/or anonymous communication you don’t need or want PSTN, all you need is (encrypted) VoIP–VoIP that you control, and can optionally expose via Tor (as a hidden service).
Bonus points: GSM bridge at home raises less flags. You could even “take it for a walk” from time to time to make it appear even less suspicious.
But only if you are a private person (or a small cafe/venue). If you are an ISP, you can operate hotspots wherever you want and charge whatever anyone is willing to pay. And you do not need to fear being held liable for your users actions.
Meant to say, that since this change of law we do not have a lot of open WIFI-Spots anymore.
The irony is almost too much.
As for, NSA spying how exactly can this phone ensure 100% secrecy. Given a user would have to use the same apps, and above all, the carrier that other smartphone users use.
Point is, US Govt is hellbent on spying on you. And they will no matter what. Either change the US Govt, or suck it up. Nothing else is gonna work.
Basically, this seems like a lifestyle device for pseudo-"hacktivists". And I expect people to install WhatsApp and Facebook on it. There was this article a few days ago: "When I was young there were beatniks. Hippies. Punks. Gangsters. Now you're a hacktivist. Which I would probably be if I was 20. Shuttin' down MasterCard. But there's no look to that lifestyle! Besides just wearing a bad outfit with bad posture. Has WikiLeaks caused a look? No! I'm mad about that."
I called bullshit from the beginning that anything will change politically, and now six months later I'm more certain nothing is going to change at the political level. They've dug in their heels for the long ride.
The only positive developments has been private companies like Google encrypting their data centers and privacy software finally finding an audience. But at the same time, not even the most die-hard cypherpunks think you can achieve 100% secrecy from a dedicated adversary. But that's not the primary goal. Countering mass-surveillance is.
It still wouldn't be perfect, but would succeed in many scenarios and would greatly increase adversary costs.
Using things like Blackphone can potentially increase the cost of anyone doing this kind of spying, to vastly reduce who will do it for what reasons.
This talk by Dymaxion is good on economics and usability of this stuff: http://dymaxion.org/talks/EaPitLW.html
Were they successful in delivering on the Firefox phones?, Their website always says 'out of stock'. Blackphone seems to be ambitious too. Is it possible for a startup to sail these two boats?
Also I find it odd that the PR is always just before the Mobile World Congress (MWC) which happens in Spain, last year with Firefox OS and this year with Blackphone
With the latest NSA stuff, I came to conclusion that a true secure system can only be built under these conditions and just to put it out there, this is just my opinion;
- A computer company that manufactures their own hardware such as hard drive, ram, cables, network cards.
- An OS that is newly written and not based on any other existing operating systems.
- Building the whole system with INDEPENDENT hardware and software mentioned above.
- Keeping the mobile device's source code offline from Internet as much as possible
These are just the first steps on developing a secure system, then comes the mobile network architecture and encryption etc.
I admit, it is not an easy job but, trying to develop a secure system with "not secure" development tools is not the right way to go :)
It's an interesting thought experiment, but I wonder if we can satisfy many use cases without having to build a truly secure smartphone.
For example, if I just want to have voice calls to a handful of people with the content of the calls encrypted, then perhaps I can just plug in a "scrambler box" between my untrusted off-the-shelf phone and my audio headset?
So rather than designing a secure phone where we trust the wifi stack, the baseband stack, the bluetooth stack, the graphics stack, the USB stack, the flash storage stack because we've designed them from scratch, all we have to design is a little scrambler box that just has audio in, audio out, some mechanism for key generation and exchange, and only needs a laughably modest CPU to do the encryption.
Don't really need an OS at all - single process and static memory allocation should suffice.
The audio encoding/decoding and encryption/decryption don't sound too hard to implement from scratch. It's the interoperability with the rest of the world and the UI that makes implementing a whole smartphone so hard.
[I do wonder though how well our scrambled audio will make it through the phone network which is applying lots of clever compression designed for speech.]
If we assume we can mostly trust hardware designs that are at least 30 years old then we can probably avoid designing all the hardware from scratch - e.g. there's probably some sort of Z80 clone CPU we can copy.
The mechanism for key generation and management sounds a bit tricky though. The user would need some way to add his contacts' keys to his scrambler box.
A keyboard and LCD display to type keys in by hand would be secure but impractical for long keys.
The level of tech needed to read a key file from a FAT filing system on a USB stick might be too high to be easily implemented securely. Any ideas?
I'm aware of the famous "trusting trust" paper, but I'm not sure we need to worry too much about the compiler used to build the software running on our scrambler box. All we need to do is choose a compiler released before we started out project and never upgrade it. It is hard to imagine a compiler backdoor that would automatically recognize that the intent of our code is to encrypt data and undetectably comprise it (though it would be wise I guess to avoid any existing implementations of cryptographic primitives).
Sounds like a hardware kickstarter project :)
We may as well try it out! The concern will be the goal of the project...
What will be the output ?
Will it be just an experiment or business based project?
Never the less, it is exciting to see that a unique device can be made actually!
I would love to see how secure it would be at the end!
1) When asked, people may say they want security and privacy - but in practice convenience and functionality win.
2) Among people who genuinely need secure communications, encrypting the content of calls/texts is good, but isn't normally sufficient - they're still vulnerable to traffic analysis.
By traffic analysis I mean that even though the adversary can't read the content, they can still figure out things like:
"Mr X is the ring-leader of the freedom fighters since his phone is used to send encrypted messages to several other phones, which then send messages on to several other phones."
"Mr Y is guilty of orchestrating the protests since we saw a strong correlation between the times of the protests and messages coming from his phone."
So I'm not sure how popular the product would actually be. Unless we can somehow solve the traffic analysis problem.
We can solve it by faking the signals and sending it every x timestamp. So they will think there is a traffic but there is not. This is the first came to my mind but i don't think it is a big issue at all.
Marketing of this, is a little bit different. Of course, you will not sell if you say you have the most secure phone. But if you polish it with some exciting features which does not exist yet? :)
Not to mention that none of the providers have the code to the baseband.
I could imagine a phone that treats the baseband as an untrusted entity and encapsulates everything running over it. This would require forcing SSL for all HTTP traffic, and using some standard for SMS and Voice encryption that is on by default when the recipient on the other end also has a supported device. For those that do not you're unencrypted SMS would be exposed at many hops even if they smartphone were full OSS and trusted, even to the baseband level. So silo'ing everything where possible is a valid solution with closed basebands.
Hackers have built some amazing hardware in past and we all know about how open source communities have built some of worlds best software. Google, Apple etc. are building devices where they act as gatekeepers and charge us for all nonsensical stuff.
If you make a website there are a gazillion ways to promote it but there is only one way to promote and app. Pay some advertiser and you are totally at mercy of Google or Apple.
Firefox has been doing the right thing so far but they seem to take too much time.
If you're "picked up" or detained and you have a Blackphone, or someone observes you using your Blackphone I doubt very much it would help your pricacy concerns.
If however you have a seemingly normal phone it might be overlooked and simply using it wouldn't raise suspicion.
My point is that this type of phone is more for the "regular" person who simply doesn't want to be monitored (as much) and not covert agents looking for a secure phone/platform for communication.
There is no mention of the methods used by the phone to ensure privacy.
1. Is this just a stock phone with some privacy-orientated applications built-in, or is the OS and hardware contributing anything?
2. They seem to be using Android. AOSP or Cyanogenmod? Have they any work themselves to harden the OS? Are they using virtualisation?
3. Any closed binary blobs in there? What about the baseband firmware? (Does open source baseband firmware even exist?)
4. Whats the hardware like? Is it hardened in any way?
Does anyone know if the actual baseband/wireless side has been designed with security in mind? -for example I'd love to be warned when I'm connected to an A5/0 "encrypted" GSM network, but I haven't been able to find a handset build in the last decade that's willing to warn me.
iOS and Android support VPN but it needs to be manually activated each time, making it rather useless unless you're using some public wifi. If I understand correctly there is a possibility for large companies to integrate VPN but for the average guy it's rather useless if you have to activate it. If this phone has VPN really integrated that'd be great.
Oh, and never mind compromising the people involved.
I started a thread to discuss this idea:
People. It's really secure, private, and anonymous, ok?
Eh? Wouldn't "Enabling secure/private communications" be a better, albeit less grand, descriptor?
Also, why is domain on .ch ?
Not a super-reputable source, but succinct: http://www.wisegeek.org/why-is-switzerland-regarded-as-a-neu...
Official Swiss propaganda, but has more info: http://www.vbs.admin.ch/internet/vbs/en/home/documentation/p...
They state in the video: "Blackphone is a Swiss joint venture between Silent Circle and Geeksphone"...
Still doesn't reveal much, as both companies in this joint venture aren't swiss and in the swiss company register I couldn't find an entry for them.
Holder of domain name:
Geeksphone Rodrigo S
calle Manuel Silvela 1
Ok, so how do they stop Facebook et al from abusing our contact lists and location data as they do on existing smart phones?
So, yeah you can encrypt the voice channel. That's great. You can send encrypted text messages. The people involved are serious cryptographers. All of it sounds good.
You have to ask your self though, what is it you are trying to do? Who is your adversary? Other people here have mentioned it, but what about apps on the phone? Facebook is still Facebook.
Jokes aside, I think it's a great initiative, looking forward to see what comes out of it.