A subscriber reached out to me and asked me to look over a “privacy focused” smartphone called Brazilian GranitePhone and its “Sikur” applications. I was responding to him in an email, and the response ended up longer than expected, so I thought I would simply share it with all of you. I really appreciate when you guys reach out to me. If you have something, you want my opinion on, please just leave it in the feedback section. I answer your questions either in writing personally or on the blog, or address them in the podcast.
I received your note from the Charles Carroll Society blog about the Blackphone 2 and GranitePhone. I am also disappointed in Silent Circle’s Blackphone 2. However, they appear to be trying to come around. They now have Over The Air (OTA) security updates that appear to bypass the Google ecosystem. Their cellular intrusion detection system (CIDS) broadband firewall is a fundamental solution required for any privacy focused cellphone. I fear it is too little, too little too late to save the Blackphone 2 and perhaps Silent Circle the company if what I hear about them in serious financial trouble is correct.
Smell test. I just looked over the GranitePhone website and a couple of videos, say two hours or so. Unless you know of some documentation I can’t easily find, I don’t see the case for this phone. In other words before I put my hands on the physical phone, I need more information to actually review. They have to pass the “smell test.” The GranitePhone appears to fall into the same trap Silent Circle and the Blackphone 2 did. If you notice on their web site you will see them talk about:
1. Secure (they even have a gimmicky way of spelling it) Chat
2. Secure message, file sharing, encrypted calls, sms, etc.
What is all of this stuff? These are the applications that run on the phone. Notice something missing? Anything actually about the security of the phone! I mean there is nothing wrong with Silent Circle the application which offers all the encrypted calls and what not. Nothing at all. Actually I would say it is as good as any application out there and recommended by me, and many others who know more than I do. The issue with the Blackphone 2 is the hardware and the Internet connected Google Android operating system.
“Sikur” even says “the OS is on top of the Android.” Ok, first Android is the operating system (OS). You don’t put an OS on top of another OS (well maybe virtualization) thus this is marking speak. Silent Circle did the same thing “Silent OS.” What is that? And by the way Silent Circle does not support Silent OS. I once reached out to Silent Circle and said someone apparently was trying to hack their so-called Silent OS, and they said, if they are not hacking Silent Phone application itself they do not respond to potential intrusions. If they don’t support it, and they don’t define it, it isn’t a thing. SilentOS (and whatever Sikur is calling their so-called OS) = nothing.
Secure Google Android? When they say they put their OS on top of Android, this marketing speak most likely (I can’t tell from their public information) it means is they are configuring Android to be more secure. Ok, neat. What do they do to make Google Android a version of Linux specifically designed to leak information, more secure? I don’t care (right now) about their applications, I want to know what they did to make the hardware and real operating system (Android) more secure? Where is that information on their site? It is not there. Thus guess what they probably did? Not much.
Hardware special? The next thing is the hardware. All of these system on chip phones (GranitePhone Qualcomm Snap Dragon included) combine the Qualcomm broadband firmware and give it access to your microphone, camera, and GPS. This is because it is “system on a chip” all of that I/O is on the same chip as both Android and the broadband firmware. We know the broadband firmware itself is horribly riddled with flaws. That is why everyone can “jail break” their phone like this 19 year old did to Apple in one day. We also know in the Snowden leak of documents the State level actors bragging that they can turn on your microphone even with your phone is physically off. The only way they can do that is some type of undocumented capacitor (to hold power) and manipulating the Qualcomm broadband firmware (the OS is not booted). Thus where on Granite Phone’s website do they talk about how they have secured their hardware?
These are kindergarten level questions that anyone working in the Information Assurance now called the Cyber Security world would ask. After asking child level questions we would quickly move into things like broadband firewall, TPM, FIPS, SELinux or App Armor. Again these are really toddler level questions. And these guys don’t just address them anywhere I can easily find.
I said we are secure. I will give you another example. In their FAQ they say “6. Are there backdoors in SK? No. SK was designed so there would be no backdoors.” Wow, thanks. Doesn’t that make you feel warm and fuzzy that a company says there are no backdoors? What are you joking? Can this be serious copy for customers actually concerned about privacy? Where is your evidence, where is your proof? Do you talk about the backdoors built into Android? Do they discuss the backdoors built into broadband firmware? What do they say about the USG saying they will throw the CEO into jail unless he builds a special backdoor for them, like the USG did to Apple, Silent Circle and Signal?
That is the most ludicrous statement I have read lately and don’t worry it is made by a lot of “privacy” focused products. We do not need nor want your statement, we want to see technical solutions that prevent you from building back doors. BTW, that is why Silent Circle gave up the source code to ZRTP so people would trust it. It doesn’t have any “backdoors” because it is peer reviewed and reviewed by several security firms. If Sikur think they have to market their solutions only to CEO who they think do not understand this, ok, put the technical information on a separate Geek page. “We don’t have any backdoors…” that is so said it is almost funny.
No technical information. Let me share something with people trying to sell technology products into the C-staff into the SMB marketplace. I successfully did this for over 15 years, and at one time had the 32nd fastest growing company in all of the county I previously lived in. I was invited to a roof top ceremony on top of the highest hotel with the Mayor and all of that. This particular county has a population this is twice the size of the entire state of Idaho. After 15 years, I simply got bored and wanted to do something else, like raise pigs and comment on politics. Wait a minute there is something to that…
Anyway, back on point, there is not a C-staff person worth their salt that does not have what I termed “a geek on a leash.” You have to present your information to meet both the CEO and gaggle of nerds he normally has with him. This is how GranitePhone or Blackphone sell call would go down in the real world. They would go to the CFO or CIO (because they are special) and say:
“Our phone is secure.” CFO looks at IT Manger; CIO looks at IT Manger (or whoever their geek on a leash is) and asks “is that true?” IT Manger looks at GranitePhone’s website and says “I have no idea. There is no technical data on their site to convince a technical person that their phone (hardware and operating system) is any more secure than any other phone. They do have pretty applications though.” CEO says to (GranitePhone / Blackphone) salespeople “get out of my office.”
Just. That. Simple.
GranitePhone website talks a lot about its secure applications. To the best of my knowledge Moxie Marlinspike‘s Whisper Systems’ Signal which is free does most of this. Signal is “good enough.” Most likely it would take a State level actor to man-in-the-middle a Signal chat conversation. And I would assume he would do that through the Google technology that Signal uses. Normally it is much easier to just break into your daughter’s unsecured Internet connected social media or gaming application on her smartphone and listen to you talk through her phone.
The point is, your local and State “powers that be” most likely do not have the technical capability to crack text messages sent through Signal. The issue is that Signal depends upon Google’s infrastructure to work. That is a very questionable decision. There is mass surveillance built into Google ecosystem of applications and tools. Thus if you don’t want to work with remove more of the Play Store, pay the $10.00 a month and subscribe to Silent Circle. There is nothing wrong with their secure application. Actually it is often considered the Gold Standard. It still has too much of Google Play Store in my opinion, but unlike when I wrote the first review, you can now actually run Silent Phone without the Google Play store logged in. It has “less” Google than Signal. It now seems to be less reliant upon Google than Signal.
All desktops are insecure by design. GranitePhone talks about their application on a desktop. They never mention that it is basically impossible to secure a standard desktop. Just impossible, too many vectors for compromise. Thus any application on it must be considered compromised. It is most likely simpler for me to install a key logger on the CFO’s computer than to crack Sikur desktop application, but that is not that hard. That is why everyone who knows anything uses TAILS. Yes TAILS can be cracked, but guess what. As it is a read only entire desktop that s on a non-writable media, just reboot your computer and you have a beautiful new clean environment to use.
Until I see a product that addresses the basics of the hardware and operating system security, challenges I would recommend simply buying an iPhone, and run Signal and / or Silent Circle on it. If you are someone who depends upon privacy and what to have a phone that is as secure as I know how to make it, buy a Blackphone 1 (no Google) and talk over that. Another thought is buy something like an iPod Touch (no backups) and (no Google, no broadband) and use only Silent Circle on it with 802.11 (WiFi). If you absolutely must have a cell phone I would first look over what you are doing. Then I would look at the German built GSMK Cryptophone. If someone with a lot of money actually wants me to take a deep dive into a privacy focused cell phone that may be worth the time and effort, send me a GSMK Cryptophone for review. It passes the smell test, and there are many international business people (bankers, international reporters and bureaucrats you know all the people ripping us off) who depend on the GSMK Cryptophone to keep them out of jail. It is just too expensive for most people. Yet they claim at $3,500 there are over 100,000 people using them. But boy does it look good. Actually now that I am thinking about it, send two. I need to work on the phone itself and see if it actually works.
In truth, if you want privacy in the 21st century I would just go on a hunting trip in the woods with no electronics and talk there. 7K buys a lot of hunting licenses. Again, I would rather get some real technical information about the GranitePhone and spend good time reading through that, than playing with the hardware at least initially. What I initially see, I would not burn the $850.
Hope this helps in your decision.