A PHONE FOR THE AGE OF SNOWDEN
POSTED BY JOSHUA KOPSTEIN
3o Jan 2014
Around midnight on Tuesday of last week, people near the barricaded city square at the center of mass protests in Kiev, Ukraine, received an ominous text message: “Dear subscriber, you are registered as a participant in a mass disturbance.”
The message was most likely sent by the Ukrainian government using what’s popularly known as an “I.M.S.I. catcher”—a controversial tool that disguises itself as a cell-phone tower so thatnearby devices connect to it, revealing their locations and serial numbers and, sometimes, the contents of outgoing messages. It was a bleak reminder of how cell phones, one of the past decade’s most indispensable and ubiquitous pieces of technology, can silently leave their owners exposed to governments and high-tech criminals.
A number of companies have emerged in the post-Snowden world peddling products that claim to protect from that kind of unwanted surveillance. One of the most promising, a smartphone explicitly designed for security and privacy, called Blackphone, comes from a respected team of cryptographers. The device is a collaboration between Silent Circle, a security company co-founded by the cryptography pioneer Phil Zimmermann, and GeeksPhone, a Spanish startup that manufactures tinker-friendly handsets.
Blackphone’s primary selling point is that its “PrivatOS” operating system and Silent Circle software provide easy-to-use, end-to-end encryption for text messaging, phone calls, and video chats, using techniques pioneered by Zimmermann that make it difficult, if not impossible, to spy on conversations. The encryption scheme, which scrambles the contents of each message or call so that only the designated recipient can understand them, is designed based on the assumption that the cellular network and other devices are fundamentally untrustworthy.
Secure phones aren’t entirely novel, but they have, in the past, been either difficult to obtain or difficult to use. The N.S.A. developed some of the first encrypted telephone systems, like theSecure Telephone Unit, a safe-size, multi-thousand-dollar device that was released in the nineteen-seventies. More recently, the agency released blueprints for a secure Android phone called Fishbowl, though it’s hard to imagine who would use the device now. A German company called GSMK has also been producing a series of secure phones, called CryptoPhone, for a number of years. Like the Blackphone, the CryptoPhone uses a “hardened” operating system that makes the device more difficult to hack, but its programming code is available for anyone to look at, allowing its security to be independently verified by experts. (Blackphone is promising to release its source code at some time in the future, but right now its creators say their priority is making sure the phone ships.)
While there aren’t many technical details yet available, Blackphone seems to be reaching for a more mainstream audience by leveraging a consumer aesthetic that you might call “surveillance-state chic.” Its promotional video is awash in dystopian imagery: a hooded figure, dressed head-to-toe in black, navigates a dense urban sprawl, as surveillance cameras watch. “Technology was supposed to make our lives better,” the narrator gravely intones. “Instead, we have lost our privacy. We have become enslaved. Now, it’s time for a change.”
Some of the privacy advocates I’ve spoken with worry that using “black” or “dark” as a predominant sensibility sends the wrong message. These motifs “sound l33t, cool, and anarchistic, but that’s not the branding our goal needs,” said Brennan Novak, a designer who works on privacy software. “Having private conversations should not have the stigma of potentially dangerous and illegal activity attached to it.” Other services that use similar branding include Dark Wallet, a tool that promises to provide private Bitcoin transactions, and Dark Mail,a secure email system being developed by Silent Circle and the defunct Webmail provider Lavabit.
Perhaps more alienating is the fact that the level of privacy that Blackphone promises comes at a premium: in many ways, Blackphone is a vessel for Silent Circle’s existing subscription service, which has a monthly fee and requires both parties to install the apps in order to communicate completely securely. The company’s chief technology officer, Jon Callas, told me that he estimates that Blackphone’s up-front price will be less than the cost of the latest iPhone (six hundred forty-nine dollars) and will include a Silent Circle subscription for new customers. But, he emphasized, users will also be able to install other privacy apps and services, switch carriers, or load an entirely different operating system.
“They are selling expensive services and hardware to people who can afford it, and they are building silo’d communication systems,” said Nathan Freitas of the Guardian Project, a group that builds free privacy apps for smartphones and tablets. The group also makes pre-configured software that runs on commercial handsets from manufacturers like LG and Samsung, which it bundles with training and documentation that it sells to human-rights organizations at cost. Freitas’s goal, however, is to build a privacy layer that will work on any smartphone—even the cheap, plastic ones “available in the corner shop,” he said.
Still, Silent Circle has seen its subscriber base expand since the Snowden revelations. When I asked Callas whether Blackphone is meant for security-savvy professionals or for average people, he described his customer as “in between, or maybe a bit of both.” Blackphone’s advantage, he said, is that it makes encryption tools and privacy the default experience. “It would please me to no end if someone wrote an article on how to lock down and secure Android, and the cookbook ended with, ‘Or you could just buy a Blackphone,’ ” he told me.
At the end of the day, even a phone that provides completely secure texting, calling, and video chat offers users limited protection. The N.S.A.’s metadata program, which collects the phone records of virtually every American, and was declared illegal by a federal oversight board, gets its data from carriers, not from individual handsets. In a speech about the N.S.A., President Obama proposed changes to the program, but made clear that its core capabilities would remain intact. At the same time, a new Transparency Report shows that Verizon received requests for U.S. customer data from law enforcement more than three hundred and twenty thousand times in 2013; only eleven per cent of the demands included probable-cause warrants.
Meanwhile, data such as a phone’s location, as well as personal information accessed through “leaky” apps, are sent to cell towers as part of a phone’s normal functioning. A new report from the Guardian reveals that U.S. and U.K. intelligence agencies have been collecting data transmitted to third-party ad networks by “free” mobile apps like Angry Birds, which can include users’ age, location, sexual orientation, and other personal details. Surveillance tools, like the I.M.S.I catchers that the Ukrainian government probably used against protesters, can collect data about all of the devices around them—sometimes even when the devices are turned off. In other words, no matter how secure the smartphones themselves may be, the apps that people most want to download, and the networks they most want to use, continue to be vulnerable.
Yet even if Blackphone’s innovations reside purely in marketing, as some suspect, it might still represent a tiny step forward for mobile privacy. If it succeeds, said Freitas, “that could be all that is really needed for this type of solution to break through to a wider, mainstream market.”
Joshua Kopstein is a cyberculture journalist from New York City.