Blackphone2 review (1)

This blog is normally in danish, but since there are very few actual reviews of the Blackphone2 to be found, I decided to write this review in english.

The Blackphone2 is a product from the swiss company "Silent Circle".

Silent Circle makes a lot of hoopla about security but all the reviews and tests I could find were just treating this as another phone with a cloud-security-thingie.

My goal is to have a computer in my pocket I can actually trust, at least to some degree, so in the end I shelled out £500 from the point of view that it is probably not any less secure than other phones in the market.

Hardware

It's a smartphone: Black, square, fingerprint collecting touch-screen.

Software

To be totally blunt: I'm not terribly impressed.

That being said, I would likely down-right hate any other contemporary smartphone so this is praise by faint damnation.

My major beef is that Silent Circle markets the BP2 like this:

In my world, "private by design" would mean that nothing is shared, unless by my explicit permission, but this phone is nowhere near, all the defaults seems to be set to "share".

I see a clear trend that all these "share" settings point back at Google, and it wouldn't surprise me the least if Googles contractual terms prevent Silent Circle from changing them.

But "private by design" it sure isn't.

To get what I consider sensible privacy settings, you have to audit the permissions of all apps, and pay very close attention to all checkboxes at any time.

The good news is that you can do that: Silent Circle has made it possible to deny specific permissions for each App.

Which btw. is why I'm sure I would hate any other Android smartphone where this is not possible.

  • Why does the "YouTube" app need to do "Wi-Fi Scan" ?
  • Why does the "Camera" app need to "Modify Settings" ?
  • Why does the "Contacts" app need to do "Wi-Fi change" ?

Don't get me started...

Spaces

The killer feature of the BlackPhone2, seen from a security point of view is that it has "spaces" which as far as I can tell are just jails by another name.

From factory reset, the BP2 has a single "Owner" space and if you don't do anything else, you have a regular Android phone with a few extra bells and whistles.

You can create three kinds of spaces: "Silent", "Personal" and "Managed".

A managed space is controlled by some 3rd party typically the companys IT department, so all corporate data, VPN and intranet can be isolated to the managed space.

I have not tried playing with that, but if it works as described, that feature alone should have CIO's signing P/O's for new phones for everybody in the C-team[1] and V-team[2] post-haste.

A personal space is setup and configured from the "Owner" space, and a number of coarse permissions can be applied to the space:

  • Outgoing calls
  • SMS
  • Share location
  • Bluetooth
  • Microphone
  • App management
  • Unknown Sources ...

As far as I can tell, a silent space is a personal space with the ability to monopolize network connections and without all the Google-apps.

And that brings me to...

Documentation

There isn't any.

Nowhere I have been able to find, is there a document which comprehensively and precisely tells me what the difference is between a personal and a silent space.

Silent Circle has a bunch of "FAQ" style tidbits on their home-page, but I have not found anything resembling a "Principles of Operation."

There's a boat-load of FAQ-style marketing overloaded tidbits on Silent Circles homepage, and if you traverse the entire tree you will probably come away with a general concept of what the heck it is their software can and how it does it.

But take it from me: A real document, you know, the kind that has pages, pagenumbers, structure, informative illustrations, that sort of thing, would be a big improvement.

Yes, yes, yes, I know it is 1400s technology, but give it a try anyway, please ?

Does it work?

Fundamentally yes, but in a lot of details no.

For instance: Bluetooth access is by veto. If any space from which you withheld access to bluetooth is running, bluetooth is totally disabled in all spaces, leaving you with sliders which seems like you can turn it on, but don't when you try etc. etc.

I have yet to find out how to put a file on the SD card, so that it can be seen from other spaces than "Owner".

I can see the SD card in the other spaces, but there are no files on it.

When I tried to copy files to the SD card via the USB cable in the Owner-space, the BP2 shut off cold.

Holding the power-switch down for some seconds cold-started it.

Then I took the SD card out, used a USB adapter to copy the files directly to it from my computer, put the SD card back in the BP2 - which didn't see the new files.

Pressing "refresh" in the file manager (Cyanogenmods as far as I can tell) made no difference.

Unmounting the SD card, trying to access a uncached file on the SD, getting a read-error, and then inserting the SD card updated whatever cached directory-listing it was showing me before.

And then we get to the downright obscure behaviours.

When the phone cold-starts, it asks for PIN code.

It doesn't say which one, so I tacitly assumed it meant the pincode to the Owner space, but that wasn't it.

It's also not the PIN code for the SIM card.

It wants the pincode for the personal space I created.

I've sent their support@ an email about that, we'll see what they say.

Conclusion so far

As I said earlier: This is praise by faint damnation.

At least Silent Circle has tried to improve the panoptical lack of privacy model designed into Android, but it is also painfully obvious how far they have yet to come.

On the big plus side, I have already downloaded two^H^H^Hthree 754MB security updates in four days, that is two^H^H^Hthree updates more than my current HTC Android phone has received in the last three years.

Second part of review here.

phk

PS: The "(1)" in the title probably means that at least one follow up will happen later.

[1] CxO titles

[2] Vice-* titles

Poul-Henning Kamps billede
Poul-Henning er selvstændig systemprogrammør, kernekoder, Varnish-forfatter, data-arkæolog og brokkehoved uden særlig portefølje.

Kommentarer (5)

Mikkel Mikjær

Men jeg tror lige jeg venter lidt på at høre om og hvordan de reagerer på din henvendelse, det lydder umiddelbart som noget klyt - og en hacked HTC/Samsung/Whatever kan vidst cirka det samme som du beskriver her.

(Ja bortset fra Jails ... men de lyder ikke just til at være særlig godt implementeret)

Martin Bøgelund

I have yet to find out how to put a file on the SD card, so that it can be seen from other spaces than "Owner".

Google is your friend...
Top result when Googling "blackphone file copy" is...
How can I connect Blackphone to a computer via USB?:

Also note that is you are using Secure Spaces, each space acts as a different phone, and when you switch spaces on the phone, the computer will disconnect and reconnect! This also means that if you have different pictures (or exported contacts or other files) in different spaces, you may need to connect to each space to copy them all to a computer. While this may seem like a problem, it is actually a very good thing because it is part of what secures each space from the other.

I guess you just ran into an instance of "private by design"...

Nicolai Buch-Andersen

It sounds as if some of the features from the Blackphone is now standard in Android 6.0.

Google implemented a new permission model in Android 6.0 (released this fall). Permission must now be given at runtime (when the permission is actually needed) instead of at install time. You can also enable/disable permission manually from the Settings at any time.

Log ind eller opret en konto for at skrive kommentarer