Government // Mobile & Wireless
Commentary
3/7/2014
11:35 AM
Randy Siegel
Randy Siegel
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Smartphone Security: Two Shades Of Black

Boeing Black and Geeksphone Blackphone both made a splash at Mobile World Congress. Learn about the companies' distinctly different approaches to security.

Mobile devices that deliver secure voice and data emerged as a dominant theme at the recent Mobile World Congress in Barcelona -- albeit from a surprising roster of companies offering radically different approaches.

Two announcements in particular captured the growing interest for much stronger security within the huge government market, as well as regulated industries where price elasticity remains high.

Boeing announced a secure phone dubbed Boeing Black, while a new joint venture called SGP Technologies announced Blackphone.

Boeing Black (Source: Boeing)
Boeing Black
(Source: Boeing)

Boeing unveiled its first foray in the smartphone market, an Android-based phone engineered to boot securely, with a "hardware root of trust." It features embedded FIPS 140-2 encrypted key storage and configurable operating system security policies. It seems to adhere to the various security requirements set forth by the National Security Agency's Mobile Capability Packages and the NSA's associated Commercial Solutions for Classified (CSfC) program.

[Will remote disabling switches become the norm? Read: Kill Switches: Phones Just The Start.]

Rebecca Yeamans, director of communications for Electronic & Information Solutions at Boeing, said the new device is "rooted in trust through a combination of hardware and software components and secure assembly in the US," utilizing Boeing's PureSecure architecture. She refused to talk pricing, but it may be $1,600, from what I hear.

Blackphone (Source: Geeksphone)
Blackphone
(Source: Geeksphone)

Maryland-based Silent Circle and Spanish smartphone player Geeksphone announced a joint venture under the SGP Technologies umbrella with a product called Blackphone, aimed at those looking for a phone that puts a premium on privacy. Dutch Telecom giant KPN will be the first launch partner for the phone, which is priced at $630 for an unlocked phone and comes packed with $250 of additional software for free.

The company's services are based out of Switzerland (a country known for its predilection for privacy). It pairs Geeksphone's PrivateOS, which is also built on an Android operating system, with Silent Circle's suite of privacy-protection products, including Silent Phone, Silent Text, and Silent Contacts. It also includes an anonymous browser, VPN, and secure cloud file storage from SpiderOak.

Tools like Silent Text include the ability to destroy messages, files, photos, videos, or voice recordings or set a timer for them to self-destruct. Similarly, Silent Phone allows users to anonymously make VoIP phone calls. The company claims that no one can listen in or wiretap a call.

Silent Circle has taken a privacy-first approach to its offerings. This approach is radically different from established players in the smartphone space such as BlackBerry, Apple, and various Android OS developers, in that the company is focusing on individual privacy concerns rather than standards bodies of any one country. The Blackphone employs a host of technologies that seek to anonymize communications -- attempting to seal the door against individuals or nations trying to eavesdrop.

Toby Weir Jones, managing director for SGP Technologies, told me, "We know this device doesn't take you off the grid, but it does greatly enhance privacy. It's certainly a step in the right direction." He added that his company seeks to offer customers a baseline of privacy in a manner that does not depend on any one nation state.

Indeed, the product is designed to appeal to individuals and companies that do not necessarily care about specific technologies, standards boards, or government oversight. "We have developed a product that is for users who don't need to know what Elliptical Curve Cryptography is and don't want to know," says Jones.

Dan Ford, a member of Capitol College's IA Advisory Board and lead professor for mobile security, shared with me his observations about Boeing Black and Blackphone: "Clearly both companies have raised the bar on security. However, they have done so in different ways. The Blackphone from Silent Circle-Geeksphone essentially is taking a [commercial, off-the-shelf] device, packing in thousands of dollars of privacy services, and making the Android-based device significantly more secure at a really attractive price point."

Ford hasn't yet used the Boeing Black, but he commented on the "sealed and tamper-resistant" device, saying, "I wonder how this would play out with operators in the field... if the device is broken or needs repair." They would be out of luck in a mission-critical situation, he feels.

These two devices are aimed at radically different end-users. While Boeing has taken a traditional and US government-sanctioned approach, SGP has taken an "individual, privacy-first" approach without regard for any government buy-in.

The competitive approaches are likely to be good for government. Both companies promise further announcements. Given the state of mobile security today, it will be interesting to see which approach gains the greater following.

IT is turbocharging BYOD, but mobile security practices lag behind the growing risk. Also in the Mobile Security issue of InformationWeek: These seven factors are shaping the future of identity as we transition to a digital world. (Free registration required.)

Randy Siegel is the Founder of Center Circle Consultants, which focuses on US government mobility. He's also a Principal in Acommence Advisors, a mobile advisory company. He spent more than a decade with Microsoft Corp. where he oversaw Microsoft's mobility strategy and ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Stevemartin
0%
100%
Stevemartin,
User Rank: Apprentice
5/23/2014 | 7:49:06 AM
Smartphone Security
Both of these have nice features and good supporting OS as well. It's a good step towards protect the digotal privacy and if they include top vpn then it will be much beneficial.
Netsecrex
50%
50%
Netsecrex,
User Rank: Apprentice
3/11/2014 | 11:13:00 AM
Re: Switzerland angle
To be clear and according to Silent Circle's website.  Their servers are currently located in Canada and will eventually be opening up in Switzerland.  A thing to note, Canada has some of the stricted privacy laws around.
WKash
50%
50%
WKash,
User Rank: Author
3/11/2014 | 9:58:10 AM
Re: Switzerland angle
It's interesting to see how a nation that earned its reputation as a financial haven for those wanting to protect their wealth has evolved into a data haven for those wanting to protect their digital privacy.

 
randy-center-circle
50%
50%
randy-center-circle,
User Rank: Apprentice
3/10/2014 | 4:54:55 PM
Re: Switzerland angle
Laurianne - Sorry for tardy reply. The Swiss angle simply has to do with privacy concerns. By basing their servers in Switzerland, Silent Circle (as well as a host of other company's) , are not subject to the same reporting, auditing and compliancy standards as other countries. In general, the idea of having servers OCONUS (outside the continental United States) is to have a "neutral" country outside of the reach of any one nation state to in order to better secure privacy (at least that's the thinking here). Best - RS
micjustin33
100%
0%
micjustin33,
User Rank: Moderator
3/10/2014 | 9:24:28 AM
Re: Switzerland angle
After the Snowden's leaks, it has obvious that no feature of our digital life is secret. Your messages, photos, videos, whereabouts and preferences leave a lasting blueprint for the NSA.

Tor is mainly used to obscure personality of internet users. It can help you keep off from surveillance observe and traffic analysis used by search engines, websites and online applications.

Tor's New Smart OS Will Secure Your Smart Phone. Tor mobile operating system will definitely get a warm reception from the online privacy community
Laurianne
50%
50%
Laurianne,
User Rank: Author
3/7/2014 | 12:36:44 PM
Switzerland angle
Randy, what if anything does the Swiss angle here mean for users of the phone? What are the legal implications?
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Tech Digest Oct. 27, 2014
To meet obligations -- and avoid accusations of cover-up and incompetence -- federal agencies must get serious about digitizing records.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of October 26, 2014 and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.