Mobile security and privacy are important – hacks and surveillance are on the rise. But with the two main phone makers, Apple and Samsung, on the slip, where to turn? Well, you could try joining the Silent Circle.
Full disclosure: I’ve been using Apple devices since the mid-1990s. My first was a grey plastic laptop with a 3.5 inch floppy drive. I am so locked-in, I think I must have thrown away the key myself. But I have an open mind. Which is good, because I’ve grown increasingly weary of the Cupertino mob’s focus on consumer whizz-bangery. And its music app … aaah! Stop syncing what ain’t there.
So I’ve been wondering: what would be my alternatives?
The iPhone 7 is pretty ordinary as new technology goes, and perhaps the slow sales prove it. A Samsung, running Android? No, thanks. Not after the Galaxy Note 7 burnout, and Android is a “fragmented” operating system (everyone’s running a different version) – and it’s just too Google for me. What about a Huawei, HTC, Blackberry, Sony, or even a Fairphone? No. I want something that’s fit for work, low on frills, and secure. A “Merkel phone” perhaps? Yes, perhaps. That’s a Blackberry running SecuSUITE encryption software. The German government uses more than 10,000 of them. All right.
But then I remembered the Blackphone 2 (BP2). It’s made by Silent Circle, whose co-founder and chief scientist is Phil Zimmermann. Zimmermann created PGP and ZRTP, two standard bits of encryption software.
Their Silent Phone and Silent Text apps scored seven out of seven on the Electronic Frontier Foundation’s original “Secure Messaging Scoreboard,” and the phone itself looks fairly no-nonsense. Nice.
So I’ve run a few basic user tests.
First impressions
If you’re wondering, Blackphone? What’s that? The BP2 is an “enterprise” device – it’s aimed at businesses more than the average consumer. In the US, Silent Circle has targeted business, government and military users. It is, as the slogan goes, “Private by design.”
Out of the box, the BP2 is a lot less slippery than my iPhone. Nice again. But it feels a little too light to be true. The power adapter even feels hollow.
The BP2 takes a nano SIM, which is handy, as so does the iPhone.
So the first thing I did was insert my SIM card. The tray is similar, too, but flimsy. It looked like the plastic was about to break off. That said, it has room for a microSD.
The phone turns on and delights with a 5.5″ FullHD Gorilla Glass display and nerdy, networky graphics.
Other key specs include: LTE and Worldwide 3G/HSPA+ connectivity, Qualcomm Snapdragon Octa-Core Processor, (a mere) 32GB internal storage, 13 MP backside-illuminated camera sensor (with 5 MP front), and a 3060 mAh Battery with Quick Charge 2.0.
The silent system
Blackphone 2 runs Silent OS on top of Android v6.0.1 – which means it probably dodged the Gooligan malware, which went for earlier versions. Silent OS is what they call a “hardened” version of Android. It’s made for the Enterprise market, with secure, encrypted end-to-end communication its calling card.
Once you’re through the basic setup, you’re faced with a “Home Space,” where the Silent Phone app and Google services are pre-installed. If you want to make calls with Silent Phone, you have to set up an account, and you can only call other members of the “Silent Circle.” And you’ll need to pay for a monthly plan. But there is a normal phone app as well.
You can set up multiple spaces, with only the apps you want. I created one without Google services – a Silent Space – it’s the most secure you can get. And there’s a Security Center for managing your various spaces. You may, for instance, want to keep your work and private lives apart and lock them with different passwords, passcodes or patterns – but only one or the other. Silent Circle missed an opportunity for two-step authentication here. But you can share files between spaces, and switching between them is simple.
The function is not entirely unique to the BP2. Samsung Knox also has a “sandboxing” feature that allows you to keep different layers of the device separate from each other and thereby reduce vulnerabilities.
But I still don’t understand how the BP2 handles permissions. When you open an app, it asks you for a string of permissions – allow or deny. Okay. But say you open the camera and you deny permission for it to use location services, the app simply closes. No camera.
And my question is, why ask for my permission if I have to agree to everything anyway? I asked two sales execs at Silent Circle and I’m still waiting on an answer.