Showing posts with label snowden. Show all posts
Showing posts with label snowden. Show all posts

Friday, February 21, 2014

First NSA-proof phone already on the market


Believe it or not, the first NSA-proof phone is on the market for years, and it is called Secfone, not Blackphone. It was not available for public for a long time - only for governments and military organizations -, but as of 2013 it can be ordered from BeSure Europe LLP. It was announced at Mobile World Congress (MWC) Barcelona in 2013.

This is the only solution that we have enough information about to claim it to be NSA-proof or rather eavesdrop-proof.

How can Secfone protect mobile conversations?

Secfone is the only solution on the market that implements triple-level protection. Triple-level protection means the protection of communication, encryption keys and smartphone. Leaving any level out makes the encryption solution vulnerable and easy to tap. For example encryption software on iPhone and BlackBerry smartphones can not protect the smartphone itself, since these smartphones have proprietary operating systems. We had no information how these operating systems work until Snowden released the NSA documents. These documents prove that iPhone and BlackBerry has a backdoor. The backdoor called DROPOUTJEEP, and provides direct access to the smartphone's microphone and camera. This makes these smartphones a personal bug.

Protection of communication - Level 1

Secfone protects the communication with unique implementation of assymetric encryption. Using non-standard implementation is inevitable. Standards define the methods of cracking - they provide enough information to crack the keys. Encryption cracking software and hardware appliances are designed and optimized to crack standard encryptions.

Read the implementation (patent description only for experts!)

Protection of encryption keys - Level 2

 Encryption keys can not be protected on any smartphone, especially not with encryption software. Keys can be protected only in a special hardware, called Trusted Platform Modul or cryptochip. This hardware is designed to generate, manage and use encryption keys. It is unreadable by design, and there is no known method for getting the encryption keys out of it.

Protection of smartphone - Level 3

 The solution have to protect the smartphone itself too. It means that no software can access the smartphone's microphone and camera during calls. Secfone monitors the microphone during the calls, detects the malicious software that tries to access it, and handles the situation.

Takeaway

NSA-proof phone will never come from US or any other world-power. Think it over...

Please click Google+ below, or share this post on Facebook, Twitter or any other social media. Thank you!
Posted by at 34 comments:
Labels: , , , , , , ,

Wednesday, January 15, 2014

Snowden killed all iPhone encryptions

If you use encryption software on your iPhone and you paid for it, than you paid for illusion not for security. Thanks to Snowden and security researcher Jacob Appelbaum now the entire World knows the magic word DROPOUTJEEP and the meaning of it.

DROPOUTJEEP is a spyware program developed by NSA that runs on iPhone, and provides access to almost everything. It can intercept SMS messages, can read the contact lists, locate the iPhone based on cell tower data, and the best part is, it can turn on the camera and the microphone, and can listen to any conversation. It can even be deployed remotely.

According to leaked documents NSA claims 100% success rate on iOS devices. It is impossible to reach 100%, unless you have access to a backdoor. Of course Apple denies that it helped NSA to build iPhone's backdoor, but it does not change anything. It does not change the 100% success rate.

How DROPOUTJEEP impact encryption softwares on iPhone?

Now come the bad news. It is well known for the industry experts that purely software-based mobile encryption solutions can not secure any communication. Now things are going bad to worse. No encryption solution can protect your communication on iPhone. Not even hardware based solutions.

Since DROPOUTJEEP can manage the microphone of the iPhone, it listens to the conversation BEFORE any encryption takes place. Your software or hardware solution can even use military-grade 4096 bit encryption keys, it provides zero security if you use it on iPhone. If you use Gold Lock, Silent Circle, Zfone, Crypttalk, Cellcrypt, Kryptos, Secustar or any other encryption software on iPhone and you still need secure mobile communication, consider just deleting your app.

Time to reconsider what you think about encryption software and iPhone security.

Takeaway

The good news is you still can have secure mobile communication. Avoid iPhone and BlackBerry, use open source operating system. Choose cryptochip (hardware) based encrypted mobile communication solution with triple-level protection. Triple level protection keeps any unauthorized process to access your phone's microphone.

If you have found anything new in this blog post, please share it. Thank you :-)

Posted by at 8 comments:
Labels: , , , , , , , , , , , , , , , ,

Tuesday, December 31, 2013

Top 5 mobile security news in 2013



2013 was all about mobile security. NSA scandals were on top of the news since it turned out that European politicians were tapped. Furthermore we had to say goodbye to some illusions concerning mobile communication security. Check the list below for details.

1. Regular cellphones can be tapped for less than 300 USD.
We thought that tapping into a regular GSM cellphone requires sophisticated methods and tools. It turned out that regular GSM calls are in greater danger than we thought.
More on this: http://bit.ly/1cSZhcG

2. Edward Snowden released classified materials
Internet surveillance programs watch users every move. NSA intercepts US and European telephone metadata.
Snowden Wiki: http://bit.ly/1k2Mwjx

 3. Chancellor Merkel's mobile phone tapped by NSA
Even political leaders can be tapped. And they are. We thought that they have access to the best encryption technologies to protect their communication. Not so successfully...
More on this: http://bit.ly/1k2KcsQhttp://bit.ly/1irqbuh

4. NSA has nearly complete backdoor access to Apple's iPhone
Experts in mobile security industry knew that Apple's iPhone is not a secure system when it comes to eavesdropping. Now everyone knows that it's a personal bug carried by millions of users.
More on this: http://bit.ly/19CK6hN

5. Military technology protects European companies
Companies started to look for secure mobile communication solution. Secfone made its military technology available for European companies.
More in this: http://bit.ly/1dQwthh

The most important task now is to protect yourself and your sensitive information. Companies and individuals has to make the first steps in 2014. As a first step, choose a really secure mobile communication solution. Which one is safe? Read these and be an expert:
3 characteristics of any eavesdrop proof mobile communication solution 
Cryptohip, security card or trustchip 
5 functions of TPM you did not know about

And a bonus video for those who do not know much about software based encryptions.


Have a secure, eavesdrop free 2014!


Posted by at 2 comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)