> Unlike some other smartphones do, Neo900 won't share system RAM with the modem and system CPU will always have full control over the microphone signal sent to the modem. You can think of it as a USB dongle connected to the PC, with you in full control over the drivers, with a virtual LED to show any modem activity.
I found no information on baseband isolation for the Blackphone. Does anyone has further information on this?
Baseband isolation is a must for a secure phone. Blackphone does not offer it and blackphones can been compromised as a result[1].
>"The Blackphone does not protect you against vulnerabilities in the Android subsystem, in the application processor (SoC), or in the baseband itself." [1]
Blackphone excels at protecting communication from passive adversaries, but it needs to shore up endpoint security.
>The makers of Blackphone are well aware of this. “We have a bit of a problem with the press saying that the Blackphone will make you NSA-proof. If someone [at the Blackphone booth] tells you that it’ll protect you from the NSA, I’ll fire them,” Phil Zimmermann, one of the Blackphone’s creators, told Anthony. - [2]
While the NEO9000 has some baseband isolation, I would still be extremely careful in assuming this isolation is complete. I haven't researched this enough to have an opinion but I would like to know exactly what privileges it has and what sandboxing is done to isolate it.
There's very little chance that anyone can make anything which is actually NSA proof, if they want to compromise it they will it's just a matter of resources.
The Neo900 is doing their BB isolation by using a 3G/4G USB dongle, by doing this they claim that they not only can disconnect the BB from the rest of the phone but also to analyse it's behavior. While the 1st part is very doable as they can use relays/electronic switching to disconnect the BB the 2nd part is well more iffy.
Due to regulations BBP's tend to be extremely close devices while the Neo900 might be able to do some power usage analysis in order to ensure that when the BB is suspended it is indeed off (something that any phone vendor should be able to accomplish) I have very strong doubts about their ability to detect a compromise especially from a state agency with the capabilities of the NSA while the BBP is mounted and in active use by the user.
For the most part I don't see neither of them as being a solution against government directed action especially not against the NSA, so the question here is really when it comes to effective privacy and operation security which device can be made more secure against surveillance by criminal elements, corporate agents, casual snoopers, and maybe low level state actors (Emerging nation etc.).
I have been following the Neo9000 project and debating on getting a phone. They are crazy expensive since aren't produced in mass quantity, when they start shipping. We will see how it pans out.
Blackphone for ~4 months. I never used an android before purchasing the blackphone. I previously used an iPod with silentcircle.
The blackphone is pretty poor. Maybe most androids are this poor, but I feel ripped off. I re-enabled the iPod for using silentcircle at home -- the call quality is better !!
As far as security. I don't know. Shark repellent works fine all the way up until you die by shark.
In particular, what's it like using the phone outside of the silent circle ecosystem...because let's face it, 95% of the people you are going to call/text etc will not be using a similar device
I would assume it would have the same effect as with end-to-end encryption mails, where you just have unencrypted data when you are communicating with people that don't support this. Such as is the case with https://protonmail.ch/
I'm not sure if there was a public statement, but I was commenting on the thread way back when it happened. It turns out that there was an editor issue with the way the canary was being updated that prevented the new one from getting saved, and nobody realized that was the case.
We've since changed the way we update the canary and added monitoring checks to notify us if it's out of date. IIRC we also changed the text to a more clear version.
"You attempted to reach www.silentcircle.com, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Chromium cannot rely on for identity information, or an attacker may be trying to intercept your communications."
Weird. I'm getting the same thing using Chromium on Debian Jessie. Firefox on the same system has no such warning. I don't see any errors on ssllabs.com, but interestingly, it only supports TLS1.1 and above. No support for TLS1.0:
Not every device supports SNI yet. I wish they all did, SNI would be quite handy. They also disabled TLS 1.0. That will also break quite a few browsers, believe it or not.
https://neo900.org/faq
> Unlike some other smartphones do, Neo900 won't share system RAM with the modem and system CPU will always have full control over the microphone signal sent to the modem. You can think of it as a USB dongle connected to the PC, with you in full control over the drivers, with a virtual LED to show any modem activity.
I found no information on baseband isolation for the Blackphone. Does anyone has further information on this?