Hot new Encrypted Phone Crumbles at Def Con
The big news at this year’s Def Con, the annual security conference where hackers and developers meet was about the Blackphone and how quickly and easily it was hacked.
Blackphone bills itself as the world’s first secure smartphone, but it hardly lived up to that expectation as it was rooted (i.e. compromised) in about 5 minutes, according to sources.
Some tried to downplay the significance of this attack by saying, amongst other excuses, the hackers had to have physical access to the phone via USB, have the phone’s PIN code, and ignore application source warnings. Artstechnica said the encrypted phone hack would only be possible if taken from a “very naïve user.”
But they are missing the point. Blackphone is clearly vulnerable by design! This is because the Blackphone allows access via ADB (Android Debug Bridge). I get it: they want to let the power users tweak all the features (like they can do with cynaogenmod for example) but at WHAT COST TO SECURITY?
You do need to leave a door, of course, to do backup, install apps etc. but if you do that on the OS side - as clearly is the case with Blackphone – it leaves a HUGE vulnerability in the encrypted phone. If someone has access via USB, basically the game is over and the encrypted phone can eventually be hacked one way or the other. It doesn't matter whether a user is sophisticated or "naïve," if their Blackphone is stolen, the hackers will quickly be able to extract data (and cover their tracks) and there is NOTHING that can be done about it.
That's why I decided when creating Secure Phone to close the "door" (meaning we disable the ADB in our OS, on the device-side, using it only for charging the phone) and push updates via a web portal. It's what we call "reducing the attack surface." Encryption is not optional on Secure Phone. The users who want control over every aspect may get mad they can't tweak everything, but we do give them control on the server side. What is sacrificed in configuration and convenience is made up for in security. And that's what an encrypted phone is supposed to be about!
Having a phone that is completely invincible to hackers is of course everybody's goal in the security business. We do our best to by limiting the attack surface and taking precautionary measures Blackphone seems to have neglected.