Ultraviolet Smartphones

 Mobile phones for the consumer market that transmit
minimal personal information.
Key Players
+ Blackphone
+ CryptoPhone
+ Open Whisper Systems
O
Privacy software from Zimmermann is key to Blackphone. “Like
Steve Jobs said, if you want to do good software you want to build
the computer, too,” he says.
n January 21 a text message flashed on phones held by the
protesters thronging Kiev’s Independence Square. Ukraine’s
president, Viktor Yanukovych, was then still clinging to power and
brutalizing opponents. The message—from the number 111—read:
“Dear subscriber, you are registered as a participant in a mass
disturbance.” Widely presumed to have been sent from
Yanukovych’s security apparatus to all phones in the protest zone,
the message was a stark reminder of how mobile phones can be
used for surveillance.
Soon after, a Ukrainian man walked into a nondescript office in
National Harbor, Maryland, and sought help from a man named
Phil Zimmermann.
Zimmermann is a cryptologist. His company, Silent Circle,
encrypts voice calls, text messages, and any file attachments. If
you use Silent Circle, your calls to other users are sent through the
company’s servers and decrypted on the other phone. The service
won’t stop the delivery of ominous messages in range of certain
base stations. But it can block eavesdropping and prevent the
snooper from knowing the number of the person you are calling or
texting. Soon, access codes for Silent Circle were making their
way to protest organizers in the heart of Kiev. “Those are the kinds
of environments where you need widespread deployment of crypto
technology,” Zimmermann says, with evident satisfaction.
In the past year, it’s become clearer that places like Kiev are not
the only environments where people might want the privacy
Zimmermann can provide. Documents brought to light by former
U.S. National Security Agency contractor Edward Snowden
suggest that the NSA gathers huge amounts of information from
cloud computing platforms and wireless carriers, including the
numbers ordinary people called and the times they called them.
Not only could the government be watching you: so could
websites, advertisers, and even retailers trying to track your
movements within stores. Modern smartphones and the apps
running on them are engineered to collect and disseminate
enormous amounts of user data—such as location, Web browsing
histories, search terms, and contact lists.
By summer Zimmermann will be delivering a new way to fight
back: a highly secure smartphone, called Blackphone. Now being
manufactured by a joint venture that includes Silent Circle, it uses
Zimmermann’s encryption tools and adds other protections. It
runs a special version of the Android operating system—PrivatOS—
that blocks many of the ways phones leak data about your
activities. While custom security phones have long been in the
hands of military and government leaders, this effort may signal a
shift toward mass-market phones that are far more private and
secure.
Blackphone, which sells for $629 with subscriptions to privacy-
protecting services, is one of many measures that technologists
are taking in response to the Snowden revelations. One such effort
involves wider encryption of ordinary Web traffic. Stephen Farrell, a
computer scientist at Trinity College Dublin who is leading that
project through the Internet Engineering Task Force, says a phone
that encrypts communications and seals off data leaks is a crucial
part of the strategy. “Personally, I really would like to have a
phone with a much more hardened and privacy-friendly
configuration,” he says.
Crypto Warrior
Growing up in Florida, Phil Zimmermann liked breaking into places
and things: his youthful conquests included Disney World and the
Miami Seaquarium. He studied computer science at Florida
Atlantic University, and he became interested in cryptography in
the 1970s, when papers on a technology called public-key
cryptography emerged. Traditional crypto required the parties in
an encrypted conversation to possess the same unique decoding
tool (or “key”). The new approach was fundamentally different: it
involved two mathematically linked keys, one private, the other
public. Suddenly, applications such as digital signatures became
possible. You could use a private key to “sign” a document; later,
anyone else could use the public key to verify that you were indeed
the author.
Privacy software from Zimmermann is key to Blackphone. “Like
Steve Jobs said, if you want to do good software you want to build
the computer, too,” he says.
n January 21 a text message flashed on phones held by the
protesters thronging Kiev’s Independence Square. Ukraine’s
president, Viktor Yanukovych, was then still clinging to power and
brutalizing opponents. The message—from the number 111—read:
“Dear subscriber, you are registered as a participant in a mass
disturbance.” Widely presumed to have been sent from
Yanukovych’s security apparatus to all phones in the protest zone,
the message was a stark reminder of how mobile phones can be
used for surveillance.
Soon after, a Ukrainian man walked into a nondescript office in
National Harbor, Maryland, and sought help from a man named
Phil Zimmermann.
Zimmermann is a cryptologist. His company, Silent Circle,
encrypts voice calls, text messages, and any file attachments. If
you use Silent Circle, your calls to other users are sent through the
company’s servers and decrypted on the other phone. The service
won’t stop the delivery of ominous messages in range of certain
base stations. But it can block eavesdropping and prevent the
snooper from knowing the number of the person you are calling or
texting. Soon, access codes for Silent Circle were making their
way to protest organizers in the heart of Kiev. “Those are the kinds
of environments where you need widespread deployment of crypto
technology,” Zimmermann says, with evident satisfaction.
In the past year, it’s become clearer that places like Kiev are not
the only environments where people might want the privacy
Zimmermann can provide. Documents brought to light by former
U.S. National Security Agency contractor Edward Snowden
suggest that the NSA gathers huge amounts of information from
cloud computing platforms and wireless carriers, including the
numbers ordinary people called and the times they called them.
Not only could the government be watching you: so could
websites, advertisers, and even retailers trying to track your
movements within stores. Modern smartphones and the apps
running on them are engineered to collect and disseminate
enormous amounts of user data—such as location, Web browsing
histories, search terms, and contact lists.
By summer Zimmermann will be delivering a new way to fight
back: a highly secure smartphone, called Blackphone. Now being
manufactured by a joint venture that includes Silent Circle, it uses
Zimmermann’s encryption tools and adds other protections. It
runs a special version of the Android operating system—PrivatOS—
that blocks many of the ways phones leak data about your
activities. While custom security phones have long been in the
hands of military and government leaders, this effort may signal a
shift toward mass-market phones that are far more private and
secure.
Blackphone, which sells for $629 with subscriptions to privacy-
protecting services, is one of many measures that technologists
are taking in response to the Snowden revelations. One such effort
involves wider encryption of ordinary Web traffic. Stephen Farrell, a
computer scientist at Trinity College Dublin who is leading that
project through the Internet Engineering Task Force, says a phone
that encrypts communications and seals off data leaks is a crucial
part of the strategy. “Personally, I really would like to have a
phone with a much more hardened and privacy-friendly
configuration,” he says.
Crypto Warrior
Growing up in Florida, Phil Zimmermann liked breaking into places
and things: his youthful conquests included Disney World and the
Miami Seaquarium. He studied computer science at Florida
Atlantic University, and he became interested in cryptography in
the 1970s, when papers on a technology called public-key
cryptography emerged. Traditional crypto required the parties in
an encrypted conversation to possess the same unique decoding
tool (or “key”). The new approach was fundamentally different: it
involved two mathematically linked keys, one private, the other
public. Suddenly, applications such as digital sign