You're alone at a decrepit bus stop, just outside of town. Rain is pouring, and you're waiting. Finally, your phone buzzes: It's the coordinates. Next to the rows of numbers you're supposed to permanently implant in your brain is a fiery icon and a warning: This message will self-destruct in one minute.
Outside of Tom Cruise on a film set, I doubt the situation described above happens to a whole lot of us, but the need to have a private conversation — really private, as opposed to easily being snooped upon by governments and other entities — or to send a time-limited text message, is definitely real for many.
Enter Blackphone 2, an Android smartphone whose primary goals aren't crazy camera megapixel counts and high-performance gaming, but privacy and security. Made by Geneva, Switzerland-based Silent Circle, it's now globally available for $799. It follows the Blackphone, a device which touted many of the same features, but was a bit behind on the hardware specs when it came out in June 2014. I've spent a week with it, and came away satisfied with many of its features, but sometimes frustrated by bugs.
Hardware, part 1: Important but not important
Hardware specs are a good place to start, if only to get them out of the way. Unlike most other phones we've reviewed, the Blackphone 2 doesn't live or die by its specifications; on the other hand, it has to be on par with other smartphones of today, otherwise it'll simply be too slow for everyday use.
The Blackphone 2 is a 5.5-inch smartphone, almost fully black with a subtle gray logo on the back. It has a 1.7GHz Qualcomm Snapdragon 615 octa-core processor, 3GB of RAM, 32GB of storage (expandable via microSD card), a 13-megapixel camera, and a 3,060 milliamp-hour (mAh) battery. It's not up there with the Samsung Galaxy S6 phones of the world, but it's just a step below, and it works well in most scenarios.
In everyday use, the phone is fast and responsive most of the time, until the tasks you give it become too much for the processor and things start slowing down. The phone's 1,920 x 1,080 (full HD) screen is surprisingly good — on par with everything we've seen in the Android world. The camera is bad — it focuses slowly and takes mediocre photos, both in low-light conditions and, inexplicably, often in very sunny ones.
To cut it short: The Blackphone 2 looks and feels like a beefed up mid-range phone from a lesser known manufacturer. It will be fast and powerful enough for everyone except the most demanding users. You could probably get a similar device for $300, but you're not buying this one for the specs. There are other interesting aspects of the device's hardware and Silent Circle's manufacturing process, but we'll get to those later.
Software: Security up front
Start the Blackphone 2 up, and you'll immediately see what it's about. It's powered (thankfully) by the latest Android, 5.1.1 Lollipop, but on top of it is Silent Circle's own operating system called Silent OS (formerly called PrivatOS). The phone's security settings are elaborate and given much prominence, and the home screen is populated by security-oriented apps and settings. If you want the camera app on your home screen, you'll have to drag it there yourself.
Sounds inconvenient? It's really not — everyone familiar with Android can use the Blackphone 2. In fact, the user experience is closer to stock Android than the one on some of the bigger brands' phones. This is on purpose.
These differences mainly consist of three sets of features: Spaces, Silent Phone, and the phone's Security Settings."The Blackphone 2 is designed to feel like a familiar device," Javier Aguera, chief scientist at Silent Circle, toldMashable. "Inside, it's very different," he added.
Spaces lets you keep separate profiles on the phone, each with its own security and privacy settings. For example, you could have an everyday profile, which is pretty much the same as any Android phone, and you could have another, secure profile with a stronger password, which leaves absolutely no traces of your location. Some assets can be shared between the two, or you can have them completely separate — the choice is yours. If you're unsure which space is currently active, just drag your finger down from the top of the screen.
These options reside in the Security Settings, separate from the phone's regular settings. Some of the features, like remotely wiping your phone or barring apps from unknown sources to change your phone, are commonplace on phones nowadays. Others go a step further, including randomizing the PIN pad in order to disguise your pattern of taps and fine-tuning what every app installed on the phone can and cannot access.
Finally, there's the Silent Phone, probably the most important app on the device. It lets you make secure, encrypted calls, and send encrypted text which can self-destruct in a set amount of time, both on your and the receiver's device. We've tested it out, and besides being a little slower, it's pretty much the same as making a regular call or sending a text.
The app also has the option of securing your side of the call only. Let's say that you're located in a country whose government you don't exactly trust, and you're making a call home. This feature, ideally, encrypts your portion of the call, all the way to Silent Circle's servers in Switzerland. Someone could still eavesdrop on the other side, but at least you're secure from local threats.
I say "ideally" as I could not get this feature to work — instead of a call being placed I'd get an empty screen with a numeric keypad, or an error message. After a Skype session with David Puron, VP of Engineering at Silent Circle, I realized that this happens when you have an international number starting with two zeros instead of a plus sign. Puron assured me that this bug will be squashed as soon as possible.
(Here, it's worth noting that I was sent a Blackphone 2 with an older — and totally buggy — version of SIlent Phone installed. I contacted Silent Circle to fix this, and most of the issues disappeared, but the one I mentioned above remained.)
In short, the app needs some work, especially since it's both a standalone, paid app and the central part of the Blackphone 2 experience (this is reflected in the app's reviews on Google Play, many of which are negative). I spoke to Silent Circle head of Marketing Ops Morgan Sullins, who said known issues are being addressed. "All customers who purchase the phone will get updated, latest versions of the app," he told me.The Silent Phone app — which is available as a standalone app for Android and iPhone, starting at $12.95 per month — has other quirks. Figuring out how to add a contact to the contact list took way more time than one would think. The app seems to be tied to the phone's regular contact list, but not in a very transparent way, causing a lot of confusion. Often times, you'll find yourself tapping on all the buttons on the phone's screen, scrambling to find an option that should be way easier to find.
There are other security and privacy features scattered around the device. The device is encrypted by default, making your data safer if it falls into the wrong hands. A feature called Smarter Wi-Fi lets you fine-tune how your Wi-Fi and Bluetooth radios connect to networks; great if you want to hide your location. And Silent Store is a store containing "apps reviewed by Silent Circle for security and privacy practices," including Silent Circle apps as well as third party ones, including privacy browser Ghostery and the Orbot Tor proxy. One app we were promised in March, however, is missing: A a secure conference call app called Silent Meeting is now nowhere to be seen.
A question of trust: Are you safe from the Blackphone itself?
IMAGE: STAN SCHROEDER, MASHABLE
We've already established that no one is spending $799 on this phone for its 13-megapixel camera; it's aimed at enterprises, government organizations and individuals who find security and privacy important. But can you trust Silent Circle itself? Is your data safe if a government knocks on Silent Circle's door and asks for it?
Aguera assured me that it is. "Most of Silent Circle’s software is open source so everyone can check what we’re doing," he says. "Furthermore, we’re a zero knowledge company, meaning that we have as little info from the end user as possible. Even if a government asks, we cannot help them because we don’t have the information."
He's talking about the ZRTP encryption used by Silent Phone, which is based on a peer-to-peer protocol, meaning there's no central server handling the data.
Finally, Javier says, the people behind the project "are very well known, and they have a history in the security world." The company CEO is former Entrust CEO and Nortel executive Bill Conner. The three co-founders are former Navy SEAL Mike Janke, co-founder of PGP Phil Zimmermann and Jon Callas, known both as the co-founder of PGP Corporation and for his work on Apple's FileVault and Whole Disk encryption software."We have no connection flowing through our network, because it’s cyphered and we don’t have the key."
Even if you trust the people, every company has to abide by local laws, and sometimes you can't trust those to keep your data safe. Silent Circle has an answer to that as well. "Why do you think we're headquartered in Basel, Switzerland?" Janke told me in March. "It has the best security laws out there."
Hardware, part 2: How is it different?
If you've been following this review closely, you may have noticed that none of the Blackphone 2's security features are hardware-based. So what's stopping you from buying a cheap Android device on your own, and just installing a bunch of security apps on it, including the Silent Phone app?
"You could do that," Aguera told me. "Someone with a lot of technical knowledge can do maybe 75 or 80 percent of what a BlackPhone 2 can do. You can compare it to a restaurant; you can buy the ingredients and cook yourself, or you can go to a restaurant and have those same ingredients cooked into a meal by top chefs."
Some of the stuff done by these "top chefs" you can't replicate, however. In March, Callas said that
the company has people on the ground in the supply chain, monitoring the hardware and preventing anyone from slipping in a rogue chip. The boxes with Blackphones are sealed when they ship, which decreases the chances of anyone tampering with the devices as they travel to various parts of the world. It's hard to estimate how thoroughly these measures are implemented, but they're definitely a step further in making the user feel safe about their privacy.It all boils down to trust
IMAGE: STAN SCHROEDER/MASHABLE
The Blackphone 2 was an incredibly complex device to review. Besides looking at its specifications, features, ease of use and stability, I had to assess whether its privacy and security options are adequate. Other questions abound: Has Silent Circle done enough to earn your trust? And is the entire package worth the asking price — $799 unlocked, which includes a one-year subscription to Silent Phone — probably more than double what you'd pay for a "regular" Android device with a similar set of features?
A lot of it boils down to trust. If you trust Silent Circle's intentions, and if you trust the company will iron out some of the bugs I've seen, the price is not too bad, especially for enterprises where security is a top priority.
Security experts might find it easier, cheaper and perhaps even safer to customize an Android device on their own.
Individuals worried the government or spies might try to steal their data, as well as those working and/or living in parts of the world they consider hostile should definitely consider the Blackphone 2.
For everyone else, the Blackphone 2 might be an overkill. Those auto-destructing messages might make you feel pretty cool, though.
Blackphone 2
The Good
Tons of security features out of the box • Solid specs • Highly configurable
The Bad
Steep price • Some bugs • Core features can be had by installing free software on any phone • Crappy camera
The Bottom Line
Blackphone 2 is a pretty unique Android smartphone. It's expensive for its mid-to-high-range specs, but those looking for a secure, private device should definitely give it a look.
Have something to add to this story? Share it in the comments.
Post a Comment