No announcement yet.

BlackPhone, BP1, PrivatOS, Do you own one? Do you use it? How do you use it?

  • Filter
  • Time
  • Show
Clear All
new posts

  • BlackPhone, BP1, PrivatOS, Do you own one? Do you use it? How do you use it?

    Last year (DEF CON 22) BlackPhone were available for cash in the vendor area. Some people purchased some of these.

    Background: BlackPhone is an attempt at providing a SmartPhone that includes privacy and security as two primary concerns. Their website: (I do not work for them and do not receive any compensation for posting this.)

    It ships (shipped as of now) with a fork of Android OS, they call "PrivatOS" and as of "today" the latest verison released for users to upgrade to use is 1.0.6. Several pre-installed apps to help with privacy and security are included. You are able to install new apps as "apk" manually, and there are many claims on how it is possible to install other "app stores" but that has several risks discussed elsewhere. (Sorry. I need to limit scope of discussion or this post will be too long.)

    As of November and December of 2014, the vendor of BlackPhone announced plans to launch their own "App Store" early, 1st quarter of 2015:
    URL1= (12/09/2014 @ 10:10AM)
    Originally posted by URL1
    The Blackphone app store will be open from January 2015, containing software vetted by the secure phone maker, which launched its anti-snooping device only last year. It’ll be open to all Android devices too.
    Other news stories have pushed back the date:
    URL2= (Feb 17, 2015)
    Originally posted by URL2
    At launch, the store will only be available to devices using the company’s PrivatOS. It said that “in general your Android-compatible apps should work provided they have no hard dependencies on Google Play services”.
    ... The store will be “going online soon”, the company said.
    It ships with:
    * 2 mail clients (conventional "Mail" app with similar/same features as found in stock "Google Phone" and "K-9 Mail")
    * "Silent Contacts" , "Silent Phone" , "Silent text"
    * "SpiderOakBE" (Kind of cloud storage)
    * "Secure Wireless" (a sort of closed-system, OpenVPN client (maybe better to say restricted?) which is only meant to be used with its VPN service that claims to help with privacy, though it is unclear how this would be possible with SSL traffic such as over https unless they somehow MitM encrypted traffic for inspection, which would have all the risks as seen with with "SuperFish"/Lenovo thing in recent news, assuming it does MitM encrypted traffic for inspection. If it doesn't, then it can't very well filter/protect users from information leakage over encrypted channels. I am making no claims that they MitM any encrypted traffic! This is a comment on risks that exist either way. Without inspecting traffic, I would expect they do not MitM encrypted traffic, but that is just a guess.)

    It has several other apps, which I won't mention in this first post. You are welcome to mention those that you use, or don't and why.

    I enjoy using RedPhone, TextSecure and OpenVPN apps on my *other* Android phone. However, these are not available by default on BlackPhone (yet.)

    There is hope for OpenVPN on BlackPhone:
    URL3= (Last updated: Jan 12, 2015 08:01PM UTC )
    Originally posted by URL3
    (VP Jossen wrote) "It looks like we will have another VPN choice in the Blackphone store (coming soon), but I don’t have specific details yet. Stay tuned…"
    (and 2 days later on Jan 12, VPN Jossen wrote) " Also, OpenVPN is available in F-Droid and elsewhere, though we understand that an “official” Blackphone version would be better. We are considering that, but I can make no promises."
    However, for RedPhone and TextSecure:
    URL4= (Aug 20, 2014 05:29AM UTC )
    (After being asked: "Is it possible to install Red Phone app on the Blackphone? Any chance the app can be made available on the Amazon app store?")
    Originally posted by URL4
    Masha Kolenkina: "Not at this time. RedPhone and TextSecure both currently use Google’s GCM framework for push notifications and signalling. RedPhone and TextSecure will work on the Blackphone, but only if Google Play is installed."
    Not great news. RedPhone has the advantage of End-to-End encryption widely available to nearly any Android phone with google play app installed and no barrier to entry with sign-up account and auto-detection based on phone number. The Silent-* apps have advantages of video with encryption and as I understand it, the possibility of dialing by account username instead of phone number to maybe help protect the phone number a person is calling from? (Not sure.)

    Much of this is old news. I am looking forward to a BlackPhone store, with hopes that some of the apps I like will be available there. (Sadly, there was a story that the first launch of the app store will have no apps available for purchase at first -- all apps initially will be free. I have paid for apps before, and would be willing to pay for apps again, especially those that I find useful. They say they will eventually offer payment for apps, which I see as good news and healthy for a market.)

    Originally posted by URL2
    Initially, there will be no payment options for Silent Store, meaning that “your apps must be free to download and use”. Payment mechanisms will be added in future, although it has also said that “sketchy built-in advertising trackers” are verboten.
    Installation of apps as apk is fraught with risks such as validating the apk is from a trusted maintainer, not shipped with malware, and no system of notification when an update is available to address a security risk or include a new feature. Installing "App Stores" from other vendors is even more risky.

    What have you done with your BlackPhone? Did you just buy it, try it out, and then shelve it? Are you still using it? Did you install an app store? Which one? (Google Play? Amazon? Another? Which?)

  • #2
    Some of us bought BP at DEF CON last year, but now mostly not in use. Mostly due to stability issues, apps not always working reliably, text messages that never arrive, etc. All problems of a 1.0 release. I think we gave up around OS v 1.04.

    How is the current version? More reliable?
    PGP Key:


    • #3
      Originally posted by Dark Tangent View Post
      Some of us bought BP at DEF CON last year, but now mostly not in use. Mostly due to stability issues, apps not always working reliably, text messages that never arrive, etc. All problems of a 1.0 release. I think we gave up around OS v 1.04.

      How is the current version? More reliable?
      I've not played with the Silent-* suite of apps yet, "Secure Wireless" or SpiderOakBE, so I have no comment on their stability.

      Before using these, I'll want to setup some packet captures to inspect live data, but I have been too busy with other things.

      So far, on 1.0.5 and 1.0.6, no crashes in web browsing, or K-9 mail.

      The "Smart WiFi manager" (Tool that uses cell tower addresses as geographical references to determine it a WiFi access point by name is valid at the implied location, and if phone should enable WiFi and then try to associate with it) kind of works. It takes a long time to find cell towers. For example, I've been associated with one AccessPoint at home for 48 hours, but it has not found any cell towers to associate with it, but using another access point, the phone has found towers. A third and fourth access point have been used for 24 hours each, and the phone has found no towers to associate with them. All of these are at home. I have more access points to try at home, but only 1 out of 4 have been associated with towers while at home. 4 Access points at work found towers within 2-4 hours.

      Occasionally, this being enabled (only enable wifi when close to cell towers that are around pre-learned WiFi access points) will turn off wifi, while I am in range. This is especially annoying when at a "remote location" where wireless provider service is very, weak or does not exist and my only data link is through WiFi.

      They claim at least two changes in 1.0.5 to 1.0.6 were one for battery life, and another that addressed this: -- A plus in favor of BlackPhone, as none of my other Android Phones have been upgraded to address that.

      Standard Messaging and Phone calling (non-encrypted) works fine. There was an initial instability issue with my service provider over the first 24 hours -- phone would not associate wth network after moving SIM from old phone to this one. It would not ring when called, and could not call others. After about 30 minutes, I was able to call it, but several times over the first 24 hours, it would forget who my wireless service provider was, or my wireless provider rejected my SIM. After 24 hours, no problems with being kicked off my provider's network.

      The hardware is a bit limited in band support compared to many other quad-band phones and their bands for data and voice.
      I would liked to have had Dual SIM support, but that was not a deal-breaker.
      Since it is not a widely used model, I've not found any vendors of larger batteries with custom phone back to accommodate the larger battery. The search continues.

      Missing support for RedPhone, TextSecure and OpenVPN absolutely makes BlackPhone something I cannot move entirely over to use. As a result, I have a BlackPhone and another Android phone for normal use, and 2 or 3 other phones for special uses.

      I like their goals, and recognize this is a first attempt. I am still happy to have voted my approval in their goals by buying one, and have hopes they and other developers will support it too, but most users of SmartPhones have expectations for using apps that have used before, and they will not be happy with the experience offered as of now. Executives, (CEO, CFO, pretty much all C*O except CTO and CSO won't understand how to manually install apps from APK, or recognize a need to keep up-to-date on OOB installed apps, or recognize the risks involved with installing alternate app stores, such as one from Amazon or the google play store.

      Right now, the only market that would likely well receive this in its present state are:
      * Techies that can afford it
      * People that like many privacy and security-related features of CyanogenMod, who are willing and able to pay for them, and don't want to upgrade their phone's default OS, and then track down security apps to install and hope they work with their version of OS.

      I have hopes for their "App Store."

      I see no support for FullEncrypted MicroSD. Was annoyed that the phone could not (through menus) allow me to destroy the exFAT MicroSD, and reformat as FAT32 for me. I used my laptop to re-partition and reformat the MicroSD specifying LinuxFS with ext3, ext2, ext4 and variations of encrypted filesystems, but none were recognized by the phone. Gave up, formatted as FAT32, inserted it and that was recognized.

      Some background: I was an early adopter of Android. I still own an Android Dev Phone 1 (Commercially similar to "G1") and was shipped Android 1.0, upgraded through to 1.1 and 1.5 and 1.6. I've owned Android Phones on many more versions up through 4.4, and understand the 1.x releases of many things is often less than expected.

      I started this thread/topic with hopes others would also contribute through thoughts and experiences with BlackPhone.

      Thanks for the reply!

      Any other feedback or information is welcome from you and others.
      Last edited by TheCotMan; February 22, 2015, 09:58.


      • #4
        Originally posted by URL1
        A recently fixed vulnerability in the BlackPhone instant messaging application gave attackers the ability to decrypt messages, steal contacts, and control vital functions of the device, which is marketed as a more secure way to protect communications from government and criminal snoops.
        It appears that was addressed in Jan 20, 2015:
        Originally posted by URL2
        ...Silent Text v1.8 contains the update to address this vulnerability...
        Latest version in Google Play is 1.8.0 as of Jan 20:

        Originally posted by URL3
        version 1.8
        - Ability to connect using Secure Wireless
        - Correct sender name shows when accessing message from notifications
        - Ability to send images/video consistently between devices
        - Fixed multiple connection issues
        - Misc bug fixes
        ... Updated
        January 20, 2015
        Combining this upgrade and timeline with the previously mentioned upgrade from PrivateOS 1.0.5 to 1.0.6 to address and timeline , and comparing host OS upgrades in my other Android phones shows BlackPhone is treating customers better than the many vulnerable Android phones that are never fixed by their vendor and/or wireless service provider.

        For wireless providers, it is counter to their interest to patch consumer phones after purchase:
        * It costs them money to build fixes and test
        * It costs them money in support with new fix when some user's configuration was not tested by carrier leading to a one-off or corner case of troubles which then need to be fixed (re-starting the dev cycle, or as managers see it, "the death spiral of supporting old stuff."
        * It costs them in false claims of problems with upgrade through consumers applying the fallacy of correlation is causation
        * An exploited phone may cause more data to be used, and with no more "unlimited plans" being offered by many carriers and data overages causing more profit for carriers, exploited phones could increase the money they ear from consumers
        * If consumers buy a new phone sooner than the contract ends, they do so totally out of pocket without a contract incentive and price break on the next phone to extend the contract.

        For vendors of phones, the money they earn is primarily from the initial sale. Any on-going maintenance or upgrade is a loss. A concept of built-in obsolescence and failure to patch bugs can push consumers to buy a new phone in 1 year, anyway, pushing churn. (In this respect, Apple has treated consumers of their iPhones better with more updates for longer periods of time than the average Android phone vendor.)

        Meanwhile, BackBerry and Nokia owners from decade's past will be nostalgic on how their phones were better supported "back in my day." -- Shut up grand[pa||ma], and go play with your 8 track tapes! :-)


        • #5
          There is an article on TomsHardware claiming there is new competition for BlackPhone:


          It reads a bit like an advertisement, as-if Toms Hardware took a press-release from this company, and printed it as-is in a news story. This may not be the case, but there is little in the article comparing and contrasting it to other products at a bullet-point like level. Much of what is presented are really questions about it as a device, and information that we could probably find on the vendor's website.


          An article from PCWorld about a new BlackPhone tablet to be demoed at a convention, and it too reads a bit like a direct press release promoting a product and company.

          Not much value in either article, except to know that both includes claims of future hardware being made available soon.


          • #6
            Something announced yesterday or the day before, "Silent Circle," used $50 million to buy out the rest of "BlackPhone" from BlackPhone co-founder "geeksphone":


            Originally posted by URL1
            Silent Circle reaches agreement to buy out joint venture in SGP Technologies, will assume full ownership of Blackphone
            Much of the rest of the article reads like a promo piece where companies write about how great they are, and journalists copy/paste as their own.

            When such things happen, businesses like to spin up benefits of one group buying out the other group in such a business. However, some of the risks for costs are obvious:
            1) With SilentCircle the primary owner, there is little chance for them to make it easy for apps that compete in the same space to be made available through the app store they plan to roll out. (Why make it easy for makers of apps like OpenVPN, RedPhone, TextSecure, etc. to port their apps over to BlackPhone? Limiting apps to those that do not compete with their niche in the market, and only their apps creates a barrier for competition to enter the market. If I was running a business based on profit, I too would want to deny competition with others on apps that generate me revenue.)
            2) With a single primary owner, governments have a single thing to attack, to request back doors. The greater the number of people required to sign-off on backdoors, the greater the risk for secret back doors being leaked to the public. On the other hand, the greater the number of people that can do it, the greater the risk for non-government entities (like organized crime) to coerce any individual with sufficient access to add a back door, even if they might be caught at some future date.

            From the BlackPhone website is a link to a blog article:

            Originally posted by URL2
            ...Blackphone 2 ... Arriving in the second half of 2015 (3x more memory, 8 cores, bigger screen, longer lasting battery.)
            ... BlackPhone+ (A tablet)
            ... PrivateOS 1.1 (upgrade to their fork of Android OS with their own addition to services.)
            I am guessing that PrivatOS 1.1 will have the new App Store they promised early 2015. We have 29 days until we enter Q2 of 2015.

            Originally posted by URL3
            ... and Silent Manager, a Web-based tool that lets businesses manage what devices and software employees get on their devices.
            Sounds like a bullet point for sales, to encourage corporate buy-in with restrictions on app imposed on employees. I can think of many businesses that would like this. However, will they like enough to switch their employees over to this?

            It sounds like they are trying to make a new "BlackBerry" market, with their announcement to provide better support for "Enterprise Customers." Best guess right now is they are trying to become a kind of closed-system like Apple's iPhone, but I am predicting they will face the problems that BlackBerry and Nokia did with restrictions on apps allowed, and requirements for Devs.

            Apple, being "first" with a widely-consumed smartphone was first to arrive at a ground of contention, so they could impose barriers to enter into their app store.

            Android was a late-comer, and having something equal to the iPhone is not good enough to displace it. To displace another product, some estimate you need something 10 times better, and Android is not 10 time better than iPhone. However, Android competed to displace Apple's iPhone in 2 major spaces of competition:
            1) Make it cheap for wireless carriers to use Android in their own phone, allowing wireless providers to "lock" their customers access to apps to their own app stores, and decrease risk for competition in the app spaces they would prefer to retain profit
            2) Open a google app store ( which has a very low cost for devs to enter (initially) and a rarely used "veto" to apps that are denied space. (The only apps banned/denied seem to be apps with genuine malware, or those that (people allege) threaten google's data-mining of consumers. ( and and somewhat related

            Still waiting for the BlackPhone App store.
            Last edited by TheCotMan; March 2, 2015, 18:52.


            • #7
              PrivatOS 1.1 is now available for download from BlackPhone1.

              This appears to have the new BlackPhone Store/app.

              Their website link which presently comments about PrivatOS 1.1:

              Link to their App Store:

              A few new apps are listed, but no OpenVPN, RedPhone or TextSecure. (As mentioned before, with link, reliance on Google Push notifications lock the present whispersystem apps to those that support Google Push.) There is a "VyprVPN, but it looks like another paid anonymizer/protection service like the one that came with BP1.

              The upgrade comes with application space support, claiming to provide a kind of isolation for each group you create, limiting co-exposure of information contained and gathered by each app from othergroups with their apps.

              Again, I do not work for BlackPhone, or gain anything from posting about these updates.


              • #8
                With Blackphone "Spaces" allowing separate environments (from the description, it sounds like a chroot or jail) they have directions for suggesting "Spaces" can be used for stores.

                Setup a space called "F-Driod" and install the "F-Droid Store" there:

                Setup a space called "Amazon" and install the "Amazon Store" in it:

                Likely, because of the tighter integration of Google apps with Android, and google services it relies upon, Google Play Store is still not supported:

                As to stability, I've seen a few applications crash since using it. "Silent Store" and "Security Center" have both crashed one or two times each in less than 24 hours.

                I check with VyprVPN, and it is not like OpenVPN Connect (which allows you to install your own keys and config.) VyprVPN appears to e competition for "Disconnect Wireless" app that ships with BP1. The licensing provided with "Disconnect Wireless" on BP1 purchase gives 1GB of data, while VyperVPN free gives 500 MB, but it is not clear if that is a one-time 500MB free, or 500 MB free each month.

                Tresorit appears to be competition for "SpideroakBlack"/"SpiderOak BE.

                CalDav and CardDav appear to be apps to help with syncing Calendar and AddressBook with DAV-based services, so there is a way to sync these with "the cloud" and you can choose your own. I've not tested these, but off-phone storage of these is needed for BP, in case phone is lost. (Yeah, we could manually export with USB cable to laptop, but this opens things up for each company to run their own spaces for DB sync, and possibly update employee calendars / contacts. (Guessing.)


                • #9
                  And now, an update to PrivateOS 1.1.1:

                  Originally posted by URL1
                  Silent Circle ‏@SilentCircle #Blackphone users please update to PrivatOS 1.1.1. The update fixes a major vulnerability (CVE-2015-1474) that affects all Android devices.

                  Originally posted by URL2
                  Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values.
                  None of my other android devices have been updated. I guess this is a credit to BlackPhone devs, and at the same time a harsh criticism to most other vendors of android hardware and the wireless providers that blame each other for not releasing fixes/patches for security issues.


                  • #10
                    About BlackPhone "Spaces" :

                    I found that running an OpenVPN client to a server in "captive mode" (all traffic through VPN) link did work as expected in *that* space, while other spaces were not bound to follow the captive routing rules of the space running the OpenVPN client in captive mode.
                    Last edited by TheCotMan; March 18, 2015, 12:47.


                    • #11

                      Originally posted by URL1
                      Callas also said that the app-store would contain different security-review rows set to maintain the security level of the store and to avoid the fear of using third party apps for its users.

                      He concluded that” we are going to review the privacy policies of all the apps to be placed on the store and to approve them with a security seal before its installation. We won’t be having any security reviews on games like Candy Crush Saga and Angry Birds as we want people to enjoy their favourite games”.
                      The statement in context makes it sound like they will add games to BlackPhone App Store, but not complete any security (and privacy?) reviews of games. Freemium (free to play some content, costs money to play more content, or make things easier, or get virtual equipment) and "Free" games both have a long history of "needing" (wanting) access to your contacts, call status, and more information about you and who you know, from your phone. I understand security is a broad topic (security of private information from those you do not want to have access to it, security from malware, security from theft-of-service. etc.) but the above implies no security reviews.

                      It is good to know they won't complete any audits of some apps. Hopefully, they will identify what kinds of check are done, and with what apps, so corporate users will get advice from professional on what risks they see as existing with the desired app.


                      • #12
                        I recently did some international travel with my US-region BlackPhone1 running PrivatOS-1.1.1, and saw an increase instability problems while away. In two cases, an app crashed (Messaging App) and 6 times over 1 week the phone shutdown on its own.

                        Additionally, the Band/Frequency support was not as good as an old "WiFi Hostspot" was when traveling. It's multi-band support gave me occasional 4G and 3G service while the BlackPhone often found no service.

                        It looks like there is yet another update, this time to PrivatOS-1.1.2:


                        They "patched eight new public vulnerabilities affecting Android.* These vulnerabilities are not as major as the two" (fixed in PrivatOS-1.1.1 update)
                        (Public vulnerabilities fixed in PrivatOS 1.1.2: CVE-2015-1525, CVE-2015-0289, CVE-2015-0292, CVE-2015-0287, CVE-2015-0286, CVE-2015-0209, CVE-2015-0288 and CVE-2015-0293.)

                        They added 2 features:
                        * Random location on screen for PIN entry for access
                        * Updated CA list

                        They say some other bugs have been fixed.

                        Let's see if the stability issues were part of those bugs.
                        Last edited by TheCotMan; April 16, 2015, 19:40.


                        • #13
                          And now we are onto PrivatOS 1.1.3:


                          With a claim for a fix to address

                          I still see stability issues with SMS/texting app crashes, and sometimes the photo/camera app dies, somehow blocking access to the camera for future runs of the camera app (or access to the camera is lost, so no apps can use the camera) until a reboot. I've not diagnosed it. It "feels" like the kernel suddenly dropped device support for the camera which causes the photo app to crash, but I've not started a shell to investigate after the crash. Each time, I was more interested in taking a picture than setting up a shell to investigate. (Not enough time, too many things to do.)

                          No new features as far as I can tell.


                          • #14
                            So, they released PrivatOS 1.1.4 on May 7, 2015:


                            They claim fixes for:
                            * CVE-2015-3636 : BP/SS: "use-after-free vulnerability in the linux kernel" or from RedHat "kernel: ping sockets: use-after-free leading to local privilege escalation "
                            * CVE-2014-7953 BP/SS: "vulnerability in the Android backup agent" or discussion from BugTraq: "CVE-2014-7953 Android backup agent code execution"
                            * CVE-2014-7951 BP/SS: "path traversal vulnerability that can be exploited via the adb backup feature" of discussion from BugTraq: "adb backup archive path traversal file overwrite"
                            * vulnerability in the Blackphone Security Center (Did not find CVE, URL or discussion yet)


                            • #15
                              An another update May 14: PrivatOS 1.1.5


                              They claim fixes for

                              * Fixes an issue where VPN services leaked DNS requests
                              * Fixes CVE-2014-7954, a path traversal vulnerability in the MTP server (CVE-2014-7954

                              And most other Android devices? No such updates. "Android" is the Windows 95 of Security -- so many variations on "Android" that without qualifiers, there is an assumption there are gaping security holes, publicly disclosed, but not patched. Some of my devices have had not updates for over 8 months. Without fixes, most Android devices are obsolete before they are purchased.

                              For a while, "Google Nexus" would get updates more frequently and for longer periods, but not as long as their first G1 was maintained.

                              Last edited by TheCotMan; May 15, 2015, 01:15.