Is a $14,000 phone really the price of privacy?

Sports enterprise AV, free Protonmail, and one mysterious crypto chip

A US$14,000 (£9,706, or A$19,352) Android phone has been launched pitching 'military-grade encryption' at privacy-conscious executives.

Little information can be found on the Solarin handset's specific security chops other than it will use "chip-to-chip 256-bit AES encryption" for phone calls.

That technology is built by Bethesda, Maryland-headquartered Koolspan which produces the TrustChip processor. Inserted into the microSD slot, it works in combination with an app to provide what the company badges as FIPS 140-2 certified, end-to-end 256-bit AES encryption, insulated from the operating system and connected devices.

Solarin does not state if it uses the TrustChip, only labelling its technology as the same as that militaries use for the "strongest possible mobile privacy protection" that is "currently unavailable outside the agency world".

A switch on the back puts the phone into a so-called "shielded mode" for encrypted texts and calls.

It also sports threat protection from San Francisco-based mobile security Zimperium. That company sells an enterprise antivirus platform to detect malware and aberrations of device specifications that could indicate attack.

It is not clear if its touted encryption technology only kicks in if both parties in a call have a Solarin with the switch flicked to on.

Noted security types suggest at first glance that the addition of the hardware will not add much more protection: "You just attack Android and install a rootkit to monitor keyboard and voice" says one. "Since it's their own kernel, they won't be on the latest Android version anyway."

Compromise of handsets would be a more significant risk since executives are both frequent targets of skilled malware groups and continually willing to open all manner of phishing links and execute malicious attachments.

The phone launches with Android 5.1.1 Lollipop, an outdated operating system Google released in 2014 but still maintains.

Most handsets bought in shops will run on Android 6 Marshmallow and sport the additional security and granular permission checks that it contains.

Key generation and exchange is another question to be answered.

The phone, according to the company, sports a Qualcomm Snapdragon 810 processor, supports 24 LTE bands and 802.11ac 2×2 MU-MIMO technology, along with having what is claimed to be the biggest mobile battery and fast charging.

Sultan of start ups

The company formed of co-founder and president Moshe Hogeg, a serial start up creator, and chief executive officer Tal Cohen, a former Forbes journalist and advertising industry man.

Hogeg founded photo-sharing service Mobli which raised some US$86m over six years, with huge backing from Hollywood types and funding from the likes of Lance Armstrong and Serena Williams, including US$60m from Mexican billionaire Carlos Slim.

Instagram battered Mobli in that fierce space, forcing redundancies and the closure (Hebrew) of its Israel-based research and development lab.

Last year API troubles saw the end of Hogeg's EyeIn. Mobli's freelance writing service Slant was shelved in April after attracting millions of writers a month.

Recent Mobli startup Galaxia has landed backing from well-known personalities including Leonard Dicaprio.

Cheap skate

Mobile security does not cost $14,000. Updated Android phones sport better security than ever, as does Apple's lot. Blackphone is the sold-out privacy phone built by famous crypto wonks with a price tag of US$850.

Those wanting security for chump change could install free apps including ProtonMail for email and Signal for the same encrypted communication NSA leaker Edward Snowden uses.

Phones can be further beefed-up with native Android encryption, and by blinding spies by removing the front and rear cameras and internal microphone, using an in-line headphone mic instead. ®

Keep Reading

Biting the hand that feeds IT © 1998–2021