'UnaPhone' promises Android privacy by binning Google Play
Marshmallow-based phone strips out Android's evil bits, devs vet all installed apps
A custom Android phone is being pitched to security and privacy pundits promising to deliver by goring Google services, preventing app installation, and deploying end-to-end encryption.
The US$540(£374, A$745) UnaPhone sports a custom Android Marshmallow operating system that has been stripped of "invasive" Google services to prevent the technology company from collecting data on the phone.
It also scrubs out and falsifies information that creators say would allow carriers to identify the handset.
Security updates are taken from Google and ported across to the so-called UnaOS, the same process required for all phones other than Mountain View's Nexus line.
"On the UnaPhone Zenith there won't be any possibility for new apps since the whole phone will be completely locked in order to prevent installations that may weaken the OS and threaten privacy and security," documentation states.
"When a new security threat is detected we will patch (via over the air) the system as soon as possible to make sure that vulnerabilities don't affect the OS' integrity and security.
"We will also push updates through OTA for the installed apps, to ensure the user has the latest versions of the apps in use."
The company describes mobile games as "folly" and emphasises that work and play should be separated in order to preserve privacy and security.
Indeed many of the trojanised apps that filter through to the official Google Play store are working games that each are often downloaded by thousands of users.
UnaPhone users can request an app be added to their phone prior to purchase in which case the small team will vet the app for malicious activity and vulnerabilities.
All versions of the phone's secure communications and paid and free VPN services will be released so that users of the UnaPhone can use encrypted calls and text with other handsets including iOS.
The operating system which will later be released open source sports encrypted email through the pre-installed Tutanota app, text, and email.
Its bootloader is locked, as are many other Android handsets, but is different in that attempts to flash a custom ROM would turn the device into "a useless brick".
It has raised US$28,476 from 108 backers and has received 5000 orders at the time of writing.
The launch comes ahead of a A US$14,000 (£9,706, or A$19,352) Android phone pitched as having "military-grade encryption" and being sold to executives.
Established player Blackphone is another outfit to offer a secure and private smartphone, backed by famous crypto wonks, for US$850.
Those wanting security for chump change could install free apps including ProtonMail for email and Signal for the same encrypted communication NSA leaker Edward Snowden uses.
Phones can be further beefed-up with native Android encryption, and by following Edward Snowden's steps and blinding spies by removing the front and rear cameras and internal microphone, using an in-line headphone mic instead. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Privacy Sandbox
- Trusted Platform Module
- Zero trust