Erik Prince wants to sell you a secure smartphone thats too good to be true – MIT Technology Review

Prince told investors the UP Phone is built by engineers with deep experience in lawful interception, surveillance, and spoofing capabilities.

While taking various privacy and security enhancements from open source projects, Unplugged president Ryan Paterson told MIT Technology Review via email, Unplugged's proprietary operating system developed their own "enhancements" including "based on knowledge not available to the public (zero-days) and others." A zero-day vulnerability is an unknown security weakness that can be attacked via exploit that can sell for millions of dollars.

Unpluggeds day-to-day technology operations are run by Eran Karpen, a former employee of CommuniTake, the Israeli startup that gave rise to the now infamous hacker-for-hire firm NSO Group. There, Karpen built the IntactPhone, which the company called a military-grade mobile device. Hes also a veteran of Israels Unit 8200, an agency that conducts cyber espionage and is the countrys equivalent of the NSA.

But anyone with that experience should be able to see through Princes claim that the UP Phone is impossible to surveil.

When I worked in US intelligence, we [penetrated] a number of phone companies overseas, says Liska. We were inside those phone companies. We could easily track people based on where they connected to the towers. So when you talk about being impenetrable, thats wrong.

This is a phone, and the way that phones work is they triangulate to cell towers, and there is always latitude and longitude for exactly where youre sitting, he adds. Nothing you do to the phone is going to change that.

The UP Phones operating system, called LibertOS, is a proprietary version of Googles Android, according to an Unplugged spokesperson. It's running on an unclear mix of hardware that a company spokesperson says they've designed on their own. Even just maintaining a unique Android forka version of the operating system that departs from the original, like a fork in the roadis a difficult endeavor that can cost massive money and resources, experts warn. For a small startup, that can be an insurmountable challenge.

There's such a high volume of vulnerabilities that Android is disclosing and patching on an ongoing basis that you really do need to stay on top of all of those, says Richardson. Keeping all the software and hardware compatible with every new version of Android is something that very few companies other than tech giants can effectively do. To deal with that, some niche phones simply dont adopt new Android versionsa cheaper but more dangerous road.

Read the rest here:
Erik Prince wants to sell you a secure smartphone thats too good to be true - MIT Technology Review

Related Posts
This entry was posted in $1$s. Bookmark the permalink.