Dutch telecommunications company KPN is understandably concerned about security.
And when it comes to security, it all starts with Jaya Baloo, KPN’s chief information security officer. She’s fraud and security expert a formerly employed by Verizon and France Telecom. KPN brought her in to help clean house after a disastrous 2012 hack forced it to shut down email service of two million users.
One of Baloo’s tasks was to ensure that KPN’s CEO Eelco Blok could, for example, securely discuss the details of an acquisition with the head of a Chinese firm. Baloo chose Silent Circle‘s mobile security suite for the job.
Silent Circle was founded by Phil Zimmermann, the inventor of the encryption scheme PGP (Pretty Good Privacy). Baloo and Zimmermann had a chat at an event about the latter’s latest venture, a privacy-preserving smartphone called the Blackphone. Baloo’s role is internal security, not consumer offerings, but she set about persuading KPN’s CEO to make the Dutch carrier the first mobile operator in the world to sell it.
AI Weekly
The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.
Included with VentureBeat Insider and VentureBeat VIP memberships.
KPN ended up ordering several hundred thousand phones, the first of which it will receive in June.
The Blackphone launched Monday at the Mobile World Congress event. It’s billed as a privacy-oriented, premium smartphone for the everyday person.
“Why should you care [about privacy] as a private citizen who is emailing their shopping list or what not?” Blackphone managing director Toby Weir-Jones told VentureBeat. “The reason is it’s not just about an individual evaluation of a single communication, which may be a trifle. It’s about the fact that by losing ownership of your privacy, invisibly, without your knowledge, it becomes much harder to get it back.That loss of privacy is becoming a pain point and we want people to say, ‘You know what? I care about that and I’m going to do something about that.’”
Blackphone is a joint venture between Silent Circle and Spanish smartphone makers Geeksphone. The phone runs an OS called PrivatOS, which is based on Android but includes a number of low-level and app-level changes. The full list of changes will be published and open-sourced after the first phones ship in June. When you first power up the phone, a single provisioning wizard activates all of the subscriptions and bundled applications.
A smart Wi-Fi manager turns wireless on and off dynamically based on whether you are in proximity to a known, trusted hotspot. “Therefore, when you are walking through an airport or down the high street, you are not at risk of your device identifiers being harvested by Wi-Fi beacons, which, of course, is only the first step in correlating your movements and your behaviors,” Weir-Jones said.
It has no restrictions on the applications you can install, but rather than being forced to accept all of an app’s requested permissions or not installing at all, users can select particular ones.
“What users are starting to do in the first part of every review they are writing is complain if there are inappropriate permissions or trackers built into the app,” said Weir-Jones. “Our job is to support that kind of mentality. We need to go in and change slightly how Android enforces permissions so we can get the granular control that we want.”
So you can install a game, for example, but switch off the permission that enables it to collect your GPS location and use it for targeting advertising.
A VPN renders searches on Google and other such engines anonymous. Calls and messaging with other Blackphone and Silent Circle users are encrypted, as are backups. A one-year Silent Circle subscription for three other people in your network comes with the Blackphone.
“You have to understand, for example, why you are using a VPN for your web browser but you don’t need to worry about proxy IPs,” Weir-Jones said. “Similarly, you don’t need to worry about what the cryptography is underneath your private phone call and the dialer looks like a regular phone dialer.”
The Blackphone is $630 on the company’s website. Carriers who will offer it, including KPN, cannot install any of their own code on the phone, a huge change from current industry practice.
Baloo seems unphased. “We are really happy about it,” she said. “It’s not just free from our influence but free from anybody’s influence.”
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More